1. Introduction
CoreSync (“CoreSync”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal information.
This Privacy Policy explains how we collect, use, share and protect your personal information when you:
• Visit or use any of our websites and landing pages (“Website”)
• Interact with us via email, social media or events
• Use our products, solutions or services, including demos, trials and support
This Policy is prepared primarily in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA) in South Africa. Where applicable (for example, if you are in the European Economic Area or United Kingdom), we also take into account the General Data Protection Regulation (GDPR).
By using our Website or providing us with your personal information, you agree to the terms of this Privacy Policy.
2. Who we are (Responsible Party)
Responsible Party (POPIA) / Controller (GDPR)
CoreSync
Head Office: Woodmead Willows Office Park,
19B Morris Street East, Woodmead, Sandton, 2191, South Africa
Telephone: +27 11 236 0620
Email: info@coresync.co.za
Information Officer:
In terms of POPIA, our Information Officer is Joe Ferreira
Email: joe.ferreira@signature.co.za
3. Scope of this Privacy Policy
This Privacy Policy applies to:
• Visitors to our Website
• Prospective and existing customers and users of our products and services
• Representatives of our customers, partners and suppliers
• Job applicants who apply via our Website or by email
It does not apply to the privacy practices of third-party websites, services or applications that are linked to, but not controlled by, CoreSync.
4. What personal information we collect
The type of personal information we collect depends on how you interact with us. It may include:
4.1 Information you provide directly
When you complete forms on our Website or contact us, we may collect:
• Name and surname
• Job title and company name
• Business contact details (email address, telephone number, office address)
• Your message and any other information you choose to provide
When you become a customer, we may also collect:
• Billing/contact information for your organisation
• Contract details and correspondence
• User account details for authorised users (name, surname, business email, role, system permissions)
When you subscribe to marketing communications, we may collect:
• Name and surname
• Email address
• Company and role
• Your marketing preferences
When you apply for a job, we may collect:
• CV / résumé and cover letter
• Qualifications and employment history
• Any other information you voluntarily submit as part of the recruitment process
4.2 Information we collect automatically
When you visit our Website, certain information is collected automatically through cookies and similar technologies (see Section 6). This may include:
• IP address and approximate location
• Browser type and version
• Device type and operating system
• Pages visited, links clicked, time and date of visits
• Referring website or campaign (e.g. Google Ads, LinkedIn, Facebook)
4.3 Information we receive from third parties
We may receive limited business contact information from:
• Referrals and business partners
• Event organisers, where you have consented to your details being shared
• Online advertising and lead generation platforms (e.g. Google, LinkedIn, Facebook/Meta), where you have interacted with our ads or forms
We use this information only for legitimate business purposes and in accordance with applicable law.
5. How and why we use your personal information
We process personal information only where we have a lawful basis to do so.
5.1 Purposes of processing
We use your personal information for the following purposes:
- To operate and improve our Website
• To display the Website and ensure its security and performance
• To analyse how visitors use our Website and improve content, navigation and user experience - To respond to your enquiries and requests
• To respond to contact form submissions, demo requests, support queries, partnership enquiries and general questions - To provide our products and services
• To set up and manage your or your organisation’s account
• To provide user access, technical support and customer service
• To manage billing, invoicing and contract administration - To conduct marketing and lead generation
• To send you information about our products, services, events, webinars and thought-leadership that may be relevant to your role
• To run remarketing and targeted advertising campaigns via Google Ads, Facebook/Meta and LinkedIn, based on your Website interactions and cookie data - To comply with legal and regulatory obligations
• To maintain appropriate records for tax, audit and regulatory purposes
• To co-operate with lawful requests from regulators or law enforcement - To protect our rights and manage risk
• To detect, prevent and investigate fraud, abuse, security incidents and other harmful activity
• To enforce our contracts and protect our legal interests
5.2 Legal bases
Under POPIA, we process personal information where:
• It is necessary to carry out actions for the conclusion or performance of a contract with you or your organisation
• It is required by law
• It is in our legitimate interest (for example, to market our services to business contacts, improve our Website, prevent fraud), and not overridden by your rights
• You have given us your consent (for example, for certain types of marketing or optional cookies)
If GDPR applies to you (for example, if you are in the EEA/UK), the legal bases are typically:
• Performance of a contract or taking steps at your request before entering into a contract
• Compliance with a legal obligation
• Legitimate interests (e.g. B2B marketing, security, service improvement)
• Your consent
You may withdraw your consent at any time – see Section 12.
6. Cookies and similar technologies
6.1 What are cookies?
Cookies are small text files placed on your device when you visit our Website. They help us remember your preferences, understand how you use our Website and serve relevant advertising.
Cookies used on our Website generally fall into these categories:
• Strictly necessary cookies – required for the Website to function and for security
• Analytics cookies – help us understand how visitors use the Website and improve it
• Functional cookies – remember your preferences and settings
• Advertising and remarketing cookies – help us show relevant adverts and measure campaign effectiveness
• Social media cookies – enable sharing and engagement via social platforms
6.2 Advertising & remarketing
We may use cookies and pixels from:
• Google Ads & Google Analytics / GA4 – to understand how users interact with our Website and to run remarketing ads to people who have visited our site or completed certain actions
• Facebook/Meta Pixel – to measure conversions and create custom audiences for ads on Facebook and Instagram
• LinkedIn Insight Tag – to measure campaign performance and show relevant ads to LinkedIn members who have visited our Website
These tools allow us to show advertising that may be more relevant to you, based on your previous interactions with our Website and ads.
You can usually control interest-based advertising via the relevant platform settings (e.g. your Google, Meta or LinkedIn ad preferences) and via cookie choices on our Website.
6.3 Managing cookies
You can:
• Change your browser settings to block or delete cookies; and
• (Where implemented) use our on-site cookie banner / preferences centre to accept or reject non-essential cookies.
Please note that blocking some cookies may impact certain Website features or functionality.
7. Direct marketing and your choices
We may use your business contact details to send you information about our products, services, events and content that may be relevant to you or your organisation.
Under POPIA and direct marketing rules in South Africa, we will:
• Obtain consent where required; and
• Provide you with a simple way to opt out of marketing at any time (for example, an unsubscribe link in emails or by emailing us at info@coresync.co.za).
If you opt out, we may still send you non-marketing communications such as important service, security or billing notices.
8. How we share your personal information
We do not sell your personal information.
We may share your information with:
- Service providers / operators
Trusted third-party service providers who assist us in operating our business and delivering our services, for example:
• Website hosting and security providers
• Email, marketing and CRM platforms
• Analytics and advertising partners (such as Google, Meta and LinkedIn)
• IT, support and advisory providers These parties are only allowed to process personal information on our instructions and must protect it appropriately. - Business partners and resellers
Where it is necessary to respond to your request, fulfil a contract or support a joint solution, we may share your details with relevant partners (for example, a regional implementation partner). - Legal and regulatory authorities
Where required by law or regulation, or to protect our legal rights, we may share information with law enforcement, regulators or legal advisors. - Corporate transactions
In the context of a merger, acquisition, reorganisation or sale of assets, your information may be transferred as part of the transaction. We will ensure any recipient is bound by appropriate confidentiality and privacy commitments.
9. Cross-border transfers
CoreSync is based in South Africa, but some of our service providers or group companies may be located in other countries.
Where we transfer personal information across borders, we will:
• Ensure that the recipient is subject to a law, binding corporate rules or contractual obligations that provide an adequate level of protection; or
• Obtain your consent, where required by law.
If GDPR applies to you, we will use appropriate safeguards such as standard contractual clauses or rely on adequacy decisions issued by the European Commission for the relevant country.
10. How we protect your personal information
We have implemented appropriate technical and organisational security measures to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
These measures may include:
• Secure servers and firewalls
• Encryption in transit (e.g. HTTPS/TLS)
• Access controls and role-based permissions
• Regular back-ups and monitoring
• Internal policies, confidentiality undertakings and staff awareness
However, no system can be guaranteed as completely secure. You are responsible for keeping your account credentials secure and notifying us promptly if you suspect any unauthorised access to your account.
11. How long we keep your information
We retain personal information only for as long as reasonably necessary to:
• Fulfil the purposes outlined in this Privacy Policy
• Comply with legal, regulatory, tax or accounting requirements
• Resolve disputes and enforce our agreements
Retention periods vary depending on the type of information and the context. After the applicable retention period, we will delete or anonymise the information, unless we are required by law to keep it longer.
12. Your rights
12.1 Your rights under POPIA (South Africa)
Under POPIA you have the right, subject to certain limitations, to:
• Be informed that your personal information is being collected
• Access the personal information we hold about you
• Request correction or deletion of personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or unlawfully obtained
• Object to processing, including for direct marketing
• Withdraw your consent where processing is based on consent
• Submit a complaint to the Information Regulator (see Section 13.3)
You may exercise these rights by contacting us at info@coresync.co.za. We may need to verify your identity before acting on your request.
12.2 Your rights under GDPR (if applicable)
If GDPR applies to you, you may also have the following rights:
• Right of access to your personal data
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to object to processing, including for direct marketing
• Right not to be subject to a decision based solely on automated processing, including profiling
To exercise these rights, please contact us using the details in Section 2.
13. Complaints and contact details
13.1 Contacting us
If you have any questions about this Privacy Policy or how we handle your personal information, or if you wish to exercise your rights, please contact:
CoreSync – Information Officer
Email: joe.ferreira@signature.co.za
Physical address: Woodmead Willows Office Park, 19B Morris St E, Woodmead, Sandton, 2191, South Africa
13.2 If you are not satisfied
We encourage you to contact us first so we can try to resolve your concern.
13.3 Information Regulator (South Africa)
If you believe we are not handling your personal information lawfully, you have the right to lodge a complaint with the Information Regulator (South Africa):
Information Regulator (South Africa)
Physical address: Woodmead Office Park, 54 Maxwell Drive, Woodmead, Johannesburg
Tel: 010 023 5200
Email (POPIA complaints): POPIAComplaints@inforegulator.org.za
Website: https://inforegulator.org.za
If GDPR applies to you, you may also lodge a complaint with your local data protection authority in the EEA/UK.
14. Third-party websites and social media
Our Website may contain links to third-party websites or plug-ins (for example, LinkedIn, Facebook/Meta, YouTube). We are not responsible for the privacy practices of those third parties.
We encourage you to read the privacy policies of every website and service you visit or use.
15. Children
Our Website and services are not intended for children and we do not knowingly collect personal information about children. If you believe a child has provided us with personal information, please contact us so that we can delete it where required.
16. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business, technology or legal requirements.
When we do, we will:
• Post the updated version on our Website, and
• Update the “Last updated” date below.
We encourage you to review this page periodically to stay informed about how we protect your personal information.
Last updated: 10 November 2025

