Effective Date: 19 February 2025

Introduction

Lightmode ("we", "us", or "our") is committed to protecting the privacy and personal information of our users. This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with the Protection of Personal Information Act 4 of 2013 ("POPIA") and other applicable South African legislation.

This policy applies to all personal information collected through our website at https://lightmode.co.za and any digital products and services we operate.

Responsible Party

In terms of POPIA, the responsible party for the processing of your personal information is:

Lightmode
Email: [email protected]
Website: https://lightmode.co.za

Information We Collect

We may collect the following categories of personal information:

Information you provide directly:

  • Name, email address, and any other details submitted via our contact form or when creating an account.
  • Any correspondence or communication you send to us.

Information collected automatically:

  • IP address, browser type and version, operating system, and device information.
  • Pages visited, time spent on pages, referral sources, and other browsing behaviour on our website.
  • Log files generated as part of standard web server operations.

Cookies and similar technologies:

  • We use cookies and similar tracking technologies to improve your experience. See Section 7 below for more detail.

Purpose of Processing

We process your personal information for the following purposes, in accordance with Section 13 of POPIA:

  • To provide, maintain, and improve our Services.
  • To respond to enquiries submitted through our contact form.
  • To process transactions (via our designated payment processor).
  • To send service-related communications, such as account notifications or important updates.
  • To analyse website usage and trends in order to improve user experience.
  • To comply with legal obligations.

We will only process your personal information where we have a lawful basis to do so, including your consent, contractual necessity, legal obligation, or our legitimate interests.

Third-Party Services

We share personal information with the following third-party service providers, each of which has its own privacy policy governing the use of your data:

  • Third-party payment processor — acts as the Merchant of Record for all paid transactions, processing payment information, managing invoicing, and handling applicable taxes. Refer to the payment processor's own privacy policy for details.
  • Google Analytics / Google Tag Manager — used for website analytics and tracking to understand how visitors use our site. Refer to Google's Privacy Policy.
  • Facebook SDK — used for analytics and advertising measurement. Refer to Meta's Privacy Policy.

We do not sell your personal information to third parties.

Cookies

Our website uses cookies — small text files stored on your device — to enhance functionality and analyse usage. The types of cookies we use include:

  • Essential cookies: Required for the website to function correctly.
  • Analytics cookies: Used to collect anonymous usage data via Google Analytics.
  • Third-party cookies: Set by services such as Facebook SDK and Google Tag Manager for advertising and analytics purposes.

You can manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

Data Subject Rights Under POPIA

As a data subject, you have the following rights under POPIA:

  • Right of access: You may request confirmation of whether we hold personal information about you and request access to that information.
  • Right to correction: You may request that we correct or update inaccurate or incomplete personal information.
  • Right to deletion: You may request that we delete your personal information, subject to legal retention requirements.
  • Right to object: You may object to the processing of your personal information on reasonable grounds.
  • Right to complain: You have the right to lodge a complaint with the Information Regulator if you believe your personal information has been mishandled.

To exercise any of these rights, please contact us at [email protected]. We will respond within a reasonable time, and no later than the timeframes prescribed by POPIA.

Data Retention

We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. When personal information is no longer needed, we will securely delete or de-identify it.

Children's Privacy

Our Services are not directed at children under the age of 18. We do not knowingly collect personal information from children under 18 without verifiable parental or guardian consent, as required by POPIA. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information promptly.

International Data Transfers

Some of our third-party service providers (including our payment processor, Google, and Meta) may process your data outside of the Republic of South Africa. In such cases, we ensure that transfers comply with Section 72 of POPIA, which requires that the recipient country has adequate data protection laws, or that appropriate safeguards (such as binding agreements) are in place.

Security Measures

In accordance with Section 19 of POPIA, we take reasonable technical and organisational measures to protect your personal information against loss, unauthorised access, misuse, alteration, or destruction. These measures include the use of encrypted connections (HTTPS), secure hosting environments, and access controls.

While we take all reasonable steps to protect your information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

Information Regulator

If you have concerns about how your personal information is being handled, you may contact the South African Information Regulator:

The Information Regulator (South Africa)
Email: [email protected]
Website: https://inforegulator.org.za

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data subject rights, please contact us at:

[email protected]