Privacy Policy
1. Introduction
Rubicon Interactive ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our website, services, and business operations.
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.
2. Information We Collect
2.1 Information You Provide
- Contact Information: Name, email address, phone number, company name, and project details provided through contact forms or direct communication
- Service Engagement Information: Technical requirements, business objectives, existing systems architecture, and other project-specific data shared during consulting or development engagements
- Communication Data: Email correspondence, meeting notes, feedback, and other communications related to service delivery
- Payment Information: Billing address, payment method details (processed securely through third-party payment processors; we do not store full credit card information)
2.2 Information Collected Automatically
- Website Usage Data: Pages visited, time spent on site, referral sources, and browsing patterns (via standard web analytics)
- Device Information: IP address, browser type, operating system, and device identifiers
- Cookies: Small text files stored on your device to remember preferences and improve user experience
2.3 Information from Third Parties
We may receive information about you from third-party sources such as business referral partners, publicly available business directories, or data enrichment services to better serve your needs.
3. How We Use Your Information
We use collected information for the following purposes:
- Delivering and improving our services
- Responding to inquiries and providing customer support
- Processing payments and managing billing
- Sending service-related announcements and updates
- Conducting project delivery and consulting engagements
- Analyzing usage patterns to improve our website and services
- Complying with legal obligations and enforcing agreements
- Preventing fraud and security threats
- Marketing and business development (only where you have consented)
4. Legal Basis for Processing
We process personal data under the following legal bases:
- Contract Performance: Processing necessary to perform our services and fulfill our contractual obligations
- Legitimate Interests: Processing for business purposes such as fraud prevention, analytics, and service improvement
- Legal Compliance: Processing required by law, regulation, or court order
- Consent: Where you have explicitly consented to specific processing activities (e.g., marketing communications)
5. Information Sharing & Disclosure
5.1 Third-Party Service Providers
We may share information with trusted third-party service providers who assist in our operations, including:
- Payment processors and financial institutions
- Cloud hosting and infrastructure providers
- Email and communication platforms
- Analytics providers
- Legal and accounting professionals
All service providers are contractually bound to use information solely for providing services to us and to maintain appropriate data security measures.
5.2 Business Transfers
In the event of a merger, acquisition, or sale of company assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.
5.3 Legal Requirements
We may disclose information if required by law, regulation, court order, or government request, or if we believe such disclosure is necessary to protect our rights, your safety, or the public interest.
5.4 No Sale of Personal Data
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.
6. Data Retention
We retain personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. Specific retention periods depend on the type of information and legal requirements:
- Client Account Information: Retained for the duration of the engagement plus 7 years (for accounting and tax purposes)
- Communications: Retained for the duration of the engagement plus 1 year
- Website Analytics: Retained for 24 months unless otherwise configured
- Email Inquiries: Retained for 2 years unless you request deletion
You may request deletion of your information at any time, subject to legal and contractual obligations to retain certain records.
7. Data Security
We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:
- Encryption of data in transit (SSL/TLS) and at rest
- Secure password policies and access controls
- Regular security audits and vulnerability assessments
- Employee confidentiality and data protection training
- Restricted access to personal information on a need-to-know basis
Despite our security efforts, no system is completely secure. We cannot guarantee absolute security of your information. If you believe your information has been compromised, please contact us immediately.
8. Cookies & Tracking Technologies
8.1 Types of Cookies
- Essential Cookies: Required for site functionality (security, session management)
- Performance Cookies: Help us understand how visitors use our site (analytics)
- Preference Cookies: Remember your choices and settings
- Marketing Cookies: Used for retargeting and advertising (if you consent)
8.2 Your Cookie Choices
Most web browsers allow you to control cookies through browser settings. You can set your browser to refuse cookies or alert you when cookies are being sent. Note that disabling cookies may affect website functionality.
9. Your Privacy Rights
9.1 Access & Portability
You have the right to request access to your personal information and, where applicable, receive a copy in a portable, machine-readable format.
9.2 Correction & Deletion
You may request correction of inaccurate information or deletion of your personal data, subject to legal and contractual obligations to retain certain records for accounting, tax, or compliance purposes.
9.3 Opt-Out
You may opt out of marketing communications by clicking the "unsubscribe" link in any email or by contacting us directly.
9.4 Withdrawal of Consent
Where processing is based on your consent, you may withdraw consent at any time. This does not affect the lawfulness of processing prior to withdrawal.
9.5 How to Exercise Your Rights
To exercise any of these rights, please contact us at: services@rubiconinteractive.co.za
We will respond to verified requests within 30 days (or as required by applicable law). We may require proof of identity to verify your request.
10. International Data Transfers
Your information may be transferred to, stored in, and processed in countries other than your country of residence, including countries that may not have the same data protection laws. By using our services, you consent to such transfers.
When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) or other mechanisms approved under applicable data protection laws.
11. Third-Party Links & Services
Our website and services may contain links to third-party websites and services not operated by us. This Privacy Policy does not apply to third-party sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing your information.
12. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information and terminate the child's account.
13. Compliance with Privacy Laws
We comply with applicable privacy and data protection laws, including:
- General Data Protection Regulation (GDPR) for EU residents
- California Consumer Privacy Act (CCPA) for California residents
- Protection of Personal Information Act (POPIA) for South Africa
- Other local and international privacy regulations
If you are a resident of a jurisdiction with specific privacy rights, those rights apply to your information.
14. Data Processing Agreement (DPA)
For clients requiring enhanced data protection compliance (e.g., processing personal data on behalf of data subjects), we can execute a Data Processing Agreement. Please contact us to request a DPA.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Changes are effective upon posting to our website. Continued use of our services following changes constitutes your acceptance of the updated Privacy Policy.
We will provide notice of significant changes via email or a prominent notice on our website.
16. Contact Us
If you have questions about this Privacy Policy, your personal information, or our privacy practices, please contact us:
- Email: services@rubiconinteractive.co.za
- Company: Rubicon Interactive
- Location: South Africa
We will respond to your inquiry within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.