HR and recruitment outsourcing solutions for startups and young business owners to grow their businesses to the next level.

Privacy Policy

Home Privacy Policy

Privacy Policy for SALB HRM

Last updated: 1 October 2025

1. Introduction

SALB HRM (“we,” “us,” “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard your personal information when you interact with us (e.g. via our website www.salbhrm.co.za, by email, in person, or by other means) and your rights regarding that information.

We comply with South Africa’s Protection of Personal Information Act, 2013 (“POPIA”), as well as related applicable rules and regulations. POPIA regulates how personal information may be processed, stored, and transferred. (Government of South Africa)

By using our services or website, or providing us with personal information, you accept the practices described in this Privacy Policy.

2. Definitions

Term Meaning
Personal Information Any information relating to an identifiable, living natural person, or where applicable, an identifiable juristic entity, including but not limited to names, contact details, identity numbers, employment history, biometric data, etc. (Government of South Africa)
Processing Any operation or activity (automated or not) concerning personal information, including collection, storage, usage, disclosure, destruction, etc.
Responsible Party SALB HRM, the entity which determines the purposes and means of processing personal information.
Data Subject The person to whom the personal information relates.
Consent Voluntary, specific, and informed expression of will in terms of which permission is given for the processing of personal information.

3. Information We Collect

We may collect and process the following categories of personal information, depending on how you interact with us:

  1. Contact & identity details — your name, title, identity number, job title, company name, telephone numbers, email address, postal address, etc.
  2. Professional / HR information — your employment history, qualifications, CV, references, salary information, benefits, performance records, and other HR-related details.
  3. Usage & technical data — when you use our website, we may collect data about your device, IP address, browser type, pages viewed, time stamps, cookies or similar tracking technologies, and how you navigate through the site.
  4. Communications data — records of correspondence (emails, messages, phone calls) you send or receive when interacting with us.
  5. Sensitive personal information (if applicable) — for example, in HR assessments, we may collect information such as health data, disability status, criminal records, or biometric data (if strictly necessary), but only when lawful and with your explicit consent or another legal basis.
  6. Other information — any additional information you voluntarily provide to us (e.g. via forms, surveys, job applications, feedback).

We collect information directly from you when you provide it (e.g. via application forms, emails). In limited cases, we may collect information from third parties (e.g. referees, publicly available sources, recruitment agencies), or through automated means (e.g. cookies). We endeavour to inform you at or before collection about the source and purpose.

4. Purposes & Legal Bases for Processing

We will use your personal information only for purposes that are lawful, relevant, and limited to what is necessary. Some of the purposes include:

  • To evaluate, negotiate, and manage HR consulting engagements, including proposals, contracts, delivery, and reporting
  • To provide you with services, respond to your requests, inquiries, or support needs
  • To communicate with you (e.g. updates, newsletters, event notifications) — with your consent, where required
  • To perform due diligence, assessments, audits, or compliance checks in relation to clients or partners
  • To comply with legal, regulatory, or contractual obligations
  • For record-keeping, billing, accounting, and auditing
  • For statistical analysis, research, and internal improvements (while aggregated or anonymized where possible)
  • To detect, prevent, or respond to fraud, misuse, or security incidents
  • To enforce our rights (e.g. collection, legal claims)

Under POPIA, processing is permitted only if one or more legal justifications apply, such as consent, performance of a contract, compliance with a legal obligation, protection of legitimate interests, or other grounds recognized by POPIA.

If any processing falls outside these purposes, we will seek your consent or otherwise justify the processing under applicable law.

5. Cookies & Tracking Technologies

Our website may use cookies, web beacons, similar tracking technologies, or third-party services to collect usage and technical data. Cookies are small text files stored on your device.

  • Essential cookies are necessary for site functionality (e.g. logging in, navigation).
  • Performance and analytics cookies help us understand how visitors use the site (e.g. pages visited, time spent) so we can improve the user experience.
  • Marketing / advertising cookies may track your activities on the site and across sites to provide you with targeted marketing.

You may manage or disable cookies via your browser settings or via a cookie preference tool (if available). Disabling or deleting cookies may, however, limit certain features or functionality of the website.

Because cookies may qualify as “personal identifiers” under POPIA, we ensure compliance by, where required, obtaining your informed consent and providing transparency about their use.

6. Disclosure & Sharing of Personal Information

We may share your personal information with:

  • Service providers and contractors who assist us with operations (e.g. IT, hosting, analytics, professional advisors). We only share what is necessary, and require that they safeguard the data under contracts.
  • Clients or third parties where needed in connection with a HR consulting engagement (subject to confidentiality obligations).
  • Legal, regulatory, or government authorities, if required by law or for lawful compliance (e.g. for audits, investigations, court orders).
  • Successors or assigns in case of a corporate transaction (merger, sale, reorganization), with appropriate safeguards.
  • Other recipients with your consent or direction.

We do not sell your personal information to third parties for marketing or other purposes.

7. Cross-Border Transfers

If we transfer personal information outside South Africa, we ensure that the recipient country provides an adequate level of protection or that appropriate safeguards (e.g. standard contractual clauses, binding corporate rules, explicit consent) are in place, in compliance with POPIA’s cross-border transfer conditions.

8. Data Security

We implement reasonable technical, organizational, and administrative safeguards to protect personal information from loss, unauthorized access, damage, disclosure, or destruction. These may include:

  • Encryption of data in transit and at rest
  • Access controls, authentication, and role-based access
  • Regular security audits, vulnerability assessments, and monitoring
  • Physical security measures (e.g. secure premises, restricted access)
  • Secure backup and disaster recovery procedures
  • Policies and training of staff on data protection and confidentiality

In the event of a data breach (a “security compromise”) that poses a risk of harm to data subjects, we will notify the affected individuals and the South African Information Regulator via the eServices portal or as required under law, without undue delay.

9. Data Retention & Deletion

We will retain personal information for as long as necessary to fulfill the purposes for which it was collected, or as required by law, or to defend legal claims. Where no longer needed, we will securely delete, anonymize, or destroy the information.

We aim to minimize retention and periodically review our records to ensure that personal data not needed is disposed of securely.

10. Your Rights

Under POPIA, you (as a data subject) generally have the following rights:

  • Right to be notified that your personal information is being collected or processed
  • Right of access to the personal information we hold about you
  • Right to correct, update, or delete your personal information (where applicable)
  • Right to object to processing on reasonable grounds
  • Right to withdraw consent, where the processing is based on consent
  • Right to restrict or block processing in certain circumstances
  • Right to data portability (in certain contexts)
  • Right to complain to the South African Information Regulator if you believe your rights are infringed

To exercise these rights, you may contact us (see Section 12). We may require proof of identity to safeguard your privacy and legal rights.

11. Direct Marketing & Unsolicited Communications

If we send you marketing communications (e.g. newsletters, offers, event invites), we will do so only if you have provided consent or where otherwise legally permitted. You may opt out or unsubscribe at any time by following the instructions in the communication or contacting us directly.

You also have the right not to have your personal information used for direct marketing, and to object to profiling for direct marketing.

12. Contact & Complaints

If you have questions, concerns, or wish to exercise your rights, you may contact us:

SALB HRM
Address: [Your physical address] Email: info@salbhrm.co.za
Telephone: +27 66 4963471‬

Information Officer / Deputy Information Officer: Muriel Mutseriwa

If you believe we have infringed your privacy rights or violated this Privacy Policy, you may lodge a complaint with the Information Regulator of South Africa in addition to contacting us.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time (e.g. to reflect changes in our business, legal requirements, or data practices). The “Last updated” date will indicate when the policy was last revised. We encourage you to review the policy periodically to stay informed.

14. Miscellaneous

  • If any provision in this Policy is found invalid or unenforceable, it will be severed without affecting the remaining provisions.
  • This Privacy Policy is part of and should be read together with any other agreements you have with SALB HRM (e.g. service contracts, consulting agreements).
  • Nothing in this Policy limits or reduces your rights under applicable law.