In South Africa, many consumers remain cautious about whether organisations use their personal information lawfully, responsibly, and only for agreed purposes. The Protection of Personal Information Act, No. 4 of 2013 (POPIA) is South Africa’s data protection law, aligning with global standards such as the General Data Protection Regulation (GDPR) in the European Union and United Kingdom. Together, these laws set a high standard for data privacy, transparency, and accountability.

We, VUMA Software ADCO (Pty) Ltd (herein referred to as the Company), believe that privacy is a fundamental right — one that should never be in question. Our Privacy Policy Statement is built on three core objectives:

1. Respect for consumer privacy.
2. Transparency in how information is processed.
3. Security against cybercrime, data loss, and identity theft.

The Company approaches privacy by focusing on:

• Protecting consumer interactions.
• Ensuring strong data encryption and secure storage.
• Minimising unnecessary data retention.
• Enhancing interoperability of devices and applications.
• Preventing data breaches through proactive monitoring and controls.

We take full responsibility, in terms of POPIA and GDPR, to apply all reasonable measures to safeguard personal information and prevent unauthorised access, misuse, loss, or disclosure.

INTERNATIONAL COMPLIANCE (POPIA & GDPR)

The Company recognises that our clients, partners, and users may be based across different jurisdictions. Therefore, in addition to POPIA, we comply with the principles of the GDPR, ensuring that:

• Lawful processing: Personal data is collected and processed only for legitimate and explicit purposes.
• Data minimisation: Only the information necessary to fulfil the stated purpose is collected.
• Accuracy: We take all reasonable steps to keep personal data accurate and up to date.
• Storage limitation: Personal data is retained only for as long as is necessary.
• Data subject rights: Individuals may request access, correction, deletion, or portability of their personal data.
• Cross-border transfers: Any international transfer of data is safeguarded by appropriate legal, technical, and contractual protections.

COMPANY COMMITMENT

POPIA and GDPR compliance is not only about legal obligation — it is about protecting the rights of the data subject and ensuring security in a rapidly evolving digital landscape.

The Company promotes a culture of data privacy and digital responsibility as a cornerstone of our daily operations. We acknowledge that compliance is not achieved by a single tool, but through:

• Ethical conduct of employees and managers.
• Continuous review and improvement of security systems.
• Ongoing awareness, training, and monitoring.

CONTACT INFORMATION

If you have any questions regarding this Privacy Policy, please contact us:

• Email: info@vuma3d.com
• Website: https://www.vuma3d.com
• Phone: +27 (0) 11 706 9797

This POPIA & GDPR Privacy Policy Statement was last updated: 18 August 2025