Get in Touch
Close

Contacts

20 Charles De Gaulle Cres, Highveld, Centurion, 0157

+27 11 0141778

[email protected]

Get in Touch
Get in Touch

Privacy Policy for XContent Business Solutions Website

Last Updated: July 30, 2025

At XContent (“we,” “us,” or “our”), we are committed to protecting your privacy and ensuring the security of any personal information we process. This Privacy Policy explains how we collect, use, disclose, and protect personal data through our website, https://xcontent.com (the “Website”), in compliance with the General Data Protection Regulation (GDPR) and the Protection of Personal Information Act (POPIA). We only collect data typically associated with Google Analytics and similar analytics tools, as described below.

1. Who We Are

XContent is the operator of the Website. We act as the data controller (under GDPR) or responsible party (under POPIA) for the personal data we process. You can contact us at:

XContent
Email: [email protected]

2. Personal Data We Collect

We collect limited personal data through Google Analytics and similar analytics tools, including:

  • Technical Data: IP address, browser type, device information (e.g., device model, operating system), and other technical details collected automatically when you visit our Website.
  • Usage Data: Information about how you interact with our Website, such as pages visited, time spent, links clicked, and referral sources.

We do not collect personal data such as names, email addresses, or other identifiers unless you voluntarily provide them (e.g., through a contact form, which we do not currently use).

How We Collect Data:

  • Automated Technologies: We use cookies and similar tracking technologies (e.g., Google Analytics) to collect technical and usage data.
  • Third-Party Services: Google Analytics processes data on our behalf to provide insights into Website performance.

3. Legal Basis for Processing (GDPR)

We process personal data under the following legal bases as required by GDPR:

  • Legitimate Interests: To analyze Website usage, improve functionality, and ensure security, provided these interests do not override your rights.
  • Consent: Where required (e.g., for non-essential cookies), we obtain your consent via our cookie banner.
  • Legal Obligation: To comply with applicable laws or regulations.

4. Purposes of Processing

We use the collected data to:

  • Analyze Website performance and user behavior to improve content and functionality.
  • Monitor and enhance the security of our Website.
  • Generate aggregated, anonymized reports on Website usage.
  • Comply with legal and regulatory requirements.

5. Data Sharing and Disclosure

We may share your personal data with:

  • Service Providers: Third-party analytics providers like Google Analytics, acting as data processors (GDPR) or operators (POPIA) under our instructions.
  • Legal Authorities: When required by law or to protect our rights, safety, or property.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a third party.

We ensure that any third party complies with GDPR and POPIA requirements, including appropriate data protection agreements. Google Analytics may process data in the United States or other regions, subject to their privacy policies.

6. International Data Transfers

If you are located in the European Economic Area (EEA), your personal data (e.g., via Google Analytics) may be transferred to countries outside the EEA, such as the United States. We ensure compliance with GDPR through:

  • Standard Contractual Clauses (SCCs) or other safeguards as required.
  • Reliance on third-party providers’ compliance mechanisms (e.g., Google’s Data Processing Terms).

For POPIA compliance, we ensure cross-border transfers meet Section 72 of POPIA, such as ensuring equivalent protection in the receiving country or obtaining your consent where necessary.

7. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy or to comply with legal obligations. For example:

  • Technical and usage data (e.g., Google Analytics data) is retained for up to 26 months, as per Google Analytics’ default retention settings, after which it is anonymized or deleted.
  • Server logs are retained for [specify period, e.g., 12 months] for security purposes.

When data is no longer needed, we securely delete or anonymize it.

8. Your Rights

Under GDPR and POPIA, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your data, subject to legal exceptions.
  • Restriction: Restrict processing of your data in certain circumstances.
  • Data Portability: Receive your data in a structured, commonly used format (where applicable).
  • Object: Object to processing based on legitimate interests or for analytics purposes.
  • Withdraw Consent: Withdraw consent for non-essential cookies or other processing at any time.
  • Lodge a Complaint: Contact a supervisory authority (e.g., the Information Regulator in South Africa or an EU data protection authority).

To exercise these rights, contact us at [email protected]. We will respond within 30 days (GDPR) or as soon as reasonably possible (POPIA). Note that some rights may be limited for anonymized or aggregated data.

9. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., Google Analytics cookies) to collect technical and usage data. These include:

  • Essential Cookies: Necessary for Website functionality and security.
  • Analytics Cookies: Used to understand how visitors interact with our Website.

You can manage your cookie preferences through our Website’s cookie banner or your browser settings. For more details, see our Cookie Policy.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute security.

11. Children’s Privacy

Our Website is not intended for individuals under 16 (GDPR) or 18 (POPIA). We do not knowingly collect personal data from children. If we become aware of such data, we will delete it immediately.

12. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our Website or, where required, by direct communication. The “Last Updated” date at the top indicates the latest revision.

13. Contact Us

If you have questions, concerns, or requests regarding your personal data, please contact our Data Protection Officer at:

XContent Business Solutions
Email: [email protected]

Recent Posts