Service Refund Policy

ELARA VIRTUAL (PTY) LTD

Elara Virtual (Pty) Ltd Last Updated: December 2025

1. Introduction

Elara Virtual (Pty) Ltd (“we,” “us,” or “our”) is committed to protecting the privacy and security of the personal information we process. This Privacy Policy explains how we collect, use, and safeguard your data in compliance with the Protection of Personal Information Act (POPIA) of South Africa, and international standards such as the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

We collect information that is necessary to provide virtual assistance and systems management services. This may include:

  • Identity Data: Full name, ID/Passport numbers (where required for legal contracts).

  • Contact Data: Email address, phone number, and physical/billing address.

  • Business Data: Company name, registration numbers, and VAT details.

  • System Access Data: Login credentials for third-party platforms (CRM, Zapier, Google Workspace) provided by you for the purpose of service execution.

  • Financial Data: Bank details for payment processing.

3. How We Use Your Information

We process your personal information for the following purposes:

  • Service Delivery: To perform the tasks outlined in our service agreements.

  • Communication: To send project updates, invoices, and administrative notices.

  • Compliance: To meet legal, tax, and accounting obligations under South African law.

  • Improvement: To optimize our workflows and system strategies based on aggregated, de-identified data.

4. Legal Basis for Processing

We process data under the following legal frameworks:

  • Consent: When you explicitly agree to our processing of your data.

  • Contractual Necessity: When processing is required to fulfill our agreement with you.

  • Legal Obligation: When we are required by law (e.g., SARS) to retain records.

  • Legitimate Interest: To ensure the security of our services and prevent fraud.

5. Information Sharing and Disclosure

We do not sell your personal information. We only share data with:

  • Sub-processors: Trusted third-party tools (e.g., cloud storage, accounting software) necessary for our operations.

  • Legal Authorities: If required by law or to protect our legal rights.

  • International Transfers: If you are located outside South Africa, or if we use global cloud services, your data may be transferred across borders. We ensure such transfers have adequate security measures in place.

6. Data Security

We implement strict technical and organizational measures to protect your data, including:

  • Use of encrypted password management tools (e.g., LastPass or 1Password).

  • Two-factor authentication (2FA) on all internal and client-facing systems.

  • Regular audits of access permissions.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including legal or reporting requirements. Under POPIA, you have the right to request the destruction of your data once the service relationship has ended, subject to statutory retention periods.

8. Your Rights

Under POPIA and GDPR, you have the right to:

  1. Access: Request a copy of the personal information we hold about you.

  2. Correction: Request that we update or correct inaccurate information.

  3. Deletion: Request that we erase your personal data (“Right to be Forgotten”).

  4. Objection: Object to the processing of your data for marketing purposes.

  5. Complaint: Lodge a complaint with the South African Information Regulator.

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact our Information Officer:

Information Officer: Mumtaz Ebrahim

Email: hello@elaravirtual.com

Address: Rylands Estate, Cape Town, 7764, South Africa

Elara Virtual (Pty) Ltd