Privacy Policy
Last Updated: January 15, 2026
1. Who We Are / Data Controller
Scale Museum Daffodil is a premier provider of tech-focused legal consulting services based in South Africa. Our registered legal office and operational headquarters are situated at 19 Trinity Close, Paulshof, Sandton, 2191, South Africa. If you have any inquiries regarding data protection and system safety, please reach out to us directly at [email protected] or via phone at +27 76 172 1198.
2. Scope of This Policy
This privacy notice is designed to establish a transparent approach toward managing user information. It applies directly to data captured on this website and in subsequent advisory interactions. Our handling processes conform to the Protection of Personal Information Act (POPIA) of South Africa, alongside relevant local guidelines on digital communication privacy.
3. What Personal Data We Collect
We process several types of identifiable operational information for service execution:
- Communications Data: Names, operational emails, telephone numbers, and inquiry details submitted voluntarily via the online contact form.
- Automated Telemetry Data: IP addresses, browsing patterns, session lengths, browser models, and geolocation data.
- Cookie Identifiers: Data points that track consent choices and record basic system functional parameters.
4. Purposes and Legal Basis of Processing
We utilize structured processes for legal grounds in accordance with South Africa's POPIA legislation:
| Processing Goal | Collected Attributes | Operational POPIA Basis |
|---|---|---|
| Responding to contact entries | Name, Email, Message, Phone | Consent (Section 11(1)(a)) & Legitimate Interest |
| Improving security & web performance | IP address, cookies, system telemetry | Legitimate Business operations (Section 11(1)(f)) |
| Fulfilling legal obligations | Registration IDs, billing transaction metrics | Statutory compliance obligations (Section 11(1)(c)) |
5. Cookie Settings & Google Consent Mode v2
We utilize the advanced structure of Google Consent Mode v2 to respect user choices. Until you proactively tick the acceptance checkboxes within our persistent Cookie Consent Banner, advertising and tracking triggers remain locked in a 'denied' mode. Essential security and storage capabilities are granted immediately to keep this portal functional.
6. Data Sharing with Third Parties
We never rent, trade, or distribute your email database or contact entries to marketing brokers. Essential components of system transactions are sometimes processed through external software providers (such as hosting servers, database platforms, and Google web analytics) when authorized under data transfer security parameters. Data disclosure may also occur if requested in accordance with South African law.
7. Cross-Border Data Transfers
Since we interact with cloud infrastructures, information could occasionally be saved on server networks resting outside South Africa. In all instances, we utilize proper contractual checks and technical encryption safeguards, protecting resources consistently across all boundaries.
8. Retention Periods
We store personal data for as long as necessary to complete commercial consultations, protect legitimate business interests, or comply with statutory retention terms (such as tax compliance structures).
9. Your Legal Rights
In accordance with POPIA provisions of South Africa, you maintain specific rights over your raw information records:
- The right to request verification of stored datasets.
- The right to request immediate correction or deletion of outdated attributes.
- The right to challenge automated marketing practices.
- The right to file formal complaints with the Information Regulator of South Africa.
For escalation of issues, contact the Information Regulator of South Africa (POPIA Authority) at [email protected] or visit their official headquarters in Johannesburg.
10. Data Protection Measures
We utilize secure server infrastructures, automated database access limits, and SSL transmission certificates to guard against data corruption, loss, or unauthorized modifications.
11. Protection of Children
Consistent with POPIA rules regarding minors under the age of 18, we never knowingly request or gather data points from youth audiences. If we identify that a minor's information has been collected, it is immediately expunged from our database.
12. External Website Links
This portal could contain hyperlinks pointing to external websites. We do not assume responsibility for the subsequent data privacy protocols of those external domains.
13. Changes to This Privacy Notice
We occasionally update this documentation to represent evolving system requirements. Check this page frequently to view changes.
14. Contact Us
For updates or queries, email our designated privacy team at [email protected].