Privacy Policy

Please read carefully

This Privacy Policy explains how IROAS Payments Academy ("IROAS", "we", "our", or "us") collects,
uses, stores, shares, and protects personal information in accordance with the Protection of
Personal Information Act, 2013 (POPIA) of South Africa and other applicable laws.
By accessing our website, enrolling in our training programmes, attending our events, or using our
services, you consent to the processing of your personal information as described in this Privacy
Policy.

1. Who We Are
IROAS Payments Academy is a professional training and capacity-building institution focused on
payments, fintech, digital transformation, financial services, and professional development
programmes.
For the purposes of POPIA, IROAS Payments Academy acts as the Responsible Party in relation to the
personal information collected through this website and related services.

2. Personal Information We Collect
We may collect and process the following information:
Personal and Contact Information
•Full name
•Identity or passport number (where required)
•Email address
•Telephone number
•Residential or business address
•Company name and position
•Professional qualifications and employment details
Payment Information
•Billing information
•Transaction records
•Payment confirmations
Please note that payment card information is processed through secure third-party payment
providers and is not stored on our servers.
Educational and Training Information
•Course registrations
•Attendance records
•Assessment results

•Certifications obtained
•Feedback and survey responses
Technical Information
•IP address
•Device information
•Browser type
•Website activity logs
•Cookie and analytics data

3. Purpose of Processing Personal Information
We process personal information to:
•Register participants for courses and events
•Deliver training programmes and certifications
•Verify learner identity
•Process payments and issue invoices
•Provide customer support
•Communicate course-related information
•Improve our services and website performance
•Conduct research and statistical analysis
•Meet legal and regulatory requirements
•Protect our systems and prevent fraud
•Send marketing communications where permitted by law

4. Lawful Basis for Processing
Under POPIA, we process personal information based on one or more of the following grounds:
•Consent from the data subject
•Performance of a contract
•Compliance with legal obligations
•Legitimate business interests
•Protection of a legitimate interest of the data subject

5. Direct Marketing
IROAS Payments Academy may send information regarding:
•Upcoming training programmes
•Conferences and events
•Industry updates
•Newsletters
•Professional development opportunities
Where required by law, we will obtain your consent before sending marketing communications.
You may opt out at any time by clicking the unsubscribe link in our communications or contacting us
directly.

6. Sharing of Personal Information
We may share personal information with:
•Accreditation and certification bodies
•Training facilitators and assessors
•Payment service providers
•Cloud hosting and technology providers
•Professional service providers
•Government authorities or regulators where required by law
All third parties are required to process personal information in accordance with applicable data
protection laws and confidentiality obligations.
We do not sell personal information to third parties.

7. International Transfers
Where personal information is transferred outside South Africa, IROAS Payments Academy will
ensure that:
•The recipient is subject to laws or agreements providing adequate protection; or
•Appropriate safeguards are implemented in accordance with POPIA.

8. Information Security
We take reasonable technical and organisational measures to safeguard personal information
against:
•Loss
•Misuse
•Unauthorised access
•Unauthorised disclosure
•Alteration
•Destruction
Security measures include access controls, encryption where appropriate, secure hosting
environments, and regular monitoring of our systems.

9. Data Retention
Personal information will only be retained for as long as necessary to:
•Fulfil the purpose for which it was collected
•Maintain learner and certification records
•Meet legal, tax, accounting, and regulatory requirements
•Resolve disputes and enforce agreements
Once no longer required, information will be securely deleted or anonymised.

10. Cookies and Website Analytics
Our website uses cookies and similar technologies to:
•Improve user experience
•Remember user preferences
•Monitor website performance
•Analyse visitor behaviour
•Enhance website security
Users may disable cookies through their browser settings; however, some website features may not
function properly.

11. Your Rights Under POPIA
As a data subject, you have the right to:
•Access your personal information
•Request correction of inaccurate information
•Request deletion of personal information where appropriate
•Object to processing in certain circumstances
•Withdraw consent at any time
•Lodge a complaint with the Information Regulator
•Request details of third parties with whom information has been shared
Requests may be submitted using the contact details below.

12. Special Personal Information
IROAS Payments Academy does not intentionally collect or process special personal information as
defined under POPIA unless:
•Required by law;
•Necessary for certification purposes; or
•Explicit consent has been obtained.

13. Children's Information
Our services are intended for individuals aged 18 years and older. We do not knowingly collect
personal information from children without the consent of a parent or legal guardian and where
permitted by law.

14. Breach Notification
In the event of a security compromise affecting personal information, IROAS Payments Academy will
take appropriate remedial measures and notify affected individuals and the Information Regulator
where required under POPIA.

15. Changes to this Privacy Policy
We reserve the right to amend this Privacy Policy from time to time. Any updates will be published
on our website together with the revised effective date.
Continued use of our website and services after changes are posted constitutes acceptance of the
revised Privacy Policy.

16. Complaints to the Information Regulator
If you believe that your personal information has been processed unlawfully, you may lodge a
complaint with:
Information Regulator (South Africa)
JD House, 27 Stiemens Street​
Braamfontein, Johannesburg, South Africa
Website: Information Regulator South Africa
Email: complaints.IR@justice.gov.za

By using the IROAS Payments Academy website and services, you acknowledge that you have read
and understood this Privacy Policy and agree to the processing of your personal information in
accordance with POPIA and applicable South African law.

SCROLL
TO TOP