LedgerLoop is committed to protecting the personal information of all website visitors, clients, and business contacts in compliance with South African privacy laws. This Policy is governed by the Protection of Personal Information Act, 2013 (POPIA) and related South African data protection regulations. We process personal data only in accordance with POPIA’s requirements and the Constitution’s right to privacy. LedgerLoop will therefore collect, use, store and disclose your personal information lawfully, transparently, and for legitimate business purposes only.

 

1.    Personal Information We Collect

We collect personal information when you voluntarily provide it to us or interact with our services. For example, when you use the Contact Us form on our website, we collect the following data:

• Name

• Contact details: email address and telephone number

• Company name or organisation (if applicable)

• Any message or inquiry details you submit.

• Any other information provided
   

If you are an individual client or consultant, we may also collect identity and financial information necessary to deliver our services (e.g. South African ID or passport number, tax reference number, banking details for payments, or billing information). When providing payroll or tax services, we may collect additional details about you (such as salary, medical aid or benefits information, etc.). In line with POPIA’s definition, any identifiable information (e.g. name, contact details, ID number, financial or employment data) is treated as personal information.

 

If you are a representative of a corporate client, we collect your company’s business details (company name, registration number, address) as well as personal information of your authorized representative(s) (their names, positions, and contact details). In payroll or consulting engagements, we may also process personal data of your employees (such as ID numbers, employment details, salary, banking information, medical aid, etc.), strictly to fulfil our contractual duties. Sensitive personal information (e.g. health or biometric data) will be collected only if legally required (for example, for benefits administration) and with special protection as required by law.

 

When you visit our website, we also collect certain non-identifying technical data automatically. This includes your IP address, browser type, device operating system, pages viewed and the dates/times of visits, as recorded by cookies and analytics tools. This data is collected for site administration, security and statistical purposes and does not identify you as an individual.

 

2.    How We Use Your Information

LedgerLoop uses the personal information we collect only for legitimate purposes related to our services. In particular, we may use your information for the following purposes (with your consent or as permitted by law):

• Service Delivery: To respond to your inquiries and deliver the accounting, bookkeeping, payroll, tax, consulting services or other services you request. For example, using your contact details to update you about your account or to complete tax filings.

• Account Management: To manage accounts, billing, and transactions (e.g. processing invoices, payments, payroll runs, tax submissions).

• Communication: To contact you (by email, phone or mail) about our services, including sending notices, confirmations, scheduling, and (where consented) marketing or newsletter communications. You will be given an option to opt-out of any communication received from LedgerLoop.

• Improving Our Services: To analyze website usage and improve our website and services. Aggregated, non-identifying usage data (from cookies/analytics) helps us understand user behaviour and enhance functionality.

• Compliance and Safety: To comply with legal obligations (such as tax and reporting requirements), to verify your identity for security purposes, and to prevent or investigate fraud and other illegal activities.

We will not use your personal information for any purpose other than those listed above without your permission. We also do not sell or rent your personal data to third parties for marketing.

 

3.    Cookies and Analytics

LedgerLoop uses cookies and analytics tools to enhance website functionality and to collect standard web usage statistics.  Cookies are small text files stored on your device by your web browser. They may hold non-personal information such as site preferences or session tokens. We use “functional” cookies (necessary for basic site operations) and analytics cookies (for example, Google Analytics) to track visitor behaviour and measure traffic. These tools collect data such as pages visited, time spent on pages, referring sites and other such statistics and data points. Cookies can also record your IP address and browser type. Under POPIA, any personal information processed via cookies is subject to protection.

​

We will obtain your consent before using any non-essential cookies or tracking technologies (such as marketing cookies). You have the right to disable cookies in your browser settings at any time. Disabling cookies may limit certain website features. LedgerLoop does not use cookies to collect sensitive personal data or to track your movements beyond our site without explicit permission. 

 

4.    Third-Party Service Providers

LedgerLoop engages trusted third-party service providers to perform certain business functions, and they may process personal information on our behalf. Examples include cloud hosting providers, email and communication services (e.g. Microsoft Office 365, email marketing platforms), accounting or payroll software (e.g. Sage, QuickBooks, Xero, payroll platforms), analytics and advertising partners, and professional advisors. We will only share personal information with these providers to the extent needed for them to perform their services.

All third-party processors are required by contract to comply with POPIA and to maintain the confidentiality and security of your data. We impose strict privacy and security obligations on them (for example, data processing agreements) to ensure your information is handled lawfully. We may also share your personal information with:

• Professional advisers: such as lawyers, auditors or consultants engaged by LedgerLoop, to the extent necessary for legal advice or professional services.

• Government and regulatory authorities: when required by law or to protect our rights. For example, we may disclose data to the South African Revenue Service or regulators if obliged by statute.

In all cases, we will only disclose personal information as permitted by POPIA and only to parties who agree to use it solely for the purposes we specify.

 

5.    Information Security and Retention

We implement reasonable physical, technical, and organisational safeguards to protect your personal information from unauthorised access, disclosure, alteration or destruction. Our security measures include encryption of data in transit and at rest, firewalls, secure servers, role-based access controls, and regular security assessments. Access to personal information within our organisation is restricted to employees and contractors who need it to perform their job duties. All LedgerLoop staff and service providers receive training on data privacy and are bound by confidentiality obligations. When we use external vendors, we require them to maintain the same level of data protection.

 

We retain personal information only as long as necessary to fulfil the purposes for which it was collected, or as required by law. For example, records relating to tax and payroll may be kept for the period mandated by the South African Revenue Service. When information is no longer needed, we will securely destroy or delete it in accordance with our data retention policies.

​

6.    Your Rights under POPIA

As a data subject, you have rights under POPIA with respect to your personal information. These include the right to:

• Access: You can request confirmation and copies of the personal information LedgerLoop holds about you. Such requests must be submitted in writing with proof of identity.

• Correction: You can ask us to update, correct or delete your personal information if it is inaccurate, irrelevant, excessive or out-of-date. We will require verification of your identity before making changes.

• Withdraw Consent: You may withdraw any consent you have given for processing your personal information, subject to legal or contractual restrictions. (For example, we may still retain data needed for invoicing or legal compliance.)

• Object: You have the right to object to the processing of your information on lawful grounds (such as objections to direct marketing).

• Complain: You may lodge a complaint with the Information Regulator in South Africa if you believe your data rights have been violated.

To exercise any of these rights, please contact us as provided below. We will respond to your request within the timeframes required by law. Any request for access may be subject to a legally allowable fee and identity verification.

 

7.    Updates to This Policy

LedgerLoop may update this Privacy and POPI Policy from time to time. When we make changes, we will revise the “Last updated” date and post the new Policy on our website. We encourage you to review this page periodically to stay informed about how we protect personal information.

 

8.    Contact Us

If you have any questions or concerns about this Policy or our data practices, or if you wish to exercise your POPIA rights, please contact us at:

• Email: dylan.martens@ledgerloop.co.za

• Telephone: +27 (0) 77 494 5557

• Address: 13 Kinross Drive, Atlantic Links Estate, Cape Town, 7441

 

You may also contact the Information Regulator (South Africa) for guidance. The Information Regulator’s contact details are available on their website. LedgerLoop will cooperate fully with the Regulator and any lawful investigation of our privacy practices.

 

This Privacy and Protection of Personal Information Policy was prepared in accordance with the POPIA and other applicable South African data protection laws.

​

9. Contact Information

If you have any questions about these Terms, please contact us by email at dylan.martens@ledgerloop.co.za or via the contact page on the Website.

​

Last updated: 4 June 2025

​