POPI / Privacy Policy

How we protect and manage your personal information

Compliance with POPI Act Last Updated: March 2025

The Council for Piercing and Tattoo Professionals (CPTP) is committed to protecting your privacy and ensuring the security of your personal information in accordance with the Protection of Personal Information Act (POPIA) of South Africa.

Contents
Important: Public Information Disclaimer

While we take every precaution to protect your personal information within our systems, we have no control over information you voluntarily choose to make public through your member profile in our directory. Once information is published in the public directory, it can be accessed, copied, and used by third parties. Please carefully consider what personal information you include in your public profile.

1. Introduction

This Privacy Policy explains how the Council for Piercing and Tattoo Professionals ("we," "us," "our") collects, uses, discloses, and protects your personal information when you visit our website, apply for membership, or interact with our services. By using our website and services, you consent to the practices described in this policy.

We are registered as a non-profit organization in South Africa and are committed to compliance with the Protection of Personal Information Act, 2013 (Act No. 4 of 2013).

2. What Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

  • Personal Identifiers: Full name, ID number, date of birth
  • Contact Information: Email address, phone numbers, physical address
  • Professional Information: Business name, qualifications, specializations, years of experience, portfolio images
  • Account Information: Username, password, membership preferences
  • Payment Information: Credit card details, billing address (processed securely through PayFast – we do not store full payment details)
  • Communications: Any information you provide when contacting us

2.2 Information Collected Automatically

When you visit our website, we automatically collect:

  • Log Data: IP address, browser type, operating system, pages visited, time and date of visits
  • Cookies: Small data files stored on your device to improve user experience
  • Referral Information: How you found our website (if applicable)

3. How We Use Your Information

We use your personal information for the following purposes:

  • Membership Administration: To process applications, manage memberships, and communicate with members
  • Directory Listing: To create and maintain the public member directory (with information you choose to make public)
  • Payment Processing: To process membership fees and course payments
  • Communication: To send important updates, newsletters, and information about council activities
  • Verification: To verify professional credentials and qualifications
  • Legal Compliance: To comply with legal obligations and regulatory requirements
  • Improvement: To analyze and improve our website and services

4. Public Directory Information

Important: Information You Make Public

When you become a member, you have the option to be listed in our public directory. The following information may be displayed publicly:

  • Your name and business name
  • Your location/city
  • Your specializations (tattoo, piercing, etc.)
  • A professional biography
  • Your website URL
  • Your business email (if you choose to display it)

Please note: This information is accessible to anyone on the internet. Search engines may index this information. We cannot control how third parties use this publicly available information. You can update or remove your directory listing at any time by contacting us.

5. Information Sharing

We do not sell, rent, or trade your personal information to third parties. We only share information in the following circumstances:

  • With Your Consent: When you explicitly agree to sharing your information
  • Service Providers: With trusted third-party service providers who assist us in operating our website and processing payments (e.g., PayFast). These providers are contractually bound to protect your information.
  • Legal Requirements: When required by law, regulation, or legal process
  • Protection of Rights: To protect the rights, property, or safety of the Council, our members, or others

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure SSL/TLS encryption for data transmission
  • Regular security assessments and monitoring
  • Access controls and authentication procedures
  • Secure data storage with restricted access

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Specifically:

  • Active Members: Information retained for the duration of membership
  • Former Members: Basic information retained for record-keeping and legal purposes for up to 5 years after membership ends
  • Financial Records: Retained for 5 years as required by South African law
  • Website Logs: Retained for 30 days then anonymized

8. Your Rights Under POPIA

Under the Protection of Personal Information Act, you have the following rights:

  • Right to Access: Request a copy of the personal information we hold about you
  • Right to Correction: Request correction of inaccurate or incomplete information
  • Right to Deletion: Request deletion of your information (subject to legal obligations)
  • Right to Object: Object to the processing of your information for specific purposes
  • Right to Complain: Lodge a complaint with the Information Regulator of South Africa

To exercise these rights, please contact us using the information below. We will respond to your request within 30 days.

9. Cookies & Website Tracking

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device. We use:

  • Essential Cookies: Required for website functionality
  • Analytics Cookies: To understand how visitors use our site (Google Analytics)
  • Preference Cookies: To remember your settings and preferences

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify members of significant changes via email and post the updated policy on this page with a revised "Last Updated" date.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our Information Officer:

Pretoria Office

Phone: +27 12 881 3666

Email: privacy@bodyartcouncil.co.za

Cape Town Office

Phone: +27 21 569 4130

Email: privacy@bodyartcouncil.co.za

Physical Address:
Council for Piercing and Tattoo Professionals
10 Joan Avenue, Murrayfield, Pretoria, 0184

Information Regulator of South Africa:
Website: www.justice.gov.za/inforeg/
Email: inforeg@justice.gov.za

By using our website and services, you acknowledge that you have read and understood this Privacy Policy.

Back to Home