Privacy Policy

This Privacy Policy explains how Factor Lab ("we", "us", "our") collects, uses, stores and discloses personal information when you visit or interact with factorlab.co.za.

Last updated: January 13, 2026

1. Controller / Responsible Party

Factor Lab (© Factor Lab) is the responsible party for the processing of personal information collected through this website. Our principal place of business is Johannesburg, South Africa. For contact, see the Contact page on our site (e.g., juhan@factorlab.co.za, nico@factorlab.co.za). :contentReference[oaicite:1]{index=1}

2. Scope and acceptance

By accessing or using this website you accept the practices described in this Privacy Policy. If you do not agree, please do not use the site or submit personal information.

3. Personal information we collect

  • Contact information: name, email address, phone number and message content submitted via contact or audit request forms.
  • Technical and usage data: IP address, browser user agent, device identifiers, pages visited, timestamps and other server log data collected automatically.
  • Cookies and similar technologies: session cookies, persistent cookies and local storage used to enable site functionality and analytics.
  • Third-party data: information provided by third-party integrations or from public sources when you connect or authenticate with external services through our platform.

4. How we use your personal information

We process personal information for the following purposes:

  • to respond to enquiries and provide the services you request (e.g., audits, pricing, proposals);
  • to operate, secure and maintain the website and our systems;
  • to send transactional messages (e.g., confirmations, support responses);
  • to analyse and improve the website and our services (analytics, performance monitoring);
  • where permitted, for direct marketing in accordance with applicable law and your marketing preferences; and
  • to comply with legal obligations and protect our legal rights.

5. Legal basis and POPIA compliance

If you are located in South Africa, we process personal information in accordance with the Protection of Personal Information Act (POPIA). Under POPIA, responsible parties must process personal information in a lawful, reasonable and non-intrusive manner and observe the conditions for lawful processing (e.g., purpose specification, minimality, retention, security). Data subjects have rights including access, correction, deletion, objection and the right to lodge a complaint with the Information Regulator. Please see the 'Your rights' section below for instructions. :contentReference[oaicite:2]{index=2}

6. Cookies and analytics

We use cookies and similar technologies to provide and improve the site. Cookies may be used for session management, analytics and functional features. You may control cookie settings in your browser; however, disabling certain cookies may impair site functionality.

7. Third-party services and processors

We employ third-party service providers to operate and analyse our service, process payments, and deliver integrations. These providers may include workflow and integration platforms, CRM and accounting connectors, payment processors, hosting and analytics services. The site references integration partners and technologies (for example: n8n, HubSpot, Xero, Slack, OpenAI, Stripe, Pipedrive, Airtable) used in our engineering and automation work; we may engage such providers as appropriate. Where personal information is shared with third parties, we require contractual safeguards and only transfer data as permitted by law. :contentReference[oaicite:3]{index=3}

8. International transfers

Personal information may be transferred to, stored, and processed in countries outside South Africa. When we transfer data cross-border we will take steps required by POPIA and other applicable laws to ensure adequate protection (e.g., contractual clauses, reliance on an adequacy mechanism where available).

9. Data retention

We retain personal information only for as long as necessary to fulfil the purposes described in this policy, to meet legal or regulatory obligations, or to resolve disputes. Retention periods vary by data type and purpose.

10. Security

We maintain administrative, technical and physical safeguards designed to protect information from loss, misuse and unauthorised access. No transmission over the Internet is completely secure; despite our efforts, we cannot guarantee absolute security.

11. Your rights and exercising them

You may have the following rights under POPIA and other applicable laws: request access to your personal information, request correction or deletion, object to processing, request restriction, and lodge a complaint with the Information Regulator. To exercise any right, contact us at privacy@factorlab.co.za or the emails listed on our Contact page. We will respond within applicable legal timeframes.

12. Children

The site is not directed to children under the age of 18. We do not knowingly collect personal information from minors without parental consent.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will update the "Last updated" date above and, where required, provide notice.

14. Contact

For questions about this policy or to exercise your privacy rights, contact:
Email: juhan@factorlab.co.za, nico@factorlab.co.za (see Contact page).
Address: Johannesburg, South Africa. :contentReference[oaicite:4]{index=4}