Privacy Policy - KPI Management Solutions (Pty) Ltd


1. Introduction
KPI Management Solutions (Pty) Ltd (“KPI”, “we”, “us” or “our”) is committed to protecting the personal information of our website visitors, clients, trainees and business contacts. This Privacy Policy explains how we collect, use, disclose, store and protect personal information, and describes the rights available to data subjects under the Protection of Personal Information Act (POPIA) (South Africa).


2. Who we are & how to contact us

  • Legal name: KPI Management Solutions (Pty) Ltd.
  • Registration number: 2008/004336/07. IRP
  • Principal place of business: Wildfig Business Park, Block 7 Unit 54, 1494 Cranberry Street, Honeydew, Gauteng, 2170, South Africa. KPI Management Solutions+1
  • Primary contact(s): Roger - roger@kpims.co.za, +27 82 809 5423; Craig - craig@kpims.co.za.


3. Scope and purposes of this policy
This policy covers personal information collected through our website (www.kpims.co.za), as well as information collected when you engage with our training, coaching, graduate programmes and consultancy services. We use personal information to deliver our services, manage contracts, communicate with you, and improve our offerings.


4. Personal information we collect
We may collect the following categories of information:

  • Identity and contact data: name, job title, company name, business email, telephone number, postal address. KPI Management Solutions
  • Client and training data: organisation details, attendee lists, training assessments, progress records and any business data supplied to us for training or analytics engagements. KPI Management Solutions+1
  • Technical and usage data: IP address, device and browser details, cookie identifiers, page visits and analytics data collected via web analytics and server logs.
  • Communications: any information you provide when contacting us (via forms, email, phone), and any marketing preferences you indicate.
  • Other information you supply: survey responses, feedback, social media interactions (public profiles) and any other data you volunteer.


5. Lawful bases and POPIA compliance
We process personal information in line with POPIA and will rely on one or more lawful bases for processing such as: consent; performance of a contract (e.g., training agreement); legitimate interests (e.g., service improvement, fraud prevention); or legal obligation. We will collect and process information only for specified, lawful purposes and will minimise what we collect.


6. How we use your information
We use data to:

  • Provide and manage training, coaching, graduate placements and consulting services. KPI Management Solutions
  • Respond to enquiries, schedule and administer programmes, issue invoices and fulfil contractual obligations.
  • Operate, maintain and improve our website and services (including analytics and security).
  • Send service-related communications, administrative notices, and, only where permitted, marketing communications.
  • Comply with legal and regulatory obligations, and to protect our legal rights.


7. Recipients and third-party processors
We may share personal information with:

  • Service providers (hosting, email delivery, CRM, analytics, payment processors) who act as processors on our behalf.
  • Clients or business partners when required to deliver training or when an organisation has provided us data for a programme. KPI Management Solutions
  • Legal or regulatory authorities where required by law.
     We require processors to maintain confidentiality and implement appropriate security safeguards.


8. Trans-border transfers
We may transfer personal information outside South Africa (for example, to cloud hosting or analytics providers). When we do so we will ensure adequate safeguards are in place consistent with POPIA (standard contractual clauses, binding corporate rules or equivalent protections).


9. Security and retention
We implement technical and organisational measures to protect personal information from unauthorised access, loss, damage or theft. Access to personal information is limited to authorised personnel and contractors with a legitimate need.
Retention: we keep personal information only for as long as necessary for the purpose it was collected and to satisfy legal, accounting or reporting obligations. Suggested default retention periods (please confirm internally):

  • Marketing lists & permissions: until unsubscribed or 3 years after last interaction.
  • Client / contract records and training data: 7 years (or as required by commercial/tax rules).
  • Website logs and analytics: up to 2 years (or aggregated/anonymised sooner).
     Adjust these retention periods as required by your operational or legal needs.


10. Cookies & tracking
Our website uses cookies and similar technologies for essential site operation, analytics and (where you consent) marketing. You can manage cookies through your browser settings or the cookie banner on the site. (List the specific cookie categories and vendors you use, e.g., session cookies, analytics (Google Analytics/Matomo), marketing/advertising tags.)


11. Direct marketing
We will only send marketing communications where you have consented or where permitted by law (eg. existing client communications). Every marketing message will include an unsubscribe method. If you object, we will stop processing your information for direct marketing.


12. Rights of data subjects
Under POPIA you have the right to: request confirmation whether we hold your personal information; request access to your personal information; request correction, deletion or destruction; object to processing in some circumstances; withdraw consent where processing relied on consent. To exercise any right, contact us using the details in section 2.


13. Complaints
If you are unhappy with how we handle your personal information you may raise the matter with us in the first instance (contact details above). You also have the right to lodge a complaint with the South African Information Regulator (https://inforegulator.org.za).


14. Minors
Our services and website are intended for professionals and organisations. We do not knowingly collect personal information from children under the age of 18. If we discover we have collected info from a minor without parental consent we will promptly delete it.


15. Changes to this policy
We may update this Privacy Policy from time to time. We will publish the updated policy on the website with a revised “last updated” date.


16. Additional information & transparency (PAIA)
KPI is listed in the KPI Group PAIA/Manual and maintains public-facing transparency documentation (PAIA manual) that confirms address, registration number and contact details. For formal POPIA/PAIA requests, please use the contact details above.