Privacy policy

Last updated: 6 May 2026
Next scheduled review: 6 November 2026

This policy explains how Nerdy Tech Geeks ("we", "us") collects, uses, stores, shares, and protects personal information from visitors to www.nerdytechgeeks.co.za, in line with the Protection of Personal Information Act, 2013 (POPIA).

Who we are

Nerdy Tech Geeks is a vendor-neutral technology consultancy based in Cape Town, South Africa. For the purpose of POPIA we are the Responsible Party for personal information processed through this website.

Information Officer

Our Information Officer (POPIA Section 56) is:

• Name: To be confirmed
• Email: privacy@nerdytechgeeks.co.za
• Postal: Available on request

What we collect

We only collect personal information when you choose to share it with us. Today, that means:

• Direct enquiries: when you email hello@nerdytechgeeks.co.za, we receive your name, email address, and the content of your message. If you provide a phone number or company name in the message, we hold that too.
• Contact form: when the embedded Microsoft Forms enquiry form is configured, it may collect name, work email, company, the outcome you are trying to achieve, and any context you choose to share. The form does not request special categories of personal information.
• Aggregate analytics: Cloudflare Web Analytics records anonymised page-load metrics. It does not set tracking cookies, does not fingerprint individual visitors, and does not give us readable IP-address-level visitor profiles.

Why we process this information (lawful basis)

• Performance of a contract or steps prior to entering into one: responding to enquiries, scoping engagements, sending proposals, and delivering services.
• Legitimate interest: keeping basic records of correspondence, improving the website with aggregate analytics, and protecting the site from abuse.
• Consent: when you submit the contact form or choose to subscribe to anything we add later. Consent can be withdrawn at any time by emailing the Information Officer.
• Compliance with law: keeping records required by tax, accounting, or other applicable legislation.

Who we share information with (operators)

We do not sell personal information. We share it only with the operators we use to run the business:

• Cloudflare, Inc. - content delivery, edge security, and Cloudflare Web Analytics. Hosted in Cloudflare's global network.
• Microsoft Corporation - Microsoft 365 services for email, file storage, collaboration, and the embedded enquiry form when configured.
• GitLab B.V. - source-code hosting and container registry services used to build and deploy this website.
• Azure hosting infrastructure - Kubernetes, ingress, and runtime infrastructure used to serve the production website.

Each operator is bound by its own contractual obligations and applicable data-protection laws.

Cross-border transfer

Cloudflare, Microsoft 365, GitLab, and Azure are global services, so your information may be processed outside South Africa, including in the European Union and the United States. We rely on the operators' contractual safeguards, which provide a level of protection broadly aligned with POPIA Section 72.

How long we keep information

• Active enquiries: while we are in conversation, plus 24 months for follow-up.
• Engagement records: for the duration of the engagement plus 5 years for tax and audit purposes.
• Aggregate analytics: rolling 6 months, in aggregate only, with no identifiers attached.
• Backup copies: up to 90 days beyond deletion, until they cycle out of automated backups.

Your rights as a data subject

Under POPIA you have the right to:

• Be told what personal information we hold about you.
• Request a copy of that information.
• Ask us to correct or delete information that is inaccurate, irrelevant, excessive, out of date, misleading, or unlawfully obtained.
• Object to the processing of your information on reasonable grounds.
• Withdraw any consent you have given.
• Lodge a complaint with the Information Regulator of South Africa.

To exercise any of these rights, email the Information Officer at privacy@nerdytechgeeks.co.za. We will respond within 30 days.

Security

We follow the practices we recommend to clients: TLS-only delivery, hardened authentication on administrative systems, principle of least privilege, and routine review of access. No system is perfectly secure; if a breach affecting your information occurs, we will notify you and the Information Regulator in line with POPIA Section 22.

Cookies

This website does not set tracking or advertising cookies. Cloudflare may set strictly necessary security cookies to protect the site from automated abuse. No consent banner is shown because no non-essential cookies are set.

Children

This website and its services are aimed at organisations and adult professionals. We do not knowingly collect personal information from people under 18.

Complaints

If you believe we have not handled your personal information lawfully, please raise it with us first by emailing privacy@nerdytechgeeks.co.za. You also have the right to lodge a complaint directly with the Information Regulator of South Africa:

• Website: inforegulator.org.za
• Email: POPIAComplaints@inforegulator.org.za
• Address: Woodmead North Office Park, 54 Maxwell Drive, Woodmead, Johannesburg, 2191
• Phone: 010 023 5200

Changes to this policy

We review this policy at least every six months and whenever we materially change how we process personal information. The "Last updated" date at the top of this page is authoritative.