Appearance
Privacy Policy
Last Updated: 3 March 2026
Effective Date: 3 March 2026
Introduction
OnixFeed ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our book metadata management platform (the "Service").
This Policy complies with the Protection of Personal Information Act 4 of 2013 (POPIA) and the Electronic Communications and Transactions Act 25 of 2002 (ECT Act).
1. Information We Collect
1.1 Personal Information
We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person.
Information you provide to us:
| Category | Examples |
|---|---|
| Account Details | Name, email address, phone number, job title, company name |
| Authentication | Password (encrypted), security questions, two-factor authentication details |
| Profile Information | Profile picture, bio, preferences |
| Payment Information | Billing address, VAT number, payment card details (processed securely via payment processor) |
1.2 Business Data
The Service enables you to manage business-related data, including:
- Book metadata (titles, ISBNs, authors, contributors, descriptions)
- Cover images and media files
- Publisher and supplier information
- Stock and inventory data
- Customer reviews and ratings
- Store collection and distribution configurations
You retain ownership of all business data uploaded to the Service.
1.3 Automatically Collected Information
We automatically collect certain information when you use the Service:
| Category | Examples |
|---|---|
| Log Data | IP address, browser type, device information, pages visited |
| Usage Data | Features used, time spent, actions performed |
| Cookies | Session identifiers, preferences, analytics data |
2. How We Use Your Information
2.1 Purposes of Processing
We process your personal information for the following purposes:
| Purpose | Description | Legal Basis |
|---|---|---|
| Service Provision | To provide, maintain, and improve the Service | Consent / Contract |
| Account Management | To create and manage your account | Contract |
| Communication | To send transactional messages and support | Consent / Contract |
| Security | To detect, prevent, and address fraud or security issues | Legitimate Interest |
| Analytics | To understand usage patterns and improve features | Legitimate Interest |
| Legal Compliance | To comply with legal obligations | Legal Obligation |
| Marketing | To send marketing communications (with consent) | Consent |
2.2 Data Minimisation
We collect only the personal information that is adequate, relevant, and not excessive in relation to the purposes for which it is processed.
3. Sharing and Disclosure of Information
3.1 Service Providers
We may share your information with third-party service providers who perform services on our behalf:
| Provider Type | Examples |
|---|---|
| Hosting & Infrastructure | Cloud storage, database services, CDN providers |
| Payment Processing | Payment gateways (e.g., PayFast, Yoco, Peach Payments) |
| Email & Communications | Email service providers |
| Analytics | Web analytics services |
All service providers are contractually bound to protect your information and may only use it to provide services to us.
3.2 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.
3.3 Legal Requirements
We may disclose your information when required by law, court order, or to protect our rights, property, or safety.
3.4 Your Business Data
Your business data (books, metadata, images) is not shared with third parties except:
- When you explicitly authorise export to integrations (Shopify, WooCommerce, etc.)
- When you generate ONIX feeds for distribution to your chosen partners
- When required for the functioning of the Service (e.g., CDN for image delivery)
4. Data Security
4.1 Security Measures
We implement appropriate technical and organisational measures to safeguard your information:
- Encryption: Data is encrypted in transit (TLS/HTTPS) and at rest
- Access Controls: Role-based access with authentication requirements
- Regular Audits: Periodic security assessments and penetration testing
- Data Backups: Secure backup systems with disaster recovery procedures
- Monitoring: Intrusion detection and security monitoring systems
4.2 Data Retention
| Data Type | Retention Period |
|---|---|
| Active Account Data | Retained while your account is active |
| Deleted Account Data | Retained for up to 30 days (backup recovery window), then securely deleted |
| Log Data | Retained for up to 12 months for security purposes |
| Transaction Records | Retained for 5 years to comply with tax and legal requirements |
4.3 International Data Transfers
Your data is stored primarily in South Africa. Any international transfers comply with POPIA requirements and ensure adequate protection of your information.
5. Your Rights
Under POPIA, you have the right to:
5.1 Right of Access
You may request confirmation of whether we process your personal information and a copy of that information.
5.2 Right to Correction
You may request the correction or deletion of inaccurate or incomplete personal information.
5.3 Right to Deletion
You may request the deletion of your personal information, subject to legal and operational constraints.
5.4 Right to Object
You may object to the processing of your personal information on legitimate interest grounds.
5.5 Right to Restrict Processing
You may request that we restrict the processing of your personal information in certain circumstances.
5.6 Right to Data Portability
You may request your personal information in a structured, commonly used format.
5.7 Right to Withdraw Consent
Where processing is based on consent, you may withdraw your consent at any time.
5.8 How to Exercise Your Rights
To exercise any of these rights, contact us at:
Email: hello@onixfeed.comSubject Line: Privacy Rights Request
We will respond to your request within 30 days, as required by POPIA.
6. Cookies and Tracking Technologies
6.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Authentication, security, session management | Session / 30 days |
| Preference Cookies | Remember your settings and preferences | 1 year |
| Analytics Cookies | Understand how you use the Service | 2 years |
6.2 Managing Cookies
You can control cookies through your browser settings. Please note that disabling essential cookies may affect Service functionality.
7. Marketing Communications
7.1 Consent Requirements
We will only send you marketing communications if:
- You have explicitly consented to receive them, or
- You have an existing business relationship with us
7.2 Opting Out
You may opt out of marketing communications at any time by:
- Clicking the "unsubscribe" link in any marketing email
- Updating your communication preferences in your account settings
- Contacting us at hello@onixfeed.com
8. Children's Privacy
The Service is not intended for children under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.
9. Cross-Border Transfers
Your data may be transferred to and processed in countries other than South Africa. Where this occurs, we ensure:
- Adequate protection is in place
- The recipient is bound by contractual obligations to protect the data
- The transfer complies with POPIA requirements
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated Policy on our website
- Sending you an email notification at least 30 days before changes take effect
Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.
11. Contact Information
For questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact our Information Officer:
OnixFeed Information Officer Cape Town, South Africa Email: hello@onixfeed.com Website: https://onixfeed.com
If you believe we have not complied with POPIA or your privacy rights, you have the right to lodge a complaint with the Information Regulator of South Africa.
12. POPIA Compliance Statement
OnixFeed is committed to complying with the Protection of Personal Information Act 4 of 2013. We:
- Process personal information lawfully and responsibly
- Implement appropriate security measures
- Respect your rights as a data subject
- Maintain transparency about our data practices
This document is provided for informational purposes and does not constitute legal advice. For specific legal advice, please consult a qualified attorney familiar with POPIA and South African data protection law.