1. Business Profile & Scope:
Glam Haus (“the Business,” “we,” “our,” or “us”) is an online jewellery store operated as a sole proprietorship by Tracy Sessions within South Africa. Our operations, marketing, and deliveries are strictly limited to the borders of South Africa. We do not ship products or intentionally transfer data internationally. This policy outlines how we handle your personal information in compliance with the Protection of Personal Information Act (POPIA). [1, 2]
 
2. Information We Collect:
We collect personal data directly from you when you browse our site, create an account, or place a order:
    • Identity details: First name, last name, and title.
    • Contact details: Delivery address, billing address, South African mobile number, and email address.
    • Transaction details: Information about the jewellery items you purchase, order totals, and timestamps via our WooCommerce platform. [1]

 

3. WooCommerce Platform Processing [1]:
We use WooCommerce to power our storefront. When you shop, WooCommerce stores data to:
    • Track items in your shopping cart while you browse.
    • Calculate domestic shipping rates and local taxes at checkout.
    • Maintain a record of your order history for customer service and warranty claims.

 

4. Third-Party Data Sharing (PayFast & Couriers) [1]:
We do not sell or rent your data. To complete your order, we share necessary information with specific local providers:
    • Payment Processing (PayFast): All financial transactions are securely routed through PayFast (Pty) Ltd. WooCommerce passes your order total and contact details to PayFast to generate your payment session. Glam Haus never sees, stores, or processes your credit card numbers, banking details, or instant EFT credentials. PayFast secures these transactions using PCI-DSS compliance. [1, 2, 3]
    • Domestic Logistics: Your identity and delivery details are shared with South African courier networks (e.g., The Courier Guy, CourierIT) strictly to transport your jewellery.
    • Local Marketing & Analytics: Website plugins (e.g., Google Analytics, Mailchimp) process anonymized browsing patterns and handle opt-in marketing newsletters.

 

5. Data Retention & Legal Obligations:
As a South African sole proprietorship, the owner must legally retain financial transactional records for 5 years to comply with Section 55 of the South African Value-Added Tax Act and the Tax Administration Act. Non-transactional data, such as abandoned shopping carts or analytic cookies, is automatically purged or anonymized after 60 days. [1]
 
6. Your Legal Rights Under POPIA [1]:
You have the right to manage your data at any time. You may request to: [1]
    • Access all personal information we hold about you.
    • Correct or update any inaccurate or outdated contact information.
    • Object to data use for marketing and opt-out of newsletter lists immediately.
    • Delete your account history, provided the data is not bound by the statutory 5-year tax retention rule.

 

7. Information Officer & Contact Details:
As a sole proprietor, the owner legally serves as the Information Officer under POPIA. For all privacy inquiries or data requests, please contact:
    • Information Officer: Tracy Sessions
    • Trading Name: Glam Haus
    • Email Address: glamhausza@outlook.com
    • Phone Number: 0662664831

If you believe your personal data has been handled unlawfully, you have the right to lodge a formal complaint with the South African Information Regulator.