Info@sahita.co.za

 +27 (0) 87 138 5030
Student Login
Student Login

Our Privacy Policy

Effective Date: 24 November 2025

1. INTRODUCTION

The South African Home Inspection Training Academy (SAHITA) respects your privacy and is committed to protecting your personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) and other applicable South African laws.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website (www.sahita.co.za), register for a course, make a payment, or interact with our services. By using our website or services, you consent to the processing of your personal information as described in this policy.

2. WHO WE ARE

SAHITA is a South African provider of online training for building and home inspectors.

Contact Details (Information Officer):

Name: John Graham (Principal)
Email: info@sahita.co.za
Phone: +27 (0) 87 138 5030
Physical Address: 80 St Michaels Rd, Claremont, Cape Town, 7700

3. WHAT PERSONAL INFORMATION WE COLLECT

We collect the following categories of personal information:

Category Examples Purpose
Identity Data
Full name, ID number (if required), date of birth
To verify identity and issue certificates
Contact Data
Email address, phone number, postal address
To communicate, provide support, and send course updates
Financial Data
Payment card details (processed via secure gateway), bank details (for EFT)
To process payments and issue invoices
Profile Data
Username, password, course progress, test results, assignment submissions
To manage your learning journey and account
Technical Data
IP address, browser type, device information, login times
To improve website functionality and security
Usage Data
Pages visited, time spent, click patterns
To enhance user experience and site performance
Communication Data
Emails, support queries, phone call records
To provide customer support and resolve issues

We do not collect special personal information (e.g., race, religion, health) unless voluntarily provided and necessary (e.g., for accessibility accommodations).

4. HOW WE COLLECT YOUR INFORMATION

We collect information:

  • Directly from you: When you register, complete forms, make payments, submit assignments, or contact us.
  • Automatically: Via cookies, server logs, and analytics tools when you browse the website.
  • From third parties: Secure payment gateways (e.g., PayFast, Yoco) or NABISA (if you claim a discount).


5. LEGAL BASIS FOR PROCESSING (POPIA Section 11)

We only process your personal information when:

  1. You have given consent (e.g., Registering with us).
  2. It is necessary for contract performance (e.g., granting course access after payment).
  3. It is required to comply with a legal obligation (e.g., SARS VAT records).
  4. It is in our legitimate interests (e.g., fraud prevention, site improvement), provided your rights are not overridden.


6. HOW WE USE YOUR INFORMATION

Purpose Lawful Basis
Process your course registration and payment
Contract
Grant access to course modules and track progress
Contract
Issue certificates upon completion
Contract
Provide support (email, phone)
Legitimate interest
Send course updates, reminders, and deadlines
Consent / Contract
Improve website functionality and user experience
Legitimate interest
Comply with tax and auditing requirements
Legal obligation
Prevent fraud and secure the platform
Legitimate interest

We will never sell, rent, or share your personal information with third parties for marketing purposes.

7. COOKIES AND TRACKING TECHNOLOGIES

We use cookies to:

  • Remember your login session
  • Track course progress
  • Analyse site performance (via Google Analytics – anonymised)
  • Improve user experience


You can manage cookies via your browser settings. Disabling cookies may limit functionality (e.g., auto-login, progress saving).

A cookie consent banner will appear on first visit, allowing you to accept or customise preferences.

8. WHO WE SHARE YOUR DATA WITH

We only share your information with:

Recipient Purpose Safeguards
Payment Gateways (e.g. PayFast)
Process payments
PCI DSS compliant; no card data stored
Cloud Hosting Provider (South African data centre preferred)
Store course data and backups
Encrypted, access-controlled
Support Staff / Tutors
Provide academic and technical support
Internal access only; NDAs in place
Regulatory Bodies (e.g. QCTO, SARS)
Compliance and certification
Only when legally required

We do not share data with social media platforms, advertisers, or mailing list brokers.

9. DATA SECURITY

We implement appropriate technical and organisational measures to protect your data, including:

  • SSL/TLS encryption for all data in transit
  • Secure servers with firewalls and intrusion detection
  • Access controls and two-factor authentication for staff
  • Regular security audits and penetration testing
  • Data backup with encryption

Despite these measures, no online system is 100% secure. You use the website at your own risk.

10. DATA RETENTION

We keep your personal information only as long as necessary:

Data Type Retention Period
Account & course progress
7 years after last activity (for re-access and certification verification)
Financial records
5 years (per SARS requirements)
Support correspondence
3 years
Backup data
12 months (rolling)

After retention periods, data is securely deleted or anonymised.

11. YOUR RIGHTS UNDER POPIA (Section 18)

You have the right to:

  1. Access your personal information (free of charge, within 30 days)
  2. Correct or update inaccurate data
  3. Object to processing (e.g., marketing)
  4. Request deletion (where no legal obligation exists)
  5. Withdraw consent (does not affect prior lawful processing)


Lodge a complaint with the Information Regulator

To exercise your rights, email: info@sahita.co.za with “POPIA Request” in the subject line.

12. CHILDREN’S PRIVACY

Our services are not directed at individuals under 18. If you are under 18, you must have parental/guardian consent to register. We do not knowingly collect data from children without such consent.

13. INTERNATIONAL DATA TRANSFERS

We prioritise South African or EU-adequate jurisdiction hosting. If data is transferred outside South Africa (e.g., cloud backups), we ensure:

  • Binding corporate rules
  • Standard contractual clauses
  • Adequacy decisions (e.g. EU)


14. MARKETING AND COMMUNICATIONS

We may send you:

  • Important updates
  • Course progress reminders
  • Deadline alerts
  • Certification updates
  • SAHITA news (with opt-in consent)


You can opt out at any time via:

  • “Unsubscribe” link in emails
  • Emailing info@sahita.co.za
  • Updating preferences in your account


15. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised Effective Date. Continued use of the website after changes constitutes acceptance.


16. CONTACT THE INFORMATION OFFICER

For any privacy concerns contact :

John Graham
Email: info@sahita.co.za
Phone: +27 (0) 87 138 5030

Information Regulator (for complaints): Website: https://inforegulator.org.za
Email: POPIAcomplaints@inforegulator.org.za