Privacy Policy

01 Who We Are

This Privacy Policy is issued by Online Synergy CC, a close corporation registered in South Africa and trading as PaleoPower. We operate paleopower.co.za and are the "responsible party" for your personal information as defined under the Protection of Personal Information Act 4 of 2013 (POPIA).

02 What Information We Collect

Information you provide to us

• Name and email address — when you subscribe to our newsletter via MailChimp
• Name, email, and comment content — when you submit a comment on an article
• Name, email, and message content — when you contact us via our contact form

We do not collect sensitive personal information as defined by POPIA (including health data, biometric data, religious beliefs, political opinions, or financial information).

Information collected automatically

03 How We Use Your Information

• Newsletter delivery: To send the PaleoPower newsletter you subscribed to
• Site operation: To maintain technical functioning, including spam prevention via Akismet
• Analytics: To understand how visitors use the site via Google Analytics (anonymised aggregate data)
• Comment moderation: To manage and moderate user-submitted comments
• Communication: To respond to contact form submissions
• Legal compliance: To comply with applicable South African law
• Fraud prevention: To detect and prevent spam, abuse, and security incidents

We do not use your personal information for automated decision-making or profiling that produces legal or significant effects on you.

04 Legal Bases for Processing

05 Who We Share Your Data With

We do not sell your personal information to any third party. We share personal information only in these circumstances:

• Service providers: Trusted third-party processors who help us operate the site, bound by contract to use data only as directed by us
• Business transfers: If Online Synergy CC is involved in a merger or acquisition, personal information may transfer as part of that transaction with prior notice to you
• Legal requirements: Where required by South African law, a court order, or a lawful request from a government authority
• Protecting rights: Where necessary to protect the rights, property, or safety of Online Synergy CC, users, or the public

06 Third-Party Processors

The following third-party services process personal data on our behalf or in connection with the site:

• MailChimp (Intuit)Email newsletter delivery and subscriber managementPrivacy Policy
• Google AnalyticsAnonymised site traffic and user behaviour analyticsPrivacy Policy
• Akismet (Automattic)Comment spam detection and filteringPrivacy Policy
• ClickBankAffiliate programme transaction processingPrivacy Policy
• CloudflareCDN, DDoS protection, bot managementPrivacy Policy
• TermlyCookie consent banner managementPrivacy Policy

Where these processors are located outside South Africa, we ensure they provide adequate protection for personal information as required by POPIA Section 72.

07 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to operate the site, analyse usage, and deliver relevant content. We use the following categories:

How to control cookies

Manage preferences via the cookie consent banner on this site (Termly), or adjust your browser settings to block or delete cookies. To opt out of Google Analytics specifically, install the Google Analytics Opt-out Browser Add-on. For interest-based advertising opt-outs, visit aboutads.info/choices.

08 How Long We Keep Your Data

• Newsletter subscriber data: Until you unsubscribe
• Comment data: For as long as the associated article remains published, unless you request deletion
• Contact form submissions: Up to 2 years
• Analytics data: Anonymised after 26 months (Google Analytics default)
• Server logs: Typically 90 days for security purposes

09 How We Protect Your Data

We implement appropriate technical and organisational security measures including HTTPS encryption, Cloudflare DDoS protection, WordPress security hardening, and limited access controls. No internet transmission is 100% secure — while we take all reasonable steps to protect your information, we cannot warrant absolute security.

10 Children & Minors

This site is not directed at children under the age of 18. We do not knowingly collect personal information from minors. Under POPIA, processing a child's personal information requires prior consent from a competent person. If you believe your child has provided us with personal information without consent, contact us immediately and we will promptly delete that information.

11 Your Privacy Rights — Overview

To exercise these rights, contact us via our contact page. We will respond within 30 days. For newsletter preferences: update your MailChimp subscriber preferences.

12 POPIA Rights — South African Residents

Information Regulator of South Africa

If you have a complaint we cannot resolve directly, you may contact the Information Regulator:

13 GDPR Rights — EEA & UK Visitors

14 CCPA Rights — California Residents

California residents have rights under the CCPA and CPRA. Categories of personal information collected in the past 12 months:

We do not sell personal information. California residents may request access, deletion, or opt-out of sale (not applicable) via our contact page.

15 Do Not Track

Because no universal technical standard for Do-Not-Track (DNT) signals has been adopted, we do not currently alter our data collection practices in response to DNT signals. If a standard is adopted that we are required to comply with, we will update this policy accordingly.

16 Data Breach Notification

17 Policy Updates

We review and update this Privacy Policy periodically to reflect changes in law, technology, or our data practices. The "Last updated" date at the top of this page indicates the most recent revision. Your continued use of the site after any revision constitutes acceptance of the updated policy.

18 Contact Us & Complaints