Privacy Policy

1. Introduction

Dimeri (Pty) Ltd ("Dimeri," "we," "us," or "our") is a South African company committed to protecting the privacy and security of your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA) and other applicable data protection laws. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our enterprise risk management platform (the "Service"), or otherwise interact with us.

By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when you:

• Register for an account or subscribe to our Service;
• Request a demonstration or contact our sales team;
• Submit inquiries or requests for customer support;
• Subscribe to our newsletter or marketing communications;
• Participate in surveys, promotions, or other interactive features;
• Otherwise communicate with us.

This information may include, but is not limited to: your name, email address, telephone number, company name, job title, billing address, payment information, and any other information you choose to provide.

2.2 Information Collected Automatically

When you access or use our Service, we automatically collect certain information, including:

• Device Information: Information about your device, including device type, operating system, unique device identifiers, browser type, and browser language;
• Log Information: Server logs that record information about your use of the Service, including access times, pages viewed, IP address, and the page you visited before navigating to our Service;
• Usage Information: Information about your interactions with the Service, including features used, actions taken, and time spent on various pages;
• Location Information: General location information inferred from your IP address.

2.3 Information from Third Parties

We may receive information about you from third parties, including business partners, marketing partners, social media platforms, data brokers, and publicly available sources. This information may be combined with other information we collect about you.

2.4 Cookies and Similar Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities and to distinguish you from other users of our Service. For more information about our use of cookies, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide, maintain, and improve our Service;
• Process transactions and send related information, including purchase confirmations and invoices;
• Create and manage your account;
• Send you technical notices, updates, security alerts, and administrative messages;
• Respond to your comments, questions, and requests, and provide customer service;
• Communicate with you about products, services, offers, promotions, and events, and provide other news and information we think will be of interest to you;
• Monitor and analyze trends, usage, and activities in connection with our Service;
• Detect, investigate, and prevent fraudulent transactions and other illegal activities, and protect the rights and property of Dimeri and others;
• Personalize and improve your experience with our Service;
• Comply with legal obligations and enforce our terms and policies;
• Carry out any other purpose described to you at the time the information was collected.

4. Legal Basis for Processing

Dimeri is a South African company and processes personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA). We process your personal information based on the following legal grounds:

• Contractual Necessity: Processing necessary to perform our contract with you or to take steps at your request prior to entering into a contract;
• Legitimate Interests: Processing necessary for our legitimate interests, provided those interests are not overridden by your rights and interests, including to operate, maintain, and improve our Service, to communicate with you, and to prevent fraud;
• Consent: Processing based on your consent, which you may withdraw at any time;
• Legal Obligation: Processing necessary to comply with applicable South African laws and regulations.

For users located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data protection laws, we also comply with applicable local requirements including GDPR where relevant.

5. Disclosure of Your Information

We may share your personal information in the following circumstances:

• Service Providers: We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance;
• Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company;
• Affiliates: We may share your information with our corporate affiliates for purposes consistent with this Privacy Policy;
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency);
• Protection of Rights: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, illegal activities, or as evidence in litigation in which we are involved;
• With Your Consent: We may share your information for any other purpose with your consent.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.

When determining the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and applicable legal requirements.

7. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. These measures include, but are not limited to:

• Encryption of data in transit and at rest using industry-standard protocols;
• Regular security assessments and penetration testing;
• Access controls and authentication mechanisms;
• Employee training on data protection and security practices;
• Incident response procedures.

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security measures and improperly collect, access, steal, or modify your information.

8. International Data Transfers

Dimeri is registered in South Africa and serves users globally. By using our Service, you expressly consent to the collection, transfer, processing, and storage of your personal information in any country where we or our service providers maintain facilities, including but not limited to South Africa, the European Union, United States, and other regions worldwide.

8.1 Global Data Processing

We may process your data in any jurisdiction at our discretion to provide the Service efficiently. Data storage locations vary based on subscription tier:

• Free Tier: Data is processed on shared global cloud infrastructure. We transfer and process your data in any jurisdiction necessary to operate the Service. By using the free tier, you provide express consent to such transfers without restriction.
• Professional Tier: Data is processed with enhanced security measures. Regional preferences may be requested but are not guaranteed.
• Enterprise Tier: Data residency options may be available upon request and subject to additional fees and separate agreement.

8.2 Your Consent to Transfers

By using the Service, you acknowledge and agree that:

• Your data may be transferred to and processed in countries with different data protection laws than your own;
• You consent to such transfers as necessary to provide the Service;
• Dimeri is not responsible for compliance with data protection laws in your jurisdiction beyond what is explicitly agreed in writing;
• You waive any claims against Dimeri relating to cross-border data transfers.

9. Your Rights and Choices

9.1 Your Rights Under POPIA

Under the Protection of Personal Information Act (POPIA), you have the following rights regarding your personal information:

• The right to be notified that your personal information is being collected and processed;
• The right to access your personal information that we hold;
• The right to request correction or deletion of your personal information;
• The right to object to the processing of your personal information;
• The right to submit a complaint to the Information Regulator;
• The right not to be subject to automated decision-making.

To exercise any of these rights, please contact our Information Officer at privacy@dimeri.com.

9.2 Account Information

You may update, correct, or delete your account information at any time by logging into your account settings or by contacting us. Please note that we may retain certain information as required by law or for legitimate business purposes.

9.3 Marketing Communications

You may opt out of receiving promotional communications from us by following the unsubscribe instructions included in each promotional email or by contacting us directly. Even if you opt out of promotional communications, we may still send you non-promotional messages, such as those about your account or our ongoing business relations.

9.4 Cookies

Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Service.

9.5 Rights for International Users

If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data protection laws, you may have additional rights under applicable local law, including rights under GDPR. To exercise these rights, please contact us at privacy@dimeri.com.

10. Children's Privacy

Our Service is not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under age 16 without verification of parental consent, we will delete that information promptly. If you believe we might have any information from or about a child under 16, please contact us at privacy@dimeri.com.

11. Third-Party Links and Services

Our Service may contain links to third-party websites, services, or applications that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the "Last Updated" date displayed at the top of this Privacy Policy. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the terms.

13. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, or if you wish to exercise any of your rights, please contact our Information Officer at:

Dimeri (Pty) Ltd
Registration No: 2024/XXXXXX/07
Attn: Information Officer
Johannesburg, Gauteng
South Africa

Email: privacy@dimeri.com

You also have the right to lodge a complaint with the Information Regulator of South Africa:

Information Regulator (South Africa)
SALU Building, 316 Thabo Sehume Street
Pretoria, 0002
Email: inforeg@justice.gov.za
Website: www.justice.gov.za/inforeg

For users in other jurisdictions, you may also have the right to lodge a complaint with the supervisory authority in your country.