PRIVACY
POLICY

1. Introduction

Sock Club ("we", "us", or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and subscription services, in compliance with the Protection of Personal Information Act 4 of 2013 (POPIA).

We are the "responsible party" as defined in POPIA, and we are responsible for your personal information in our possession.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Register for an account
• Subscribe to our service
• Make a purchase
• Contact us for support

This information may include:

• Identity Information: First name, last name
• Contact Information: Email address, phone number
• Delivery Information: Physical address, delivery preferences
• Account Information: Username, password (encrypted)
• Preference Information: Sock size, style preferences
• Payment Information: Processed securely by Payfast (we do not store full card details)

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• IP address
• Browser type and version
• Device information
• Pages visited and time spent
• Referring website

3. How We Use Your Information

We use your personal information for the following purposes, in accordance with POPIA's lawful processing conditions:

• Contract Performance: To process your subscription, deliver your socks, and manage your account
• Communication: To send you order confirmations, shipping updates, and account notifications
• Customer Service: To respond to your inquiries and provide support
• Marketing: To send promotional communications (with your consent)
• Improvement: To improve our website, products, and services
• Legal Compliance: To comply with legal obligations
• Fraud Prevention: To protect against fraudulent transactions

4. Legal Basis for Processing

Under POPIA, we process your personal information based on:

• Consent: Where you have given us permission (e.g., marketing emails)
• Contract: Where processing is necessary to fulfil our contract with you
• Legal Obligation: Where we are required by law to process your information
• Legitimate Interest: Where we have a legitimate business interest that does not override your rights

5. Sharing Your Information

We may share your personal information with:

• Service Providers: Third parties who help us operate our business (e.g., Payfast for payments, Pudo for deliveries)
• Courier Partners: To facilitate delivery of your subscription
• Legal Authorities: When required by law or to protect our rights

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not sell your personal information to third parties.

6. Data Security

We implement appropriate technical and organisational security measures to protect your personal information, including:

• SSL encryption for data transmission
• Encrypted password storage
• Regular security assessments
• Access controls and authentication
• Secure payment processing through Payfast

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including:

• Active account data: For the duration of your account
• Transaction records: 5 years for tax and legal compliance
• Marketing preferences: Until you withdraw consent

When no longer required, your personal information will be securely deleted or anonymised.

8. Your Rights Under POPIA

As a data subject under POPIA, you have the following rights:

• Right to Access: Request confirmation of what personal information we hold about you
• Right to Correction: Request correction of inaccurate or incomplete information
• Right to Deletion: Request deletion of your personal information (subject to legal requirements)
• Right to Object: Object to the processing of your personal information for direct marketing
• Right to Withdraw Consent: Withdraw consent previously given for processing
• Right to Lodge a Complaint: Lodge a complaint with the Information Regulator

To exercise any of these rights, please contact our Information Officer using the details below.

9. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device that help us:

• Remember your preferences
• Keep you logged in
• Understand how you use our website
• Improve our services

You can control cookies through your browser settings. Note that disabling cookies may affect website functionality.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of our services after such modifications constitutes your acceptance of the updated policy.

12. Contact Us

For any questions about this Privacy Policy or to exercise your rights, please contact our Information Officer:

You may also lodge a complaint with the Information Regulator: