top of page

Privacy Policy

At Shimi, we are committed to protecting your privacy and ensuring that your Personal Information is collected and used properly, lawfully, and transparently.

This notice explains how we obtain, use and disclose your Personal Information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”), together with the Promotion of Access to Information Act (“PAIA”).

Your privacy is important to us. It is Shimi’s policy to respect your privacy regarding any information we may collect from you across our website,, and other sites we own and operate.

At Shimi, we are committed to protecting your privacy and ensuring that your Personal Information is collected and used properly, lawfully and transparently.

We only ask for Personal Information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.

1. Objective

The objective of this notice is to give effect to the POPI Act and to provide clarity on the following:


1.1.  What Personal Information Shimi collects about a Data Subject and the basis thereof;

1.2.  How Shimi uses and protects the Personal Information of a Data Subject;

1.3.  How long Shimi keeps the Personal Information of a Data Subject; and

1.4.  The rights of a Data Subject regarding their Personal Information.

2. Personal Information

2.1.  Personal information includes:

  • certain information that we collect automatically when you visit our website;

  • certain information collected on registration;

  • certain information collected on submission;

  • and optional information that you provide to us voluntarily;

but excludes:

  • information that has been made anonymous so that it does not identify a specific person;

  • permanently de-identified information that does not relate or cannot be traced back to you specifically;

  • non-personal statistical information collected and compiled by us; and

  • information that you have provided voluntarily in an open, public environment or forum including any blog, chat room, community, classifieds, or discussion board (because the information has been disclosed in a public forum, it is no longer confidential and does not constitute personal information subject to protection under this policy).

2.2.  Common examples

Common examples of the types of personal information which we may collect and process include your:

  • identifying information – such as your name, date of birth, or identification number of any kind;

  • contact information – such as your phone number or email address;

  • address information – such as your physical or postal address; or

  • demographic information – such as your gender or marital status.

2.3.  Sensitive Personal Information 

Depending on the goods or services that you require, we may also collect sensitive personal information including your:

  • financial information – such as your bank account details;

  • sensitive demographic information – such as your race or ethnicity;

  • criminal information – such as information about your commission or alleged commission of any offense or about any related legal proceedings;

  • employment information – including your membership of a trade union; and

  • beliefs – including your political or religious beliefs.

3. Collection

Only information that is adequate, necessary, and relevant to enable Shimi to effectively render a service or assist in any manner required is collected.


3.1.  On Registration

Once you register on our website, you will no longer be anonymous to us. You will provide us with certain personal information when you register on our website.

This personal information will include:

  • your name and surname;

  • your email address;

  • your telephone number;

  • your company name, company registration number, and VAT number;

  • your postal address or street address; and

  • your username and password.

  • We will use this personal information to fulfil your account, provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.​

3.2.  On Order or Request

When you order our goods or request our services from us, you will be asked to provide us with additional information. This personal information will include:

  • your clients’ name and surname;

  • your clients’ email address;

  • your clients’ telephone number; 

  • your clients’ company name, company registration number, and VAT number; and

  • your clients’ postal address or street address.

  • We will use this personal information to fulfil your account, provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.

3.3.  Sensitive Personal Information 

We automatically receive and record internet usage information on our server logs from your browser, such as your Internet Protocol address (IP address), browsing habits, click patterns, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on the website, and the dates and times that you visit the website, paths taken, and time spent on sites and pages within the website (usage information).

3.4.  Electronic Communications sent to Shimi

Electronic communications such as emails, text messages, website posts or any other direct communications are stored by Shimi.

4. Protecting The Data Subject's Personal Information

It is a requirement of POPI to adequately protect Personal Information. Shimi will continuously review its security controls and processes to ensure that Personal Information is secure. The following procedures are in place in order to protect Personal Information:

4.1.  THE SHIMI GROUP INFORMATION OFFICER is Tony Foss whose details are available below and who is responsible for the compliance with the conditions of the lawful processing of Personal Information and other provisions of POPI. 

4.2.  This Policy has been put in place and training on this policy and the POPI Act will be conducted on an ad hoc basis;

4.3.  Each new employee will be required to sign an employment contract containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI;

4.4.  Shimi product suppliers, insurers, and other third-party service providers will be required to guarantee their commitment to the protection of Personal Information;

4.5.  From time to time, Shimi may provide links to websites or mobile applications that it does not own or control. This Notice does not apply to those websites. If a Data Subject chooses to use those websites, he must check the legal and privacy policies or statements posted on each website or mobile application he accesses to understand their privacy practices.

5. How Shimi Uses The Information of A Data Subject

We may use or process any goods or services information, or optional information that you provide to us for the purposes that you indicated when you agreed to provide it to us. Processing includes gathering your personal information, disclosing it, and combining it with other personal information. We generally collect and process your personal information for various purposes, including:

  • goods or services purposes – such as collecting orders or requests for and providing our goods or services;

  • marketing purposes – such as pursuing lawful related marketing activities;

  • business purposes – such as internal audit, accounting, business planning, and joint ventures, disposals of business, or other proposed and actual transactions; and

  • legal purposes – such as handling claims, complying with regulations, or pursuing good governance.

We may use your usage information for the purposes described above and to:

  • remember your information so that you will not have to re-enter it during your visit or the next time you access the website;

  • monitor website usage metrics such as total number of visitors and pages accessed; and

  • track your entries, submissions, and status in any promotions or other activities in connection with your usage of the website.

6. Disclosure

We may share your personal information with:

  • other divisions or companies within the group of companies to which we belong so as to provide joint content and services like registration, for transactions and customer support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services, and communications.

  • an affiliate, in which case we will require the affiliates to honour this privacy policy;

  • our goods or services providers under contract who help provide certain goods or services or help with parts of our business operations, including fraud prevention, bill collection, marketing, technology services (our contracts dictate that these goods or services providers only use your information in connection with the goods or services they supply or services they perform for us and not for their own benefit);

  • credit bureaus to report account information, as permitted by law;

  • banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you utilise the services to receive payments and you meet their criteria); and

  • other third parties who provide us with relevant services where appropriate.

7. How Long Shimi Will Keep Personal Information of A Data Subject

Shimi will always keep the Personal Information of a Data Subject for the period required by law and where it needs to do so in connection with legal action or an investigation in which it is involved. Otherwise, Shimi will keep Personal Information of a Data Subject:

7.1.  For as long as needed to provide the Data Subject with access to services he has requested; or

7.2.  Where the Data Subject has contacted Shimi with a question or request, for as long as necessary to allow Shimi to respond to the question or request and as required by law.

8. The Data Subject's Right Regarding Their Personal Information 

8.1.  The Data Subject is entitled to:

8.1.1.  Request Shimi for access to Personal Information Shimi holds about him;

8.1.2.  Request the correction and/or deletion of his Personal Information on reasonable grounds;

8.1.3.  Request the restriction of the processing of his Personal Information, or object to that processing;

8.1.4.  Withdraw his consent to the processing of his Personal Information (where Shimi is processing his Personal Information based on his consent);

8.1.5.  Withdraw his consent to receive marketing messages;

8.1.6.  Complain to his local data protection authority if his privacy rights are violated, or if he has suffered as a result of unlawful processing of his Personal Information.

8.2.  The details of Shimi’s Information Officer and Head Office are as follows:


NAME: Tony Foss


TELEPHONE NUMBER: 084 688 7272


E-MAIL ADDRESS: [email protected]

9. Amendments To This Policy

Amendments to, or a review of this Policy, will take place on an ad hoc basis or at least once a year. Clients are advised to access Shimi’s website periodically to keep abreast of any changes. Where material changes take place, clients will be notified directly or changes will be stipulated on the Shimi website.

bottom of page