Privacy Policy

Arcangel Protection Services (Pty) Ltd. Effective Date: 2026/02/19
Last Update: 2026/06/03

1. Introduction

Arcangel Protection Services ("Arcangel", "we", "us", or "our") is committed to protecting the privacy, confidentiality, integrity, and security of personal information entrusted to us.

This Privacy Policy explains how we collect, use, disclose, store, protect, and process personal information obtained through:

• Our website located at www.arcangel.co.za

• Email communications

• Telephone enquiries

• Contact forms

• Recruitment processes

• Business relationships

• Service enquiries

• Marketing communications

This Privacy Policy has been developed in accordance with the Protection of Personal Information Act, 2013 ("POPIA") and reflects internationally recognised privacy principles, including those contained within the General Data Protection Regulation ("GDPR") where applicable.

By using our website or providing personal information to us, you acknowledge that you have read and understood this Privacy Policy.

Arcangel Protection Services is a company incorporated in the Republic of South Africa and complies with:

• The Protection of Personal Information Act, 4 of 2013 (POPIA)

• The General Data Protection Regulation (EU) 2016/679 (GDPR), where applicable

We process personal information lawfully, fairly, and transparently, and only for legitimate business purposes.

2. Who We Are

Arcangel Protection Services provides professional protection, security consulting, risk management, intelligence support, residential security, executive protection, and related professional services.

For purposes of applicable privacy legislation, Arcangel acts as the responsible party or data controller in relation to personal information processed through our website and business activities.

Contact Information

• Arcangel Protection Services

• Website: www.arcangel.co.za

• General Enquiries: hello@arcangel.co.za

• Privacy Enquiries: privacy@arcangel.co.za

• Telephone: +27 86 026 4357
  

3. Personal Information We Collect

We may collect and process the following categories of personal information:

3.1 Information You Provide Directly

• Full name

• Email address

• Telephone number

• Physical or business address

• Company name and position (where applicable)

• Any information submitted via contact forms, inquiries, proposals, or service engagements

3.2 Information Collected Automatically

When you use our website, we may collect:

• IP address

• Browser type and version

• Device type and operating system

• Website usage data

• Cookies and analytics data

We do not intentionally collect sensitive personal information unless required for lawful service delivery and with appropriate safeguards.

Depending on your interaction with us, we may collect:

Identity Information

• Full name

• Title

• Date of birth (where required)

• Identification information

• Nationality (where operationally required)

Contact Information

• Email address

• Telephone number

• Physical address

• Postal address

Professional Information

• Company name

• Position or job title

• Business contact details

Recruitment Information

If you apply for employment or contracting opportunities, we may collect:

• Curriculum Vitae (CV)

• Employment history

• Qualifications

• Certifications

• References

• Background screening information

• Vetting information where legally permitted

Communications Information

Information contained within:

• Website enquiries

• Contact forms

• Emails

• Telephone communications

• Customer service interactions

Technical Information

When you visit our website, we may automatically collect:

• IP address

• Browser type

• Device type

• Operating system

• Website usage information

• Referring websites

• Pages viewed

• Date and time of access

4. Lawful Basis for Processing

We process personal information under one or more of the following lawful bases:

• Performance of a contract

• Compliance with legal obligations

• Legitimate business interests

• Consent (where required)

Under GDPR, processing will only occur where a valid legal basis exists.

5. How We Use Personal Information

Your personal information may be used to:

• Respond to inquiries and service requests

• Provide and manage protective, advisory, and consulting services

• Prepare proposals, agreements, and service documentation

• Communicate operational updates or relevant security information

• Improve our website functionality and service delivery

• Comply with legal, regulatory, and compliance obligations

• Prevent fraud, misuse, or unlawful activity

We limit processing to what is necessary and proportionate for these purposes.

6. Disclosure of Personal Information

We do not sell, rent, or trade personal information.

We may disclose personal information to:

• Authorised employees, contractors, and operational personnel under confidentiality obligations

• Trusted third-party service providers (e.g., secure cloud hosting, IT infrastructure, analytics providers)

• Legal, regulatory, or law enforcement authorities when required by law

Where third parties process personal information on our behalf, they are contractually bound to maintain confidentiality and adequate data protection standards.

We process information for legitimate business purposes including:

Service Delivery

• Responding to enquiries

• Providing quotations

• Delivering services

• Managing client relationships

Operational Purposes

• Internal administration

• Security management

• Risk assessment

• Quality assurance

Legal and Regulatory Compliance

• Compliance with legal obligations

• Regulatory requirements

• Lawful requests from authorities

Recruitment

• Evaluating applicants

• Conducting recruitment processes

• Vetting candidates where appropriate

Website Administration

• Maintaining website security

• Improving website functionality

• Monitoring website performance

Marketing Communications

Individuals may opt out of marketing communications at any time by contacting us or using the unsubscribe functionality contained in such communications.

Where legally permitted or consented to:

• Newsletters

• Company updates

• Service announcements

• Industry insights

Individuals may opt out of marketing communications at any time.

7. Cross-Border Data Transfers

Where personal information is transferred outside South Africa or the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

• Adequacy decisions (where applicable)

• Standard contractual clauses

• Contractual data protection commitments

Where applicable, Arcangel processes personal information on one or more of the following bases:

• Consent

• Contractual necessity

• Legal obligation

• Legitimate business interests

• Protection of vital interests

• Public interest obligations

8. Data Retention

We retain personal information only for as long as necessary to:

• Fulfil the purpose for which it was collected

• Comply with legal, regulatory, or contractual obligations

• Resolve disputes and enforce agreements

When information is no longer required, it is securely deleted or anonymised.

Arcangel may disclose personal information to:

Internal Personnel

Authorised employees, contractors, and representatives who require access for legitimate business purposes.

Service Providers

Including:

• IT providers

• Website hosting providers

• Cloud service providers

• Recruitment service providers

• Professional advisers

Regulatory Authorities

Where required by law or lawful process.

Law Enforcement Agencies

Where disclosure is legally required or necessary to protect legitimate interests.

Arcangel does not sell personal information to third parties.

9. Information Security

We implement appropriate technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These measures include:

• SSL/TLS encrypted communications

• Secure access controls and role-based permissions

• Secure data hosting environments

• Regular system reviews and audits

• Data protection awareness and training

• Data minimisation practices

Where required by applicable law, Arcangel will notify affected individuals and relevant regulatory authorities of eligible personal information breaches within the timeframes prescribed by law.

10. Your Rights

Subject to applicable law (POPIA and/or GDPR), you may have the right to:

• Access the personal information we hold about you

• Request correction or updating of inaccurate information

• Request deletion of personal information (where legally permissible)

• Object to or restrict processing

• Withdraw consent where processing is based on consent

• Lodge a complaint with the South African Information Regulator or relevant EU supervisory authority

To exercise your rights, please contact: privacy@arcangel.co.za

We may require verification of identity before processing certain requests.

11. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

• Analyse traffic and website performance

• Enhance user experience

• Improve website functionality

You may manage cookie settings through your browser. Continued use of our website constitutes acceptance of our cookie practices as described in this policy.

12. Third-Party Websites

Our website may contain links to external websites. We are not responsible for the privacy practices, content, or security of third-party websites. We encourage users to review the privacy policies of those sites.

13. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements or operational practices.

The updated version will be published on this page with a revised effective date. Continued use of our services after updates constitutes acceptance of the revised policy.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal information, please contact: privacy@arcangel.co.za

15. Children's Privacy

Arcangel Protection Services and its affiliated entities do not knowingly collect, solicit, or process personal information from children under the age of 13 years.

Our website, products, and services are intended for individuals who are at least 13 years of age. If a parent or legal guardian becomes aware that a child under the age of 13 has provided us with personal information without appropriate consent, they should contact us immediately at privacy@arcangel.co.za.

If we become aware that we have inadvertently collected personal information from a child under the age of 13, we will take reasonable steps to delete such information from our systems as soon as practicable.

Parents and guardians who believe that a child has submitted personal information to Arcangel may contact us to request review, correction, or deletion of that information.

16.Your Privacy Rights

Subject to applicable law, you may have the right to:

• Request access to your personal information;

• Request correction of inaccurate information;

• Request deletion of information;

• Object to certain processing activities;

• Withdraw consent where processing relies on consent;

• Request restriction of processing;

• Lodge a complaint with a regulatory authority.

Requests may be submitted to: privacy@arcangel.co.za

17. CHANGES TO THIS PRIVACY POLICY

Arcangel reserves the right to update this Privacy Policy from time to time.

Any changes will be published on this page together with an updated effective date.

Continued use of the website following publication of changes constitutes acknowledgement of the revised Privacy Policy.

Compliants:

South African Information Regulator

Website: https://www.inforegulator.org.za

Email: POPIAComplaints@inforegulator.org.za