Privacy Policy | The Black Roundtable NPC

The Black Roundtable (“BRT”, “we”, “our”, or “us”) is committed to protecting the privacy, confidentiality, and security of all personal information entrusted to us. This Privacy Policy outlines how we collect, process, store, use, share, and protect personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (POPIA) and other applicable South African privacy legislation.

By engaging with BRT—whether through our website, event registrations, email communication, social media, membership platforms, or in person—you acknowledge that you have read and understood this Privacy Policy.

1. SCOPE OF THIS POLICY

This Privacy Policy applies to:
   •   Visitors to BRT websites, applications, or digital platforms
   •   Individuals who register for BRT events, programmes, or initiatives
   •   Members, partners, sponsors, and service providers
   •   Individuals who communicate with BRT via email, social media, messaging services, or other channels
   •   Any person whose personal information is otherwise collected during the operation of BRT activities

This policy does not apply to third-party websites or services accessed through BRT platforms.

2. DEFINITIONS

For the purposes of this Policy:
   •   “Personal Information” means information relating to an identifiable, living natural person or juristic entity.
   •   “Processing” includes collecting, receiving, storing, updating, using, sharing, or deleting information.
   •   “Data Subject” refers to any person whose information we process.
   •   “Responsible Party” refers to BRT as the entity determining the purpose and means of processing information.
   •   “Operator” refers to third parties that process information on behalf of BRT.

3. INFORMATION WE COLLECT

We may collect the following categories of personal information:

3.1 Information You Provide Directly
   •   Full name, surname, title
   •   Email address, phone number, physical address
   •   Employment information, company affiliation, professional role
   •   Event registration details
   •   Payment or invoicing details (where applicable)
   •   Dietary requirements, accessibility needs, or special requests
   •   Submitted documents, proposals, or application forms
   •   Content voluntarily provided (feedback, survey responses, media consent)

3.2 Automatically Collected Information
   •   IP addresses, device information, browser type, operating system
   •   Website usage behaviour (cookies, analytics)
   •   Time and date of website interactions
   •   Interaction with BRT emails and digital campaigns

3.3 Information Collected Through Events
   •   Attendance records
   •   Photographs, videos, and audio captured during BRT events
   •   Consent-based content (interviews, testimonials)

3.4 Information From Third Parties

We may receive information from:
   •   Sponsors, partners, and collaborators
   •   Public databases and online platforms
   •   Service providers (ticketing platforms, payment processors)
   •   Professional networks (LinkedIn or other business directories)

4. PURPOSE FOR PROCESSING PERSONAL INFORMATION

We process personal information strictly for legitimate business and organisational purposes, including:

4.1 Operational and Administrative Purposes
   •   Event registration, management, attendance verification
   •   Membership administration and communication
   •   Issuing invoices, receipts, and financial documentation
   •   Responding to queries or requests
   •   Record-keeping and internal reporting

4.2 Marketing and Communication
   •   Sending event updates, newsletters, and announcements
   •   Providing information relevant to BRT initiatives
   •   Conducting surveys, feedback requests, and membership engagement
   •   Creating promotional content (where consent applies)

4.3 Compliance and Legal Obligations
   •   Fulfilling statutory obligations under POPIA or other legislation
   •   Maintaining security protocols and access controls
   •   Fraud prevention and risk management
   •   Cooperation with lawful investigations

4.4 Enhancement of Services
   •   Website optimisation and analytics
   •   Improving BRT’s events, operations, and member experience
   •   Data-driven insights for organisational development.

5. LAWFUL BASIS FOR PROCESSING

We rely on the following legal bases:
   •   Consent (when voluntarily provided)
   •   Contractual necessity (event attendance, member services)
   •   Legitimate interest (organisational improvement, analytics)
   •   Legal obligation (regulatory compliance)

Data subjects may withdraw consent at any time, subject to legal limitations.

6. STORAGE, SECURITY, AND RETENTION

6.1 Security Measures

We employ reasonable technical and organisational measures to protect personal information, including:
   •   Access controls and authentication requirements
   •   Secure servers and encrypted storage
   •   Regular monitoring, audits, and data-protection protocols
   •   Operator agreements ensuring confidentiality and POPIA compliance

6.2 Data Retention

Personal information is retained for as long as required to:
   •   Fulfil the purpose for which it was collected
   •   Comply with legal, accounting, and reporting requirements
   •   Maintain legitimate organisational records

When no longer needed, data will be securely deleted or anonymised.

7. SHARING AND DISCLOSURE OF PERSONAL INFORMATION

BRT may share personal information under the following conditions:

7.1 Internal Use
• With authorised BRT directors, management, staff, or volunteers
• For operational, administrative, and strategic functions

7.2 External Operators and Service Providers
   •   Event management platforms
   •   Payment processors
   •   IT service providers
   •   Marketing and media agencies
   •   Professional advisors (legal, accounting, compliance)

All operators are required to uphold POPIA standards.

7.3 Sponsors and Partners

Limited information may be shared where:
   •   Required for event logistics
   •   Necessary for partnership deliverables
   •   You have provided consent

7.4 Legal and Regulatory Requests

We may disclose information when legally compelled or where necessary to protect BRT’s rights or interests.

8. CROSS-BORDER TRANSFERS

Some service providers may store or process data outside South Africa.
In such cases, BRT ensures that:
   •   Adequate protection measures are in place
   •   The receiving country’s laws provide comparable privacy safeguards
   •   Operators contractually commit to POPIA-aligned standards.

9. YOUR RIGHTS AS A DATA SUBJECT

Under POPIA, you have the right to:
   •   Access your personal information
   •   Correct or update inaccurate information
   •   Request deletion where legally permissible
   •   Withdraw consent for processing
   •   Object to certain types of processing
   •   Request restriction of processing
   •   Lodge a complaint with the Information Regulator

Requests can be submitted via BRT’s official contact details.

10. USE OF COOKIES AND DIGITAL TRACKING

BRT uses cookies and similar technologies to:
   •   Improve website functionality
   •   Analyse traffic patterns
   •   Personalise user experience
   •   Support marketing analytics

Users may disable cookies through browser settings, although some features may not function optimally.

11. PHOTOGRAPHY, VIDEOGRAPHY & MEDIA RIGHTS

By entering a BRT event or space, attendees acknowledge that:
   •   BRT may capture photos, videos, or audio recordings
   •   These may be used for marketing, archival, or organisational purposes
   •   Usage may occur across digital platforms, publications, and promotional materials
   •   Individuals may request removal of identifiable content where reasonable

12. CHILDREN’S PRIVACY

BRT does not knowingly collect information from individuals under 18 unless:
• Explicit consent is provided by a parent or guardian
• Collection is necessary for a specific programme or event

13. DIRECT MARKETING

We may contact you regarding:
   •   Upcoming events
   •   Announcements
   •   Opportunities, partnerships, or organisational updates

Recipients may opt out at any time by using provided unsubscribe links or contacting us directly.

14. THIRD-PARTY LINKS

Our platforms may contain links to external sites or applications.
BRT is not responsible for the privacy practices of third-party entities.

15. UPDATES TO THIS PRIVACY POLICY

We may modify or update this Policy periodically.
Revisions will be posted with an updated “Last Updated” date.
Your continued engagement with BRT signifies acceptance of the updated terms.

16. CONTACT INFORMATION

For privacy-related queries, requests, or complaints, please contact:

The Information Officer
The Black Roundtable NPC (BRT)
Email: info@theblackroundtable.co.za
Tel: 065 508 2850

If unresolved, complaints may be lodged with:

The Information Regulator (South Africa)
Email: complaints.IR@justice.gov.za