Privacy Policy

Ravensdale Digital Services provides website design, web development, ecommerce development, SEO, automation, integrations, website maintenance, and remote technical support services.

For purposes of POPIA, Ravensdale Digital Services may act as the responsible party for personal information collected through our own website and business operations.

Where we process information on behalf of a client as part of a website, ecommerce, hosting, automation, or support project, our client may be the responsible party or controller of that information, and Ravensdale may act as an operator or processor.

We may collect and process different types of personal information depending on how you interact with us.

We only request access details where needed to perform agreed work. Where possible, clients should use secure access methods, role-based permissions, temporary access, or password managers rather than sending passwords in plain text.

We may collect personal information through:

• Website contact forms
• Email communication
• Phone calls
• Project discovery calls
• Client onboarding
• Support requests
• Website analytics tools
• Security and spam-prevention tools
• Third-party platforms used to deliver our services
• Publicly available business information
• Referrals or introductions

We may use personal information for the following purposes:

• To respond to enquiries
• To provide quotes or proposals
• To deliver agreed services
• To manage client relationships
• To provide website maintenance or technical support
• To communicate about projects
• To send administrative or service-related messages
• To improve our website and services
• To monitor website performance and user experience
• To protect our website from spam, abuse, and security threats
• To keep appropriate business, accounting, and legal records
• To comply with applicable laws and lawful requests
• To send marketing communication where permitted or consented to

We do not sell personal information.

Depending on the context and applicable law, we may process personal information based on:

• Consent
• Performance of a contract
• Steps taken before entering into a contract
• Compliance with a legal obligation
• Legitimate business interests
• The need to protect our rights, systems, clients, or website
• Another lawful basis permitted by applicable data protection law

Where we rely on consent, you may withdraw that consent where applicable.

Our website may include contact forms that allow visitors to submit project enquiries or service requests. When you submit a form, we may collect the information you provide and send it to our team by email using our email delivery provider.

We use Brevo SMTP to help deliver form enquiries and service-related email communication.

We may use Cloudflare Turnstile or similar spam-prevention tools to help protect our forms from bots, abuse, and automated spam.

Form submissions should only include information necessary for us to understand and respond to your enquiry.

Our website may use cookies, analytics tools, pixels, scripts, or similar technologies to understand website performance, improve user experience, measure traffic, and protect the website from abuse.

These tools may collect technical and usage data such as page visits, browser information, device type, referral source, and interaction patterns.

We may use tools such as:

• Google Analytics
• Google AdSense on blog articles where enabled
• Microsoft Clarity
• Cloudflare services
• Search Console and related performance tools
• Other analytics, security, or performance tools where appropriate

For more detail, please refer to our Cookie Policy.

You can manage cookies through your browser settings. Some website features may not work properly if cookies or scripts are disabled.

We may send marketing or educational communication if:

• You have subscribed to receive it
• You have requested information from us
• You are an existing client and the communication is relevant to our services
• We are otherwise permitted to do so under applicable law

You can opt out of marketing communication at any time by using the unsubscribe option where available or by contacting us.

We may still send service-related messages that are necessary for active projects, support, billing, security, or administration.

We may share personal information with trusted third parties where necessary to operate our website, provide services, communicate with you, or comply with legal obligations.

These may include:

• Email delivery providers
• Hosting providers
• Cloud infrastructure providers
• Analytics providers
• Security and spam-prevention providers
• Payment or billing providers where applicable
• Project management or communication tools
• Professional advisers
• Contractors or service providers assisting with agreed work
• Legal authorities where required by law

We require service providers to process personal information only for the purposes for which it was provided and to apply appropriate safeguards.

Some of the tools and service providers we use may process or store information outside South Africa or outside your country of residence.

Where personal information is transferred internationally, we aim to ensure that appropriate safeguards are in place as required by applicable data protection laws.

This may include contractual safeguards, service provider terms, recognised transfer mechanisms, or other lawful transfer bases.

We take reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction.

These measures may include:

• Secure hosting practices
• SSL/TLS encryption
• Access controls
• Password and credential security practices
• Spam and bot protection
• Backups where appropriate
• Security monitoring where appropriate
• Software updates and maintenance
• Limited access to personal information based on role and need

No online system can be guaranteed to be completely secure. If we become aware of a security incident affecting personal information, we will take appropriate steps in line with applicable legal requirements.

We retain personal information only for as long as reasonably necessary for the purposes for which it was collected, including legal, accounting, reporting, operational, support, and legitimate business purposes.

Retention periods may vary depending on the type of information and context.

For example:

• Enquiry information may be retained for a reasonable period to allow follow-up and future reference.
• Client project information may be retained for the duration of the client relationship and for a reasonable period afterwards.
• Accounting and transaction records may be retained as required by applicable law.
• Technical logs may be retained for shorter periods unless needed for security, troubleshooting, or legal purposes.

When personal information is no longer needed, we will delete, anonymise, or securely archive it where appropriate.

Depending on your location and applicable law, you may have rights in relation to your personal information, including the right to:

• Request access to your personal information
• Request correction of inaccurate or incomplete information
• Request deletion of personal information where applicable
• Object to certain processing
• Request restriction of processing where applicable
• Withdraw consent where processing is based on consent
• Request transfer of personal information where applicable
• Lodge a complaint with a data protection authority

To exercise your rights, contact us at [email protected].

We may need to verify your identity before responding to certain requests.

If you are in South Africa, you may have rights under POPIA regarding the processing of your personal information.

You may also contact or lodge a complaint with the Information Regulator South Africa if you believe your personal information has been processed unlawfully.

If GDPR or similar data protection laws apply to you, you may have additional rights regarding access, correction, erasure, restriction, objection, portability, withdrawal of consent, and complaints to a supervisory authority.

Where GDPR applies, we will process personal information according to the applicable legal basis and data protection principles.

Our website may contain links to third-party websites, platforms, social media pages, booking tools, payment providers, or client websites.

We are not responsible for the privacy practices, security, or content of third-party websites.

You should review the privacy policies of any third-party websites or services you use.

Our website and services are not directed at children.

We do not knowingly collect personal information from children through our general website forms.

Where we provide services to schools, education providers, healthcare providers, charities, or other organisations that may involve children's information, the handling of such information must be clearly scoped and managed under appropriate client instructions, safeguards, and applicable legal requirements.

As part of our services, we may work on client websites, databases, CRMs, ecommerce stores, analytics accounts, hosting platforms, or other systems that contain personal information.

In those cases:

• The client remains responsible for ensuring they have a lawful basis to collect and process that information.
• Ravensdale will only access or process the information as needed to provide the agreed service.
• We expect clients to provide only the access and information necessary for the work.
• Additional data processing terms may be required for projects involving sensitive or regulated information.

We may update this Privacy Policy from time to time.

When we make changes, we will update the “Last updated” date at the top of this page.

The latest version published on this website will apply from the date of publication.

If you have any questions about this Privacy Policy or how we handle personal information, please contact us: