1. Introduction

At ProfileMe, your privacy and the security of your information are core to how we operate. While no system is completely immune to risk, we apply recognised industry standards to protect your data, and balance strong security with a service that remains easy and convenient to use.

Our Security Commitments

We take reasonable and appropriate steps to safeguard your information, including:

• Secure Hosting: Our platform is hosted in trusted cloud environments with layered defences against unauthorised access.
• Encryption: Personal information is encrypted in transit and at rest using industry-standard security measures.
• Access Controls: Access to administrative tools is restricted to authorised staff, using role-based permissions and stronger login methods such as multi-factor authentication (2FA) where available.
• Monitoring & Logging: We maintain logs of system access and data changes to detect and respond to suspicious activity.
• Backups & Recovery: Regular encrypted backups are performed to support disaster recovery.
• Payment Security: Where payments are processed, they are handled by accredited third-party payment providers under strict contractual and security safeguards.
• Staff Training: Our employees receive training on data protection and security responsibilities.
• Testing & Reviews: We review our security measures regularly and update them in line with best practice and evolving threats.

Third-Party Responsibilities

We rely on reputable service providers to support our platform. While we carefully select and contract with these providers, the security of information stored on or passing through their systems remains their responsibility. All such providers are bound by data protection agreements and required to meet high security standards.

Important Limitations

• We take reasonable steps to prevent harmful code (such as viruses, malware or spyware) but cannot guarantee our site or services will always be free from these risks.
• We cannot accept responsibility for problems caused by:
o incorrect information supplied to us,
o your device or browser being compromised, or
o events outside our control.
We will, however, do our best to assist you if possible.

Your Security Responsibilities

You also play an important role in protecting your information. We recommend that you:

• Use strong, unique passwords and never share them.
• Enable multi-factor authentication where available.
• Log out after using ProfileMe on shared devices.
• Keep your device software and security tools (anti-virus, anti-spyware, firewalls) up to date.
• Run regular security scans and check your browser settings for enhanced protection.
• Only enter personal information on secure pages (look for “https://” and the padlock icon in your browser).
• Stay alert to phishing attempts: ProfileMe will never ask you to confirm login details via email links. If you receive a suspicious message, report it to us immediately.

Reporting Concerns

If you notice suspicious activity or believe your information may have been compromised, please contact our Information Officer: hello@profileme.co.za

Our Right to Act

To maintain the integrity of our systems, we may suspend or restrict access if we detect unauthorised or harmful behaviour.

Continuous Improvement

ProfileMe is committed to continuously improving our security practices to meet the requirements of applicable laws and the expectations of our users and clients, including compliance with the Protection of Personal Information Act (POPIA), the General Data Protection Regulation (GDPR), and the FSCA Joint Communication on Cloud Computing and Offshoring of Data (2025).