Malec Global Services Group Ltd ("we," "our," "us") respects your privacy and is committed to protecting your personal information. This Policy explains how we collect, use, share, and safeguard information in compliance with:
- South Africa's Protection of Personal Information Act (POPIA)
- Mauritius Data Protection Act 2017 (DPA 2017)
- General Data Protection Regulation (GDPR), where applicable
By using our services or website, you agree to the terms of this Privacy Policy.
1 Information We Collect
We may collect the following categories of personal data:
- Identity Data: Full name, passport/ID details, nationality, date of birth.
- Contact Data: Email, phone number, business address.
- Business Data: Company incorporation documents, tax details, banking information necessary for service delivery.
- Financial Data: Payment details, invoices, and accounting records.
- Immigration/Emigration Data: Residency or work permit details, where required by law.
- Technical Data: IP address, device type, browser information, and cookies for website analytics and security.
2 Lawful Basis for Processing
We process your personal data only where lawful under applicable data protection laws, including:
- Consent: When you give us permission (e.g., submitting forms).
- Contractual necessity: To deliver services you request.
- Legal obligation: To comply with tax, anti-money laundering (AML), and regulatory duties.
- Legitimate interests: To improve services, secure systems, and maintain business operations.
3 How We Use Your Information
Your information may be used for:
- Delivering core services: company incorporation, bank account facilitation, cross-border FDI support, immigration/emigration, import/export, and bookkeeping.
- Compliance with AML, KYC, and regulatory requirements.
- Processing payments and maintaining accounting records.
- Communicating with you regarding your engagement with us.
- Improving service delivery, security, and client experience.
4 Sharing and Transfers
We do not sell personal data. We may share data only where necessary:
- Service Providers & Partners: Trusted third parties assisting in service delivery.
- Regulators & Authorities: To comply with legal obligations (tax, AML, immigration, or company law).
- Cross-Border Transfers: Your data may be transferred between South Africa, Mauritius, and other jurisdictions where our services operate. We ensure that transfers comply with POPIA, DPA 2017, and GDPR (e.g., by using Standard Contractual Clauses where required).
5 Data Retention
We retain personal data only for as long as necessary:
- Financial & tax records: 5 years (as required by law in Mauritius & South Africa).
- Immigration/emigration records: For the period required by immigration authorities.
- General business correspondence: Up to 3 years after end of engagement, unless longer retention is legally required.
6 Security Measures
We use appropriate technical and organizational safeguards, including:
- Encrypted storage of sensitive files.
- Restricted internal access on a need-to-know basis.
- Regular monitoring to prevent unauthorized access, loss, or misuse.
7 Your Rights
You have the following rights under POPIA, DPA 2017, and GDPR (if applicable):
- Access your personal data.
- Request correction or deletion of inaccurate or unnecessary data.
- Object to processing or request restrictions.
- Withdraw consent at any time (where consent is the legal basis).
- Lodge a complaint with your local data protection authority.
8 Cookies and Analytics
Our website may use cookies and analytics tools to improve functionality and measure performance. You can adjust your browser settings to refuse cookies, but this may affect site performance.
9 Updates to This Policy
We may update this Policy periodically. Changes will be posted on our website with the "Last Updated" date.
Contact Our Data Protection Officer
Ebene, 72201, Mauritius