Privacy Policy

I. General provisions and definitions

  1. Vululwani Technologies’ s Website connect individuals to the Vululwani Technologies looking for funding. The Privacy policy of Vululwani Technologies’ s Website is based on the personal data protection requirements and principles adopted by virtue of Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Regulation (EU) 2016/679 or General Data Protection Regulation).
  2. The terms listed below have the meanings assigned to them in the Regulation (EU) 2016/679 (General Data Protection Regulation) and the accompanying Policy:
  • Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • Controller means any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or the other applicable law.
  • Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
  • Data subject is an identified or identifiable natural person who can be identified, directly or indirectly, based on particular information representing personal data;
  1. Vululwani Technologies acknowledges the privacy of natural persons and makes efforts to protect them against any unlawful processing of their personal data. Vululwani Technologies applies the relevant technical and organisational measures to protect the personal data of natural persons in accordance with the effective legislation.

II. Processing of personal data

  1. VULULWANI TECHNOLOGIES Website, in its capacity as controller/processor of personal data, processes personal data in a manner that ensures appropriate level of security, including protection against unauthorised or illegal processing and against accidental loss, destruction or damage, while applying suitable technical and / or organisational measures in compliance with the following principles:
  • lawfully, fairly and in a transparent manner in relation to the data subject (“lawfulness, fairness and transparency”)
  • data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (“appropriateness in the processing of personal data and purpose limitation”)
  • adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimisation”)
  • accurate and kept up to date
  • limitation of the storage for periods not longer than necessary for the purposes for which they are processed (“storage limitation”)
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures (“integrity and confidentiality”).
  1. VULULWANI TECHNOLOGIES Website processes personal data only if and to the extent at least one of the conditions listed below shall apply:
  • Processing is required for the performance of an agreement with the Vululwani Technologies under which the data subject is party or to undertake steps at the request of the data subject prior to the signing of an agreement with the Vululwani Technologies.
  • Processing is required for compliance with a legal obligation which applies to the Vululwani Technologies Website in its capacity as controller/processor of personal data.
  • the data subject has given consent for the processing of their personal data for one or more specific purposes. In the cases when personal data are processed solely on the grounds of consent, the data subject has the right to withdraw such consent at any time. Withdrawal of the consent of the data subject is not applicable in the cases when the processing of the data is based on the provisions of items above.
  1. Vululwani Technologies Website, in its capacity as controller/processor, does not process personal data which reveal racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, and the processing of genetic data, biometric data solely for the purpose of identification of the natural person, data concerning health or data concerning sex life or sex orientation of the natural person unless the data subject have given an explicit consent for the processing of such data for one or more specific purposes.

III. Purpose of personal data processing

Type of purpose

Vululwani Technologies’ s Website collect information from you when you register on our site, fill out a form, create an account or enter information on our site.
Vululwani Technologies’ s Website may use the information we collect from you when you register, surf the website, use the apps, or use certain other site features in the following ways:

IV. Rights of the data subjects

  1. Right to information (in relation to the processing of the data subject’s personal data by the Vululwani Technologies – the natural persons that are data subjects have the right to receive information as to the Vululwani Technologies as personal data controller/processor, as well as the processing of their personal data.
  2. Right of access to own personal data – the data subjects have the right to receive from the Vululwani Technologies confirmation as to whether personal data related to them are processed and if so, to be given access to the data and the following information: purpose of the processing; respective personal data categories; personal data recipients or categories of recipients, if any; the intention of the controller to transmit personal data to a third party (where applicable); personal data storage period; existence of the right to correct personal data, as well as the right to object against the processing of personal data; existence of automated decision making, including profiling (if any); information as to all rights that the data subject has; the right to file a complaint with the supervision authority.
  3. Right to rectification of personal data (if data is not accurate) – the data subject has the right to request the Vululwani Technologies to rectify, without undue delay, any incorrect data pertaining to the data subject.
  4. Right to erasure of personal data (right “to be forgotten”) – the data subject may request from the Vululwani Technologies’ s Website to erase personal data, if any of the conditions listed below exist:
  • Personal data are no longer needed for the purposes they have been collected for or processed otherwise;
  • The data subject withdraws his / her consent, which data processing is solely based on, and no other legal grounds for the processing exist (processing due to regulatory obligation of the Vululwani Technologies’ s Website, an agreement signed with the Vululwani Technologies;
  • The data subject objects against the processing and no legal grounds for the processing exist that prevail.
  • The personal data were processed unlawfully;
  • The personal data should be erased in order to comply with a legal obligation under the European Union law or the other applicable law which apply to the Vululwani Technologies’ s Website in its capacity as personal data controller;
  • The personal data have been collected in relation to the offering of information society services to children and consent was given by the holder of parental responsibilities for the child.
  1. Right to limitation of processing by the Vululwani Technologies’ s Website or by the personal data processor – specific conditions are required to be in place for that right to be exercised, namely:
  • Accuracy / up to date nature of the data is disputed by the data subject. In this case the limitation of the processing is over a period allowing the Vululwani Technologies’ s Website to check the accuracy of the personal data;
  • The processing is unlawful, but the data subjects do not wish their personal data to be erased, but rather require limitation of their use;
  • The Vululwani Technologies’ s Website no longer needs such personal data for processing purposes, but the data subject requires them for establishing, exercising or defending legal claims;
  • The data subject has objected to the processing while awaiting a check to be performed whether the Vululwani Technologies’ s Website ‘s legal grounds prevail over the interests of the data subject.
  1. Right to transferability (data portability) of the personal data between the various controllers – the data subjects have the right to receive personal data pertaining to them, which they have provided to the Vululwani Technologies’ s Website in a structured, widely used and machine readable format and have the right to transfer such data to another controller without hindrance by the Vululwani Technologies’ s Website to which personal data has been provided, when processing is based on consent or contractual obligation and the processing is automated. When exercising the right to transferability the data subject has the right to receive also direct transfer of the personal data from the Vululwani Technologies’ s Website to another controller, where technically feasible.
  2. Right to object against the processing of their personal data – data subjects have the right to object before the Vululwani Technologies’ s Website against the processing of their personal data, whereby the Vululwani Technologies’ s Website shall cease such processing, unless Vululwani Technologies’ s Website is able to prove that compelling legitimate grounds for the processing exist that override the interests, rights and freedoms of the data subject, or for the establishment, exercising or defence of legal claims. In case of objection against the processing of personal data for direct marketing purposes the Vululwani Technologies’ s Website shall cease such processing forthwith.
  3. The data subject also has the right not to be subject to decision based solely on automated processing, including profiling, which ensues legal consequences for the data subject or significantly affects the data subject otherwise.
  4. Right to defence through judicial or administrative procedure if the data subject’s rights have been breached – if the data subjects decide that their right to personal data protection and privacy has been violated, they may file a complaint with the relevant supervision authority – or to file a claim with the court to defend their rights.

V. Disclosure of personal data

  1. Vululwani Technologies’ s Website administrators may disclose the personal data to the following categories of persons:
  • The persons whom the data relate to, namely: persons using Vululwani Technologies’ s Website services or products, or persons filing a request to use Vululwani Technologies’ s Website services, as well as persons who are party to Vululwani Technologies’ s Website and / or other transactions and contractual relations with the Vululwani Technologies’ s Website;
  • Persons that have right to access to personal data by virtue of law or another regulation;
  • Persons as to whom the right to disclosure is stipulated in an agreement signed with the Vululwani Technologies.

VI. Exercise the rights

  1. In exercising their right to access natural persons have the right to request from Vululwani Technologies at any time:
    Confirmation as to whether data related to them are processed by the Vululwani Technologies’ s Website, the purpose of the processing, the data category and recipients of such data or the categories of recipients’ data is disclosed to;
    To send them a message in an understandable format, containing the personal data subject to processing and any information available as to the source of such data;
    Information as to the logic of any automated processing of personal data pertaining to natural persons, at least in the case of automated decisions under the provisions of the General Data Protection Regulation
  2. Upon request Vululwani Technologies provides the information under paragraph 1 free of charge.
  3.  Natural persons have the right to request at any time that Vululwani Technologies’ s Website: erases, rectifies or blocks their personal data the processing of which is not compliant with the requirements of the effective legislation
    notifies the third parties to which the personal data of the natural persons have been disclosed as to any erasure, rectification or blocking in accordance with item 1 above, except when this proves to be impossible or would involve a disproportionate effort.
  4. Natural persons exercise their rights by filing a written request (by e-mail) to the Vululwani Technologies, containing as a minimum the following information:
    name, personal ID number, address and other data allowing identification of the respective natural person;
    description of the request;
  5. The filing of the request is free of charge.
  6. Upon filing of a request by an authorised person, the notarised power of attorney must be attached to the request.
  7. In case of death of the natural person, his / her rights are exercised by his / her heirs and certificate of heirs shall be attached to the request. The Vululwani Technologies Website Administrators shall review and pronounce on the request within 1 month as of its filing. This period may be extended by further two months, if necessary. The Vululwani Technologies Website Administrators informs the data subject as to any such extension within 1 month as of receipt of the request, stating the reasons for the delay. When the data subject files a request by electronic means, the information is provided electronically, if possible, unless the data subject has requested otherwise.
    The Vululwani Technologies Website Administrators provides an answer to the requesting person taking into account their preferred form for the provision of the information (orally or in writing – as a hard copy of electronically).
    Where data do not exist or their provision is forbidden by law, access of the requesting party to such data is refused.
    If the requesting party is not satisfied with the response received and / or believes that their rights related to personal data protection were violated, they are entitled to exercise their right to

VII. Information for the data subject:

Contact details with Vululwani Technologies:

Fancourt Office Park, Building 10, Office G, Boundary Park, Northriding, 2162

VIII. Privacy Policy Publication date

This privacy policy was updated on 14th June 2022

Vululwani Technologies maintains the right to update the privacy policy on the site without prior notice. 

We Collect Data About You in the Following Instances:

• Joining our newsletter
• Downloading resources
• Inquiries on our services
• Filling in an online form
• Applying to our team

Our services are not intended for children, therefore we do not knowingly collect data from any natural person under the age of 18. 

More Information
The baseline standards for our personal data processing operations are the relevant national and international regulations and we adhere to the requirements, principles and recommendations set forth by the European General Data Protection Regulation (GDPR). We strive for transparency in our data processing activities while also raising the bar as our knowledge and scope grow. For this reason, We may update this Privacy Statement from time to time. If we make any substantial changes to our processing, we will proactively inform you.

Apex Privacy acts as a controller for the personal data , namely the representatives of our corporate clients, potential clients and other stakeholders such as suppliers and their representatives. Apex Privacy will also act as a processor for personal data in the context of providing our services to our clients. For example, when a client provides us with access to databases, software and communication tools during a privacy audit. Our customers always remain controllers of this personal data.

Our core business is not the collection of your personal data. We process a minimum amount of personal data, only what is necessary to offer and provide our services, which allows us to operate our business. We will only process your personal data on predefined purposes and we make sure that we have a clear legal basis for doing so.

• Contact & Identity Data: includes an email address, name and phone number.
• Usage Data
• Aggregated data that helps us understand how to optimize our website to provide a better user experience
• Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system device technology used to access this site.

• Where we need to perform the contract we are about to enter into or have entered into with you
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
• Where we need to comply with a legal or regulatory obligation to engage with you in a recruitment process

We use third-party service providers to deliver our services and optimize how we operate our business. We audit our service providers who process your personal data to ensure that they do so in accordance with the laws and relevant data protection practices.

More Information
To ensure the processing of your personal data is performed in accordance with our standards, we enforce data processing agreements with every service provider we use for the personal data processing. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We will not disclose any personal data you have given to us other than as described in this statement, unless you have authorized us to so do, or if we are required to do so by law.

Apex Privacy has an appropriate information security policy tied to procedures that protect personal data from breach, misuse and loss. We ensure we have technical and operational measures in place that define a standard for how we protect our client data.

More Information
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons whose personal data are subject to the GDPR, ApexPrivacy has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the following as appropriate: the pseudonymisation and encryption of personal data; the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to data in a timely manner in the event of a physical or technical incident; and a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. We guarantee that your data is kept confidential and secure. All the employees authorized to process your data are committed themselves to confidentiality. We have a procedure to manage data breaches which allow us to assess the possible risks, notify the relevant authorities and alert you in case your personal data may have been affected. We ensure awareness within our organization through regular training and consultation.

You have several rights concerning your personal data, such as the right to access, update, delete and have a copy of such data as well transfer it between IT environments of your choosing. We seek to ensure that you can exercise your rights efficiently. You exercise your rights by reaching us at

More Information
Under the law, you are granted six fundamental rights when data about you is being processed. We will ensure to reach out without undue delay when you submit a request related to exercising your data subject rights. Although uncommon, when applicable for official or legal reasons we may be unable to address the specific request you make related to your rights. As a data subject, you may: request access to the personal information we process about you; request that we correct inaccurate or incomplete personal information about you; request deletion of personal information about you; request restrictions, temporarily or permanently, on our processing of some or all personal information about you; request transfer of personal information to you or a third party where we process the data based on your consent or a contract with you, and where our processing is automated; and opt-out or object to our use of personal information about you where our use is based on your consent or our legitimate interests. If you wish to exercise your rights, or if you have any other question relating to your rights or this privacy statement, please contact us at You also have the right to lodge a complaint with a supervisory authority.

We use cookies and other similar technologies to collect data on how our website is used. Through this analysis, we are able to improve and optimize our website user experience. For example, we get information on which service pages you go to, what blog texts you might be interested and how you navigate between the pages. In order to develop our website, it is important to know what kind of website content is most efficient and functional, this way we know what stays, what goes and what needs to be tweaked. The data we collect also helps us personalize services and marketing to you. We can, for example, define our customer personas and share content with you that you really respond to or might prove more useful. You can always disable cookies altogether in the browser settings or you can delete cookies from the browser and disable all targeted advertising and communication based on your previous visits on our website.

More Information
What are your options regarding cookies If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please check our instructions on how to disable cookies on your chosen browser as per below:

• Internet Explorer
• Chrome
• Firefox
• Safari

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, such as you will not be able to store your preferences and our Service might not display properly.

We have determined retention periods based on the purpose of the processing and the rules set forth within the GDPR. For example, the GDPR requires us to remove data when it has served its purpose and is no longer of use. We review the personal data we collect (e.g. the information of our business contacts) regularly to ensure that the personal data we have is up-to-date and is not retained longer than needed or required by the regulation.

More Information
If you wish to have more detailed information about our retention times, please contact us at

We may also provide links to other websites or services and provide access to products and services offered by third parties, whose privacy policies we don’t control. If you click on a link to an external site you will be subjected to that organization’s privacy policy, and not ours.