Privacy Policy

Last updated: 7 April 2026

At Castlerock, we take your privacy seriously. This policy explains how we collect, use, store, and protect your personal information when you interact with our website and services.

We are committed to handling your information responsibly, transparently, and in line with applicable data protection laws, including the Protection of Personal Information Act (POPIA) and, where applicable, the General Data Protection Regulation (GDPR).

1. Who We Are

Castlerock is a Managed IT Services provider operating in South Africa, the United Kingdom, and Ireland.

If you have any questions about this policy or your data, you can contact us at:
hello@castlerock.co.

2. What Information We Collect

We may collect and process the following types of personal information:

  • Contact information (name, email address, phone number)
  • Business information (company name, job title)
  • Technical data (IP address, browser type, device information)
  • Website usage data (pages visited, time spent, interactions)
  • Any information you provide via forms, enquiries, or support requests

We typically collect this information directly from you when you:

  • Submit a contact form
  • Engage with our services
  • Communicate with us via email or phone
  • Browse our website

3. How We Use Your Information

We use your personal information to:

  • Respond to enquiries and provide support
  • Deliver and manage our services
  • Improve our website and user experience
  • Communicate relevant updates, insights, or services
  • Meet legal and regulatory obligations

We only process your information where we have a lawful basis to do so, including your consent, contractual necessity, or legitimate business interests.

4. Sharing Your Information

We do not sell your personal information.

We may share your data with trusted third parties where necessary, including:

  • Service providers and partners who help us deliver our services
  • Technology platforms (e.g. hosting, analytics, CRM systems)
  • Regulatory or legal authorities where required

Where third parties process data on our behalf, they are required to protect it and use it only for the agreed purpose.

5. International Data Transfers

As a business operating across multiple regions, your information may be transferred to and stored in countries outside of South Africa.

Where this happens, we ensure appropriate safeguards are in place to protect your data and comply with applicable data protection laws.

6. Data Retention

We only keep your personal information for as long as necessary to:

  • Fulfil the purpose for which it was collected
  • Meet legal, regulatory, or reporting requirements

When your data is no longer required, it is securely deleted or anonymised.

7. Your Rights

Under POPIA (and GDPR where applicable), you have the right to:

  • Access the personal information we hold about you
  • Request correction or deletion of your data
  • Object to or restrict how we process your data
  • Withdraw consent at any time
  • Lodge a complaint with the relevant data protection authority

We aim to respond to all requests promptly and transparently.

8. Data Security

We take appropriate technical and organisational measures to protect your personal information from:

  • Unauthorised access
  • Loss or misuse
  • Data breaches

If a data breach occurs, we will notify affected parties in line with legal requirements.

9. Cookies and Tracking

Our website may use cookies and similar technologies to:

  • Improve website performance
  • Understand user behaviour
  • Enhance your browsing experience

You can control or disable cookies through your browser settings.

10. Third-Party Links

Our website may contain links to external websites.
We are not responsible for the privacy practices or content of those sites.

11. Updates to This Policy

We may update this policy from time to time to reflect changes in our services or legal requirements.

The latest version will always be available on our website, with the updated date clearly indicated.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

  • 📧 compliance@castlerock.co
  • 📞 +27 21 418 0112