Legal

Privacy Policy

Last updated: 2 May 2026

Your career information is personal. I treat it that way. This policy explains what I collect, why, and how I protect it, in line with South Africa's Protection of Personal Information Act (POPIA).

1. Who is responsible

Kagiso Shabangu, trading as Coach Kagiso, is the responsible party. Contact: hello@coachkagiso.co.za, Gauteng, South Africa.

2. What information I collect

You provide directly:

  • Name, email, phone number, LinkedIn URL
  • Career history, CV, qualifications, salary expectations for coaching
  • Payment details processed by PayFast. I do not store card numbers
  • Answers to audit and intake forms
  • Session notes and action plans

Collected automatically:

  • Website usage via analytics, such as pages visited and device type
  • Email open and click data via Brevo

3. Why I use your information

  • To deliver the service you booked, including coaching, CV work, and masterclass support
  • To send session links, resources, and follow-ups
  • To process payments and issue invoices
  • To send you the Personal Brand Audit you requested
  • To improve my services and content
  • To comply with legal and tax obligations

I will only use your information for the purpose you gave it, unless you consent to something else.

4. Legal basis under POPIA

I process your information because:

  • You consented when you book or download a resource
  • It is necessary to perform our contract and deliver coaching
  • I have a legitimate interest in improving services and keeping records
  • I must comply with law, including tax records

5. Who I share with

I do not sell your data. I use trusted processors to run the practice:

  • PayFast in South Africa for payment processing
  • cal.com in the United States for scheduling
  • Brevo in the European Union for email delivery for audits and newsletters
  • Google Workspace and Google Drive in the United States for secure storage of client files
  • Loom in the United States for video walkthroughs using private links only
  • Zoom in the United States for live coaching sessions
  • WhatsApp Business, Meta in the United States, for client communication

All processors are required to protect your information under their own terms and privacy notices.

Cross-border data transfers:Several of these processors store data outside South Africa, primarily in the European Union and the United States. Where this happens, I rely on each provider's compliance with data protection laws that offer protection equivalent to or stronger than POPIA, together with their published standard data processing terms. I also limit what I share to the minimum needed to deliver the service.

6. How long I keep it

  • Active client files: for the duration of our work plus 2 years
  • Session notes: 2 years
  • Invoices and tax records: 5 years, as legally required under SARS
  • Email list: until you unsubscribe
  • Audit and intake form results: 1 year unless you become a client
  • WhatsApp Business message history: 12 months from last contact

After this, I delete or anonymise information securely.

7. Your rights

Under POPIA you can:

  • Ask what information I hold about you
  • Request correction or deletion
  • Object to processing or withdraw consent
  • Request a copy in a portable format
  • Lodge a complaint with the Information Regulator at inforeg@justice.gov.za

Email hello@coachkagiso.co.za to exercise any right. I will respond within 30 days.

8. Security

I use password protection, two-factor authentication, and encrypted storage. While I take reasonable steps, no online system is 100% secure. If a breach occurs that risks your rights, I will notify you and the Regulator as required by law.

9. Cookies and analytics

My website uses two types of cookies:

  • Essential cookies are needed for the site to work, for example remembering your form inputs. These are always on.
  • Analytics cookies help me understand how visitors use the site, such as pages visited and time on site. You can decline these via the cookie banner when you first visit, or manage them in your browser settings at any time.

I do not use advertising trackers or third-party retargeting cookies.

10. Marketing and email frequency

I will only send you marketing emails if you opt in, for example when you download the Personal Brand Audit or join my email list.

For most weeks you will receive no more than one email from me. During specific program windows, such as the lead-up to a Saturday Masterclass cohort or the 14 days after a session you booked, you may receive up to four emails over a two-week period as part of the program you signed up for. Every email includes an unsubscribe link.

11. Children

My services are for adults 18 and older. I do not knowingly collect data from children.

12. Changes

I may update this policy as tools or laws change. The latest version will be posted here with a new date.

Questions about privacy? Email hello@coachkagiso.co.za.

Read terms