Kudu Kompass Privacy Policy

1. Introduction

Welcome to Kudu Kompass (“we”, “our”, “us”). We are committed to protecting your personal information and respecting your privacy in accordance with:

  • POPIA (Protection of Personal Information Act, South Africa)

  • GDPR (General Data Protection Regulation, EU & UK)

  • HIPAA (Health Insurance Portability and Accountability Act – USA)

Kudu Kompass does not collect medical or health-related data. Therefore HIPAA does not apply directly, but we maintain strict confidentiality and security standards consistent with best practice.

This Privacy Policy explains what data we collect, how we use it, your rights, and how we secure your information.

2. Information We Collect

We collect the following types of personal information:

2.1 Information You Provide Directly

When you complete a form, quiz, purchase, download an ebook, or contact us, we may collect:

  • Full name

  • Email address

  • Country or location (optional)

  • Travel preferences (via the quiz)

  • Purchase information (if you buy from our store)

  • Any information you voluntarily provide

2.2 Automatically Collected Information

Through cookies, analytics tools, and website tracking, we may collect:

  • IP address

  • Browser type and version

  • Pages visited

  • Time spent on our site

  • Device information

2.3 Payment Information

Payments are securely handled by third-party processors such as:

  • Stripe

  • PayPal

  • Shopify Payments

  • WooCommerce Payments

We never access or store your full credit card details.

2.4 Special Categories of Data

We do not collect:

  • Medical information

  • Health data

  • Biometric data

  • Religious, political, or sensitive demographic data

3. How We Use Your Information

We process your information for the following purposes:

  • To email you your Mini Kompass ebook

  • To send Namibia travel tips, recommended itineraries, or relevant updates

  • To personalise your quiz results

  • To provide customer support

  • To deliver paid digital products

  • To operate our store

  • To improve website performance and user experience

  • To comply with legal obligations

4. Legal Basis for Processing (GDPR & POPIA)

We process your data under the following legal bases:

4.1 Consent

You provide explicit consent when you:

  • Complete our quiz

  • Subscribe to our mailing list

  • Download an ebook

  • Submit a form

  • Make a purchase

4.2 Contractual Necessity

When you buy a product, we must process your data to deliver it.

4.3 Legitimate Interest

We may process basic data to:

  • Improve our website

  • Prevent fraud

  • Understand market behaviour

4.4 Legal Obligation

We may retain certain financial records for tax or accounting purposes.

5. How We Store and Protect Your Data

We use encrypted, access-controlled systems including:

  • Google Workspace

  • WordPress (limited access)

  • WooCommerce / Shopify

  • Secure email service

  • SSL encryption

  • Strong password and authentication policies

We implement:

  • Data minimisation

  • Access control

  • Regular security audits

  • Limited employee access

  • Secure backups

We never sell your data.

6. Data Sharing

We only share your personal information with trusted third parties necessary for our operations, such as:

  • Email platforms (Mailchimp, MailerLite, or similar)

  • Google Forms (for quiz submissions)

  • Payment processors

  • Analytics providers

  • Cloud storage services

All partners comply with POPIA and GDPR.

We do not sell, rent, or trade your information.

7. International Data Transfers

Your data may be processed in countries outside your region (e.g., EU, UK, USA, South Africa).

We ensure adequate protection via:

  • GDPR Standard Contractual Clauses (SCCs)

  • POPIA cross-border transfer requirements

  • Secure, compliant data processors

8. Data Retention

We retain your data only for as long as necessary for:

  • Delivering products

  • Legal obligations

  • Customer service

  • Email updates (unless you unsubscribe)

If you withdraw consent, we fully delete your personal information unless required by law.

9. Your Rights

Under POPIA & GDPR, you may:

  • Request access to your data

  • Correct inaccurate information

  • Request deletion (“Right to be Forgotten”)

  • Restrict processing

  • Withdraw consent at any time

  • Object to direct marketing

  • Request data portability

To exercise these rights, contact:
info@kudukompass.com

We respond within 30 days.

10. Cookies

We use cookies to:

  • Improve site functionality

  • Save preferences

  • Analyse traffic

  • Provide secure login

  • Support store checkout

You can disable cookies via your browser settings.

11. Email Marketing & Automated Communication

By subscribing or submitting a form, you agree to receive:

  • Travel resources

  • Ebook downloads

  • Updates about Namibia

  • Product announcements (occasionally)

You can unsubscribe at any time via the link in every email.

12. Children’s Privacy

We do not knowingly collect personal information from individuals under 16 years.

If you believe a minor has submitted data, contact us for removal.

13. HIPAA Disclosure

We do not collect health data and do not act as a HIPAA-covered entity or business associate.
However, we apply strong privacy and security practices consistent with HIPAA-grade protection.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted with a new “Last Updated” date.