Privacy Notice

Good Food Distributors (Pty) Ltd

Effective Date: 1 October 2024 | Version 1.2 | Last Revised: October 2024

Introduction and Purpose
Definitions and Interpretation
Scope of Application
Information We Collect
Legal Basis for Processing
How We Use Your Information
Information Sharing and Disclosure
Data Security Measures
Data Retention and Disposal
International Data Transfers
Your Rights Under POPIA
Cookies and Tracking Technologies
Third-Party Services and Links
Children's Privacy
Changes to This Privacy Notice
Contact Information and Complaints
Disclaimer and Limitation of Liability

1. Introduction and Purpose

Good Food Distributors (Pty) Ltd, registration number 2024/123456/07 ("we," "us," "our," or the "Company"), is committed to protecting and respecting your privacy in accordance with the Protection of Personal Information Act, 4 of 2013 ("POPIA"), the Electronic Communications and Transactions Act, 25 of 2002 ("ECTA"), and other applicable South African legislation.

This Privacy Notice describes how we collect, use, process, store, share, transfer, and protect your personal information when you interact with our services, including but not limited to our website (www.good-food.co.za), mobile applications, customer portals, and any other digital platforms or touchpoints operated by us (collectively, the "Services").

IMPORTANT NOTICE

By accessing or using our Services, submitting personal information to us, or entering into a business relationship with Good Food Distributors, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Notice. If you do not agree with these terms, please do not use our Services or provide us with your personal information.

2. Definitions and Interpretation

For the purposes of this Privacy Notice, the following terms shall have the meanings assigned to them below:

"Personal Information" means information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person, as defined in Section 1 of POPIA.
"Processing" means any operation or activity, whether automated or not, concerning personal information, including collection, receipt, recording, organization, collation, storage, updating, modification, retrieval, alteration, consultation, use, dissemination, merging, linking, restriction, degradation, erasure, or destruction.
"Data Subject" means the natural or juristic person to whom personal information relates.
"Responsible Party" means Good Food Distributors (Pty) Ltd, which determines the purpose of and means for processing personal information.
"Operator" means any person who processes personal information on behalf of the Responsible Party.
"Consent" means any voluntary, specific, and informed expression of will in terms of which permission is given for the processing of personal information.

3. Scope of Application

This Privacy Notice applies to:

Current, prospective, and former business customers and clients;
Individual representatives of corporate customers;
Suppliers, vendors, and service providers;
Website visitors and users of our digital platforms;
Job applicants and recruitment candidates;
Any other individuals whose personal information we may process in the course of our business operations.

This Privacy Notice does not apply to information processed about our employees in the context of their employment relationship, which is governed by separate internal policies and procedures.

4. Information We Collect

4.1 Categories of Personal Information

We may collect and process the following categories of personal information, to the extent permitted by law and necessary for our business purposes:

A. Identification and Contact Information

Full legal name, trading name, or business name
South African ID number, passport number, or company registration number
Physical and postal addresses
Email addresses (business and personal)
Telephone numbers (landline, mobile, fax)
Job title, position, and department

B. Financial and Transactional Information

Banking details (account number, branch code, account holder name)
VAT registration number and tax clearance information
Credit history and credit bureau reports
Financial statements and proof of income
Purchase history, order details, and transaction records
Payment methods and billing information
Account balances, credit limits, and payment terms

C. Business and Commercial Information

Business registration documents (CK1, CK2, CIPC certificates)
Business licenses and permits
Trading history and business references
Shareholding structure and directors' information
Industry classification and business type
Delivery addresses and route information

D. Technical and Usage Information

IP addresses, device identifiers, and MAC addresses
Browser type, version, and language settings
Operating system and device information
Website navigation patterns and clickstream data
Access times, session duration, and frequency of visits
Cookies, web beacons, and similar tracking technologies
Geolocation data (when permitted)

E. Communications and Correspondence

Email correspondence and attachments
Telephone call recordings (with your consent where required)
Live chat transcripts and support tickets
Feedback, complaints, and survey responses
Marketing preferences and communication consent records

F. Security and Verification Information

Login credentials (usernames, encrypted passwords)
Security questions and answers
Two-factor authentication information
Access logs and audit trails
CCTV footage at our premises (where applicable)

4.2 Sources of Information

We collect personal information from the following sources:

Directly from you: When you register for an account, place orders, submit applications, contact us, or otherwise interact with our Services;
Automated collection: Through cookies, log files, and similar technologies when you use our digital platforms;
Third-party sources: From credit bureaus (TransUnion, Experian, Compuscan), business registries (CIPC), trade references, fraud prevention agencies, and marketing partners;
Public sources: From publicly available databases, government registries, and social media platforms;
Business partners: From our affiliates, distributors, and authorized representatives who may provide your information in the course of business transactions.

5. Legal Basis for Processing

In accordance with Section 11 of POPIA, we process your personal information based on one or more of the following lawful grounds:

5.1 Consent

You have provided explicit, voluntary, and informed consent for the processing of your personal information. You have the right to withdraw your consent at any time by contacting our Information Officer, subject to legal or contractual restrictions.

5.2 Contractual Necessity

The processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into such a contract. This includes processing necessary to provide our products and services, manage your account, and fulfill our contractual obligations.

5.3 Legal Obligation

The processing is necessary to comply with legal obligations imposed on us by South African law, including but not limited to the Income Tax Act, Value-Added Tax Act, Companies Act, Financial Intelligence Centre Act (FICA), National Credit Act, Consumer Protection Act, and regulatory requirements issued by competent authorities.

5.4 Legitimate Interests

The processing is necessary for pursuing our legitimate interests or those of a third party to whom the information is supplied. Our legitimate interests include fraud prevention, network and information security, direct marketing, improving our services, business development, and protecting our legal rights. We ensure that such processing does not override your fundamental rights and freedoms.

5.5 Protection of Legitimate Interests

The processing protects a legitimate interest of yours or of a third party, including situations where processing is necessary to prevent harm, ensure safety, or protect property rights.

6. How We Use Your Information

We process your personal information for the following specific, explicitly defined, and lawful purposes:

6.1 Primary Business Operations

Processing and fulfilling your orders and service requests
Managing your customer account and maintaining our business relationship
Providing customer support, technical assistance, and responding to inquiries
Processing payments, invoicing, and managing accounts receivable
Arranging delivery and logistics services
Managing returns, refunds, and warranty claims

6.2 Credit Management and Risk Assessment

Evaluating creditworthiness and determining credit limits
Conducting credit checks and obtaining credit bureau reports
Managing credit accounts and payment terms
Debt collection and recovery activities
Assessing and managing commercial risks

6.3 Legal Compliance and Regulatory Obligations

Complying with tax laws, including VAT and income tax reporting
Meeting financial record-keeping requirements
Responding to lawful requests from law enforcement and regulatory authorities
Complying with court orders, subpoenas, and legal processes
Fulfilling anti-money laundering (AML) and know-your-customer (KYC) obligations
Maintaining statutory records as required by the Companies Act

6.4 Fraud Prevention and Security

Detecting, preventing, and investigating fraud, money laundering, and other criminal activities
Verifying identity and authenticating users
Protecting our systems, networks, and data from cyber threats
Monitoring and analyzing security incidents and vulnerabilities
Conducting internal audits and compliance reviews
Protecting our legal rights, property, and safety, as well as those of our customers and third parties

6.5 Marketing and Communications

Sending promotional materials, newsletters, and marketing communications (with your consent)
Providing information about new products, services, and special offers
Conducting market research and customer satisfaction surveys
Personalizing your experience and tailoring content to your interests
Managing your marketing preferences and opt-out requests

6.6 Business Development and Improvement

Analyzing usage patterns and trends to improve our services
Developing new products, services, and features
Conducting statistical analysis and business intelligence activities
Evaluating the effectiveness of our marketing campaigns
Benchmarking our performance against industry standards

Note: We will only process your personal information for purposes that are compatible with the purposes for which it was originally collected. If we intend to process your information for a new purpose that is incompatible with the original purpose, we will first obtain your consent or ensure that another lawful basis exists.

7. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. However, we may share your personal information with the following categories of recipients, strictly to the extent necessary for the purposes described in this Privacy Notice:

7.1 Service Providers and Operators

We engage trusted third-party service providers to perform functions and provide services on our behalf, including:

Payment processors and merchant services providers
Courier and logistics companies for order fulfillment
IT service providers, cloud hosting companies, and data centers
Customer relationship management (CRM) platform providers
Email marketing and communication service providers
Website analytics and performance monitoring services
Professional advisors (accountants, auditors, legal counsel)

All service providers are contractually bound to process your personal information only on our instructions, maintain appropriate security measures, and comply with POPIA and other applicable data protection laws.

7.2 Business Partners and Affiliates

Suppliers and manufacturers of products we distribute
Companies within our corporate group for consolidated reporting and shared services
Strategic partners involved in joint marketing or business development initiatives

7.3 Credit Bureaus and Financial Institutions

Registered credit bureaus (TransUnion, Experian, Compuscan, XDS) for credit checks and reporting
Banks and financial institutions for payment processing and verification
Debt collection agencies in cases of non-payment (where legally permitted)

7.4 Legal and Regulatory Authorities

We may disclose your personal information to government authorities, law enforcement agencies, courts, tribunals, and regulatory bodies when:

Required by law or legal process (court orders, subpoenas, regulatory investigations)
Necessary to comply with tax, customs, or other governmental reporting obligations
Requested by the South African Revenue Service (SARS), South African Police Service (SAPS), or other competent authorities
Required to protect our legal rights, enforce our terms and conditions, or defend against legal claims
Necessary to prevent, detect, or investigate potential fraud, security breaches, or criminal activity

7.5 Business Transactions

In the event of a merger, acquisition, corporate restructuring, sale of assets, or bankruptcy, your personal information may be transferred to the successor entity or acquiring party, subject to the same privacy protections described in this Privacy Notice. We will notify you of any such change in ownership or control of your personal information.

Important: We do not authorize any third party to use your personal information for their own purposes. All third parties with whom we share your information are required to maintain the confidentiality and security of your personal information and may only use it for the specific purposes we have authorized.

8. Data Security Measures

We are committed to ensuring the security and integrity of your personal information. In compliance with Section 19 of POPIA, we have implemented appropriate technical and organizational measures to protect your information against unauthorized or unlawful processing, accidental loss, destruction, damage, alteration, disclosure, or access.

8.1 Technical Security Measures

Encryption: All data transmissions are encrypted using industry-standard SSL/TLS protocols (minimum TLS 1.2). Sensitive data at rest is encrypted using AES-256 encryption.
Access Controls: Strict role-based access controls (RBAC) ensure that only authorized personnel can access personal information on a need-to-know basis.
Authentication: Multi-factor authentication (MFA) is implemented for all privileged accounts and administrative access.
Firewalls and Intrusion Detection: Enterprise-grade firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) protect our networks.
Vulnerability Management: Regular security assessments, penetration testing, and vulnerability scans are conducted to identify and remediate security weaknesses.
Malware Protection: Advanced anti-malware and anti-virus solutions are deployed across all systems.
Secure Development: Our applications are developed following secure coding practices and undergo security reviews.

8.2 Organizational Security Measures

Security Policies: Comprehensive information security policies and procedures govern the handling of personal information.
Employee Training: All employees receive mandatory privacy and data security training upon hiring and through regular refresher courses.
Confidentiality Agreements: All employees, contractors, and third parties with access to personal information are bound by strict confidentiality obligations.
Background Checks: Appropriate background verification is conducted for employees with access to sensitive personal information.
Incident Response: A formal security incident response plan is in place to address data breaches and security incidents.
Physical Security: Our facilities are protected by physical access controls, surveillance systems, and 24/7 monitoring.
Business Continuity: Disaster recovery and business continuity plans ensure the availability and integrity of personal information.

8.3 Data Breach Notification

In the event of a data breach involving your personal information that poses a real risk of harm, we will:

Notify the Information Regulator without undue delay and, where feasible, within 72 hours of becoming aware of the breach;
Notify affected data subjects as soon as reasonably possible, providing information about the nature of the breach, the categories of data affected, and the measures taken to mitigate the harm;
Take immediate steps to contain and remediate the breach;
Conduct a thorough investigation to determine the cause and extent of the breach;
Implement additional safeguards to prevent future incidents.

Disclaimer: While we employ industry-leading security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your personal information. You acknowledge and accept this inherent risk when using our Services.

9. Data Retention and Disposal

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal and regulatory obligations, resolve disputes, enforce our agreements, and protect our legitimate business interests.

9.1 Retention Periods

Category	Retention Period	Legal Basis
Financial Records (Invoices, Receipts)	5 years	Income Tax Act, VAT Act
Accounting Records	7 years	Companies Act 71 of 2008
FICA Documents	5 years after termination	FICA 38 of 2001
Credit Agreements	3 years after termination	National Credit Act
Marketing Consent Records	Until consent withdrawn + 1 year	POPIA, CPA
CCTV Footage	30-90 days (unless incident)	POPIA Guidelines
Website Access Logs	12 months	Security and troubleshooting

9.2 Secure Disposal

When personal information is no longer required, we securely dispose of it using the following methods:

Electronic Data: Permanent deletion using secure data erasure software that meets or exceeds DoD 5220.22-M standards, or physical destruction of storage media.
Physical Documents: Cross-cut shredding or incineration by certified document destruction service providers.
Backup Systems: Regular purging of backup systems in accordance with our backup retention schedules.
Audit Trail: Maintaining records of disposal activities for compliance purposes.

Please note that certain information may be retained in anonymized or aggregated form for statistical, research, or analytical purposes, provided such information can no longer identify you as an individual.

10. International Data Transfers

Your personal information is primarily stored and processed within the Republic of South Africa. However, in limited circumstances, we may transfer your personal information to recipients located in foreign jurisdictions, including:

Cloud service providers with data centers outside South Africa;
International payment processors and financial institutions;
Global technology and software vendors;
Multinational suppliers and business partners.

In accordance with Chapter 9 of POPIA, when we transfer personal information to a third party in a foreign country, we ensure that:

The recipient country has data protection laws that are substantially similar to the conditions for lawful processing set out in POPIA; OR
The recipient is subject to binding corporate rules or a binding agreement that provides an adequate level of protection; OR
You have consented to the transfer after being informed of the possible risks; OR
The transfer is necessary for the performance of a contract, compliance with a legal obligation, or protection of your legitimate interests.

We implement appropriate safeguards to ensure that your personal information receives a level of protection at least comparable to that provided under South African law, including:

Standard contractual clauses approved by the Information Regulator;
Vendor certification under recognized privacy frameworks (e.g., ISO 27001, SOC 2);
Regular audits and compliance assessments of international service providers;
Encryption of data in transit and at rest.

You may request information about the specific safeguards we have implemented for international transfers by contacting our Information Officer.

11. Your Rights Under POPIA

As a data subject, you have the following rights under POPIA with respect to your personal information:

11.1 Right of Access

You have the right to request confirmation of whether we hold personal information about you and to access such information. We will provide you with a description of the information, the purpose for processing, and the categories of third parties to whom it has been disclosed.

11.2 Right to Rectification

You may request the correction, updating, or completion of your personal information if it is inaccurate, incomplete, misleading, or out of date. We will take reasonable steps to verify the accuracy of the corrected information.

11.3 Right to Erasure (Deletion)

You may request the destruction or deletion of your personal information where: (a) we are no longer authorized to retain it; (b) it is no longer necessary for the purpose for which it was collected; or (c) you withdraw your consent. This right is subject to legal obligations that may require us to retain certain information (e.g., financial records for tax purposes).

11.4 Right to Object to Processing

You may object, on reasonable grounds relating to your particular situation, to the processing of your personal information. You have an absolute right to object to direct marketing at any time, including profiling for marketing purposes.

11.5 Right to Restrict Processing

You may request restriction of processing if: (a) you contest the accuracy of your personal information; (b) the processing is unlawful but you oppose erasure; (c) we no longer need the data but you require it for legal claims; or (d) you have objected to processing pending verification of our legitimate grounds.

11.6 Right to Data Portability

Where technically feasible, you may request to receive your personal information in a structured, commonly used, and machine-readable format, and to transmit that information to another responsible party, provided the processing is based on consent or contract and is carried out by automated means.

11.7 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Note that withdrawal may impact our ability to provide certain services.

11.8 Right Not to Be Subject to Automated Decisions

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you, unless such automated decision-making is necessary for contract performance, authorized by law, or based on your explicit consent.

How to Exercise Your Rights

To exercise any of these rights, please submit a written request to our Information Officer using the contact details provided in Section 16. Your request must:

Be in writing (email or postal mail);
Provide sufficient information to verify your identity;
Specify the right(s) you wish to exercise;
Provide sufficient detail to locate the relevant information (if applicable).

We will respond to your request within a reasonable period, not exceeding 30 days from the date of receipt. If we require additional time or information, we will notify you accordingly. We reserve the right to charge a reasonable fee for access requests in accordance with Regulation 7 of the POPIA Regulations (currently R50.00 for manual requests or prescribed fees for automated processing).

We may refuse a request on reasonable grounds as permitted by law, including where: (a) granting access would involve disclosure of personal information about a third party; (b) the request is manifestly unfounded or excessive; (c) disclosure would be likely to prejudice law enforcement, legal proceedings, or our commercial interests; or (d) the information is subject to legal privilege. Any refusal will be communicated in writing with reasons.

12. Cookies and Tracking Technologies

12.1 What Are Cookies

Cookies are small text files that are placed on your computer, smartphone, or other device when you visit our website. They are widely used to make websites work more efficiently, provide a better user experience, and provide information to website owners.

12.2 Types of Cookies We Use

Essential Cookies (Strictly Necessary)

These cookies are essential for the website to function properly. They enable core functionality such as security, network management, session management, and accessibility. You cannot opt out of these cookies as the website would not function properly without them.

Performance Cookies (Analytics)

These cookies collect information about how visitors use our website, such as which pages are visited most often and error messages received. This helps us improve the website's performance and user experience. We use Google Analytics and similar services.

Functionality Cookies

These cookies allow the website to remember choices you make (such as your username, language, or region) and provide enhanced, personalized features. They may also be used to remember changes to text size, fonts, and other customizable parts of web pages.

Targeting/Advertising Cookies

These cookies are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. We may work with third-party advertising networks that use these cookies.

12.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to:

Block all cookies;
Allow only first-party cookies;
Delete cookies when you close your browser;
Notify you when a website sets or accesses cookies.

Please note that blocking or deleting cookies may impact your ability to use certain features of our website and may result in a degraded user experience. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

12.4 Other Tracking Technologies

In addition to cookies, we may use other tracking technologies:

Web Beacons/Pixel Tags: Small graphic images or code snippets embedded in web pages and emails to track viewing and interaction.
Local Storage Objects: Technologies like HTML5 local storage that enable us to store data on your device.
Device Fingerprinting: Collection of device and browser characteristics to create a unique identifier for fraud prevention and security purposes.

13. Third-Party Services and Links

Our website and Services may contain links to third-party websites, applications, or services that are not owned or controlled by Good Food Distributors. This Privacy Notice does not apply to such third-party services.

We are not responsible for the privacy practices, content, or security of any third-party websites or services. When you click on a third-party link or access a third-party service, you do so at your own risk and should review the privacy policy and terms of service of that third party.

We may integrate third-party services into our platform, including:

Payment gateways (which may collect payment information directly from you);
Social media plugins (which may track your interactions);
Third-party analytics and advertising services;
Customer support and live chat services;
Marketing automation and CRM platforms.

These third parties may collect information about your use of our Services in accordance with their own privacy policies. We recommend that you read the privacy policies of these third-party services to understand how they collect and use your information.

Disclaimer: Good Food Distributors is not responsible or liable for the privacy practices, data security, or content of any third-party websites, applications, or services. Any information you provide to third parties is governed by their privacy policies, and we disclaim all liability in respect thereof.

14. Children's Privacy

Our Services are designed for businesses and are not directed to individuals under the age of 18 years. We do not knowingly collect personal information from children. For the purposes of POPIA, a child is defined as a natural person under the age of 18 years.

If we become aware that we have inadvertently collected personal information from a child without appropriate parental or guardian consent, we will take steps to delete such information as soon as reasonably practicable.

In the event that we need to process a child's personal information in connection with our business operations (for example, as part of family-owned business dealings), we will:

Obtain consent from a competent person (parent or legal guardian) before processing the child's information;
Ensure that the processing is in the best interests of the child;
Take all reasonable steps to ensure that the child or competent person is advised of the information being collected and the purpose for which it is collected;
Take additional measures to protect the child's information and prevent unauthorized access.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact our Information Officer immediately so that we can take appropriate action.

15. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

Update the "Last Revised" date at the top of this Privacy Notice;
Post the updated Privacy Notice on our website;
For material changes that significantly affect your rights or how we process your personal information, provide you with notice via email (if we have your email address) or prominent notice on our website at least 30 days before the changes take effect;
Where required by law, obtain your consent to the updated Privacy Notice.

We encourage you to periodically review this Privacy Notice to stay informed about how we collect, use, and protect your personal information. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Notice.

Previous versions of this Privacy Notice are archived and available upon request from our Information Officer.

16. Contact Information and Complaints

16.1 Information Officer

If you have any questions, concerns, or requests regarding this Privacy Notice or our processing of your personal information, please contact our Information Officer:

Information Officer

Company: Good Food Distributors (Pty) Ltd

Reg No: 2024/123456/07

VAT No: 4567890123

Physical Address: 8 Willow Street, Kempton Park, 1449, South Africa

Postal Address: P.O. Box 1234, Kempton Park, 1620

Phone: +27 82 371 7258

Email: info@good-food.co.za

16.2 Internal Complaints Procedure

If you have a complaint about how we have processed your personal information, please contact our Information Officer in writing. We will:

Acknowledge receipt of your complaint within 5 business days;
Investigate the matter thoroughly and impartially;
Provide you with a written response within 30 days, detailing our findings and any remedial action taken;
If additional time is required, notify you of the extension and the reasons therefor.

16.3 Complaints to the Information Regulator

If you are not satisfied with our response to your complaint, or if you believe we have not complied with POPIA or other applicable data protection laws, you have the right to lodge a complaint with the Information Regulator (South Africa):

The Information Regulator (South Africa)

Physical Address:
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

Postal Address:
P.O. Box 31533, Braamfontein, Johannesburg, 2017

Phone: 010 023 5200

General Enquiries: inforeg@justice.gov.za

Complaints: complaints.IR@justice.gov.za

Website: www.justice.gov.za/inforeg

17. Disclaimer and Limitation of Liability

PLEASE READ THIS SECTION CAREFULLY

17.1 No Warranty: While we implement reasonable security measures to protect your personal information, we cannot guarantee absolute security. Internet transmissions are inherently insecure, and we cannot warrant that your information will be completely secure from unauthorized access, hacking, data loss, or other breaches. You acknowledge and accept these risks.

17.2 Limitation of Liability: To the maximum extent permitted by law, Good Food Distributors, its directors, officers, employees, agents, and affiliates shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages arising from or relating to:

Unauthorized access to or use of your personal information;
Data breaches or security incidents beyond our reasonable control;
Loss or corruption of data;
Third-party actions or failures;
Force majeure events, including but not limited to acts of God, war, terrorism, civil unrest, power failures, internet outages, or cyber-attacks;
Your failure to maintain the security of your account credentials.

17.3 Indemnification: You agree to indemnify, defend, and hold harmless Good Food Distributors and its affiliates from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable attorney's fees) arising from or relating to:

Your violation of this Privacy Notice;
Your violation of any applicable laws or regulations;
Your provision of inaccurate, incomplete, or misleading information;
Your infringement of any third-party rights.

17.4 No Legal or Professional Advice: Nothing in this Privacy Notice constitutes legal, financial, tax, or professional advice. You should consult with appropriate professional advisors regarding your specific circumstances.

Acceptance of This Privacy Notice

By using our Services, submitting personal information to us, or entering into a business relationship with Good Food Distributors, you acknowledge that you have read, understood, and agree to be bound by this Privacy Notice in its entirety. If you do not agree with any part of this Privacy Notice, you must discontinue use of our Services immediately and refrain from providing us with any personal information.

Good Food Distributors (Pty) Ltd

Registration Number: 2024/123456/07 | VAT Number: 4567890123

8 Willow Street, Kempton Park, 1449, South Africa