Privacy Policy

Effective date: March 2025

1. Who We Are

CION BPO (Pty) Ltd ("CION BPO", "we", "us") operates cion-bpo.com. Registered address: Regus Business Centre, Cape Town, 8000, South Africa. Information Officer: chiara@cion-bpo.com.

2. Scope

This Privacy Policy applies to all personal information collected through our website, recruitment processes, service delivery, and business communications.

3. Our Roles Under the Law

Under POPIA (South Africa), we act as the "responsible party". Under GDPR (UK/EU), we act as the "data controller" when processing personal data of individuals in those jurisdictions.

4. What We Collect

a) Website & Contact

Name, email address, phone number, company name, and any information you provide via contact forms or email communications.

b) Recruitment / Careers

CVs, work history, education records, identity documents, references, skills assessments, and interview notes.

c) Service Delivery

Performance data, quality metrics, training records, and system access logs related to our BPO operations.

d) PAIA / Rights Requests

Identity verification documents and request details submitted under PAIA or data subject access requests.

5. Why We Use Data (Lawful Bases)

We process personal information based on: (a) your consent; (b) performance of a contract; (c) our legitimate business interests; (d) compliance with legal obligations. We will always inform you of the specific basis at the point of collection.

6. Cookies & Similar Technologies

We use analytics cookies (Google Analytics) to understand site usage. You can control cookies through your browser settings. Our site does not use advertising or tracking cookies.

7. Sharing & Disclosure

We may share personal information with: (a) clients, to the extent necessary for service delivery; (b) service providers who assist our operations (hosting, analytics); (c) legal authorities when required by law. We do not sell personal information.

8. Cross-Border Transfers

As we serve international clients, personal data may be transferred between South Africa, the UK, EU, and US. We ensure appropriate safeguards are in place for all cross-border transfers.

9. Security

We implement robust technical and organisational measures to protect personal information, including encryption, access controls, regular security audits, and staff training.

10. Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Recruitment data is typically retained for 12 months after the last interaction.

11. Your Rights (POPIA & PAIA; UK/EU GDPR)

You have the right to: access your personal information; request correction or deletion; object to processing; data portability (GDPR); lodge a complaint with the SA Information Regulator or UK ICO. Contact our Information Officer to exercise these rights.

12. Children

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children.

13. Contact

Information Officer: chiara@cion-bpo.com | Phone: +27 76 058 8657

SA Information Regulator: inforegulator.org.za

14. Changes

We may update this Privacy Policy from time to time. The "Effective date" above reflects the most recent revision. Continued use of our site constitutes acceptance of the updated policy.