Privacy Policy

1. Who we are

Reguroo is a compliance-automation platform operated by EAM ECOM (Pty) Ltd (registration number 2024/262476/07), a private company incorporated in South Africa ("Reguroo", "EAM ECOM", "we", "us", "our"). For the purposes of the Protection of Personal Information Act, 2013 (POPIA), EAM ECOM (Pty) Ltd is the responsible party for personal information processed through this website and, except where we act as an Operator (see section 7), the Reguroo platform.

Information Officer: Eagan Maart — [email protected].

2. Information we collect

• Account & contact information — your name, email, company and phone number when you sign up, request a demo, or contact us.
• Compliance data — information you upload to the platform (controls, evidence, documents), which may contain personal information about your employees or customers.
• Usage data — pages visited, actions taken, and device, browser and IP information, collected via cookies and similar technologies.

3. How we use your information

• to provide, operate, secure and improve the platform;
• to create and manage your account;
• to respond to enquiries and demo requests;
• to send service and, where permitted, marketing communications;
• to comply with our legal obligations.

4. Lawful basis for processing

We process personal information where: you have consented; it is necessary to perform a contract with you; it is required to comply with the law; or it is necessary for our legitimate interests in operating and securing the platform, balanced against your rights.

5. Cookies

We use essential cookies to run the site and analytics cookies to understand usage. You can control cookies through your browser settings.

6. Sharing & sub-operators

We share personal information only with service providers who help us run Reguroo (such as cloud hosting, email delivery and AI processing providers), under agreements that require them to protect it. We do not sell your personal information.

7. When we act as an Operator

Where you use Reguroo as a business customer, you remain the responsible party for the personal information you process through the platform, and EAM ECOM (Pty) Ltd acts as your Operator under sections 20–21 of POPIA — processing that information only on your documented instructions and applying appropriate security safeguards. Enterprise customers may enter into a separate Operator / Data Processing Agreement with us.

8. Cross-border transfers

Some of our service providers are located outside South Africa, so your personal information may be processed in other countries. Where this happens, we take the steps required by section 72 of POPIA to ensure your information receives an adequate level of protection.

9. Security

We apply reasonable technical and organisational measures to protect personal information against loss, unauthorised access and misuse. No system is completely secure, but we work to safeguard your data and to notify you and the Information Regulator of any compromise as required by POPIA.

10. Retention

We keep personal information only as long as necessary for the purposes set out above or as required by law, after which it is deleted or de-identified.

11. Your rights

Under POPIA you may request access to, or correction or deletion of, your personal information, object to processing, and lodge a complaint. To exercise these rights, contact our Information Officer at [email protected].

You may also lodge a complaint with the Information Regulator (South Africa) at inforegulator.org.za.

12. Changes to this policy

We may update this policy from time to time. The latest version will always be available on this page.

13. Contact

EAM ECOM (Pty) Ltd (t/a Reguroo)
Registration no. 2024/262476/07
Email: [email protected]