Privacy Policy

Effective date: 1 January 2026, Last updated: 25 May 2026

1. Introduction

This Privacy Policy explains how TIMCA GLOBAL NPC (“we,” “us,” or “our”) collects, uses, stores, and protects information when you visit or interact with our website at https://timca.org (the “Site”).

We are committed to protecting your personal information and your right to privacy. If you have questions or concerns, please contact us using the details in Section 12.

2. Who We Are

Our website address is https://timca.org.

Organisation: TIMCA GLOBAL NPC

Registered address:
137 MOWBRAY ROAD, GREENSIDE
JOHANNESBURG
GAUTENG
2034

Information Officer / Data Protection Contact: Colin Beck, info@timca.org

3. Information We Collect

Comments

When visitors leave comments on the Site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string to help with spam detection.

An anonymised string created from your email address (a “hash”) may be provided to the Gravatar service to check whether you have an account. Gravatar’s privacy policy is available at https://automattic.com/privacy/. After your comment is approved, your profile picture is publicly visible alongside your comment.

Media

If you upload images to the Site, please avoid uploading files with embedded location data (EXIF GPS). Visitors to the Site can download such images and extract this location data.

Account Information

For users who register on the Site, we store the personal information you provide in your user profile. You can see, edit, or delete this information at any time (except your username). Website administrators can also view and edit this information.

Embedded Content from Other Websites

Articles on this Site may include embedded content (videos, images, articles, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other site directly. These third-party websites may collect data about you, use cookies, embed additional tracking, and monitor your interaction with that content — including linking it to your account if you are logged into their service.

4. Cookies

If you leave a comment, you may opt in to saving your name, email address, and website in cookies. These are for your convenience so you don’t have to re-enter your details next time. These cookies last for one year.

If you visit our login page, we set a temporary cookie to check whether your browser accepts cookies. It contains no personal data and is discarded when you close your browser.

When you log in, we also set cookies to save your login information and screen display preferences:

  • Login cookies last for two days
  • Screen option cookies last for one year
  • If you select “Remember Me,” your login persists for two weeks
  • Logging out removes the login cookies

If you edit or publish an article, an additional cookie is saved in your browser containing only the post ID of the article. It expires after one day.

You can control or delete cookies through your browser settings at any time.

5. How We Use Your Information

We use the information we collect to:

  • Operate, maintain, and improve the Site
  • Display and moderate comments
  • Authenticate registered users and remember preferences
  • Detect and prevent spam, abuse, and security incidents
  • Respond to enquiries and requests
  • Comply with legal obligations

6. Legal Basis for Processing (GDPR / POPIA)

Where applicable law requires it, we process your personal information on the following bases:

  • Consent — for cookies (other than strictly necessary ones) and for posting comments
  • Legitimate interests — for spam prevention, site security, and basic analytics
  • Legal obligation — where we must retain or disclose information to comply with the law

7. Who We Share Your Data With

We do not sell your personal information.

If you request a password reset, your IP address will be included in the reset email.

Visitor comments may be checked through an automated spam detection service Akismet. This may involve sharing your comment data and IP address with the service provider.

We may also disclose information when required by law, court order, or to protect the rights, property, or safety of our users or the public.

8. How Long We Retain Your Data

  • Comments and their metadata: retained indefinitely, so we can recognise and auto-approve follow-up comments rather than holding them for moderation.
  • Registered user profiles: retained for as long as the account is active. You can request deletion at any time.
  • Server logs (IP addresses, etc.): retained for 6 MONTHS for security and troubleshooting purposes.

9. Where Your Data Is Sent

Your data may be processed on servers located outside SOUTH AFRICA, in Ireland, including by our hosting provider and the spam detection service mentioned above. Where data is transferred internationally, we take reasonable steps to ensure it receives an adequate level of protection.

10. Data Security

We implement reasonable technical and organisational measures to protect your personal information against loss, misuse, and unauthorised access, including HTTPS encryption, secure password storage, restricted administrator access, regular software updates. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

If we become aware of a breach affecting your personal information, we will notify you and the relevant authorities in accordance with applicable law.

11. Your Rights Over Your Data

If you have an account on this Site or have left comments, you may request:

  • An exported file of the personal data we hold about you
  • Correction of inaccurate data
  • Erasure of your personal data
  • Restriction of or objection to certain processing
  • Withdrawal of consent at any time (where processing is based on consent)

This does not apply to data we are required to retain for administrative, legal, or security purposes.

Under POPIA, you also have the right to lodge a complaint with the Information Regulator of South Africa (https://inforegulator.org.za). Under GDPR, you may lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact us using the details below.

12. Children’s Privacy

The Site is not directed at children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent revision.

14. Contact Us

For questions, requests, or complaints about this Privacy Policy or your personal information:

Email: info@timca.org

Postal address:
137 MOWBRAY ROAD, GREENSIDE
JOHANNESBURG
GAUTENG
2034

Information Officer: Colin Beck