Privacy Policy | Elevate Horizons

Introduction

Welcome to Elevate Horizons ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website elevatehorizons.com and use our services.

By using our services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Information You Provide Directly

When you register for an account, book an event, or contact us, we may collect:

Personal Identification Information: Name, email address, phone number
Account Information: Username, password (encrypted), profile information
Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
Booking Information: Event selections, ticket purchases, attendance preferences
Communication Data: Messages, feedback, and correspondence with us

2. Information Collected Automatically

When you use our website, we automatically collect:

Usage Data: Pages visited, time spent on pages, clicks, browsing patterns
Device Information: IP address, browser type, device type, operating system
Cookies and Similar Technologies: See our Cookie Policy section below
Location Data: General geographic location based on IP address (not precise GPS)

3. Information from Third-Party Sources

Google OAuth Authentication

When you sign in using "Sign in with Google," we receive limited information from Google:

Basic Profile Information: Name, email address, profile picture
Google Account ID: A unique identifier for your Google account
Email Verification Status: Whether your email is verified by Google

What we DON'T receive from Google:

Your Google password (we never see or store this)
Your Google contacts, emails, or documents
Access to your other Google services
Your search history or YouTube activity

How we use Google Sign-In data:

To create and authenticate your account
To pre-fill your profile information (you can change this)
To send you booking confirmations and event updates
To provide customer support

Google's Privacy Policy: https://policies.google.com/privacy

How We Use Your Information

We use the collected information for:

1. Account Management

Creating and managing your account
Authenticating your identity
Providing access to booked events

2. Service Delivery

Processing event bookings and ticket purchases
Sending booking confirmations and reminders
Managing event attendance and check-ins
Providing customer support

3. Communication

Sending transactional emails (booking confirmations, receipts)
Responding to your inquiries and support requests
Sending event updates and important notices
Marketing communications (with your consent)

4. Improvement and Analytics

Analyzing website usage and user behavior
Improving our services and user experience
Developing new features and offerings

5. Legal and Security

Preventing fraud and abuse
Enforcing our Terms of Service
Complying with legal obligations
Protecting our rights and property

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data under the following legal bases:

Consent: When you opt-in to marketing communications or use optional features
Contract Performance: To fulfil our obligations under our Terms of Service
Legitimate Interests: To improve our services, prevent fraud, and ensure security
Legal Obligation: To comply with applicable laws and regulations

How We Share Your Information

We do NOT sell your personal information to third parties.

We may share your information with:

1. Service Providers

We work with trusted third-party service providers who assist us in operating our business:

Payment Processors: Paystack (for secure payment processing)
Email Services: For transactional and marketing emails
Analytics Services: Google Analytics (for website analytics)
Cloud Hosting: Vercel, AWS (for website hosting and data storage)
Authentication: Google OAuth (for sign-in services)

These providers have access only to the information necessary to perform their functions and are contractually obligated to protect your data.

2. Legal Requirements

We may disclose your information if required by law or in response to:

Valid legal processes (court orders, subpoenas)
Government or regulatory requests
Protection of our rights, property, or safety
Enforcement of our Terms of Service

Data Retention

We retain your personal information for as long as necessary to:

Provide our services to you
Comply with legal obligations (e.g., tax records for 7 years)
Resolve disputes and enforce our agreements

Retention Periods:

Active Accounts: Data retained whilst your account is active
Inactive Accounts: Data retained for 3 years after last activity, then deleted
Booking Records: Retained for 7 years for legal/accounting purposes
Marketing Data: Retained until you unsubscribe

You can request deletion of your data at any time (subject to legal retention requirements).

Your Rights and Choices

Depending on your location, you may have the following rights:

1. Access and Portability

Request a copy of your personal data
Receive your data in a structured, machine-readable format

2. Correction

Update or correct inaccurate information in your account settings

3. Deletion

Request deletion of your account and personal data
Note: Some data may be retained for legal compliance

4. Objection and Restriction

Object to processing of your data for marketing purposes
Restrict certain types of data processing

5. Withdraw Consent

Opt-out of marketing emails (unsubscribe link in emails)
Revoke consent for optional data processing

To exercise your rights, contact us at: declercq@advanced-digital.co.za

Data Security

We implement industry-standard security measures to protect your information:

Encryption: HTTPS/TLS encryption for data in transit
Secure Storage: Encrypted databases for sensitive data
Access Controls: Restricted access to personal data
Regular Audits: Security reviews and vulnerability assessments
Password Protection: Bcrypt hashing for passwords
Payment Security: PCI DSS compliant payment processing

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately, and we will delete such information.

International Data Transfers

If you are located outside of South Africa, please note that your information may be transferred to and processed in South Africa or other countries where our service providers operate. We ensure adequate safeguards are in place for such transfers in compliance with applicable data protection laws (GDPR, POPIA, etc.).

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

Posting the new policy on this page
Updating the "Last Updated" date
Sending an email notification (for material changes)

Your continued use of our services after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

Elevate Horizons

Email: declercq@advanced-digital.co.za

Website: https://elevatehorizons.com

Physical Address: 34 The Broads St, Mulbarton, Johannesburg South, 2059

Response Time: We aim to respond to all privacy inquiries within 30 days.

Regulatory Information

For South African Users (POPIA Compliance)

We comply with the Protection of Personal Information Act (POPIA). Our Information Officer can be contacted at the email above.

For EU/EEA Users (GDPR Compliance)

We comply with the General Data Protection Regulation (GDPR). You have the right to lodge a complaint with your local Data Protection Authority.