Privacy Policy of www.silent-disco.co.za

This Application collects some Personal Information from its Users.

This document can be printed for reference by using the print command in the settings of any browser.

Owner and Data Controller

SILENTSYSTEM ESPAÑA SL
Spain
Owner contact email: [email protected]

---

Types of Data Collected

Among the types of Personal Information that this Application collects, by itself or through third parties, there are: cookies and tracking tools (“Trackers”), usage data, contact information (name, email, phone number), and other types of data voluntarily provided by the User.

Complete details on each type of Personal Information collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the data collection.

Personal Information may be freely provided by the User or, in case of usage data, collected automatically when using this Application.

Unless stated otherwise, all data requested by this Application is mandatory. Failure to provide such data may result in the inability to provide the Service.

Users who are unsure about which data is mandatory are welcome to contact the Owner.

Any use of cookies or other tracking tools by this Application or by third-party services used by this Application is for the purpose of providing the Service, in addition to any other purposes described in this document and the Cookie Policy.

Users’ Responsibility

Users are responsible for any third-party Personal Information obtained, published, or shared through this Application and confirm that they have the third party’s consent to provide the data to the Owner.

---

Mode and Place of Processing the Data

Methods of Processing

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the data, in accordance with POPIA requirements.

Data processing is carried out using IT and/or electronic tools, following organizational procedures and protocols strictly related to the indicated purposes. The data may be accessible to certain internal or external parties (operators) involved in the operation of the Application, who are appointed, if necessary, as Data Processors with appropriate written agreements in place.

Legal Basis of Processing

Under POPIA (Protection of Personal Information Act 4 of 2013), the Owner may process Personal Information only if one of the following conditions is met:

• The User (data subject) has given consent for a specific purpose;

• The processing is necessary for the conclusion or performance of a contract with the User;

• The processing complies with an obligation imposed by law on the Owner;

• The processing protects a legitimate interest of the User;

• The processing is necessary for pursuing the legitimate interests of the Owner or a third party to whom the information is supplied, except where such interests are overridden by the fundamental rights and freedoms of the data subject.

The Owner will gladly help clarify the specific legal basis that applies to each processing activity upon request.

Place of Processing

The Data is processed at the Owner’s operating offices in Spain and in any other places where the parties involved in the processing are located.

Cross-Border Data Transfers

As the Owner is based in Spain (European Union) and provides services to Users in South Africa, Personal Information collected through this Application is transferred from South Africa to Spain and potentially to other countries where third-party service providers operate (including the United States of America for services such as Google Analytics, Google Fonts, and Google Tag Manager).

Such transfers are conducted in accordance with POPIA requirements, using one or more of the following lawful mechanisms:

• The User’s explicit consent to the cross-border transfer;

• Adequacy agreements or certifications ensuring the recipient country provides adequate data protection (Spain/EU benefits from adequacy recognition under POPIA);

• Binding agreements with third-party processors that include appropriate safeguards;

• The transfer is necessary for the performance of a contract between the User and the Owner.

By using this Application and providing consent to this Privacy Policy, Users acknowledge and consent to the cross-border transfer of their Personal Information as described above.

Retention Time

Personal Information shall be processed and stored only for as long as required by the purposes for which it was collected, or as required by applicable law.

Once the retention period expires, Personal Information will be securely deleted or anonymised. Therefore, rights such as access, deletion, and correction cannot be exercised after the expiry of the retention period.

The Owner maintains a data retention policy specifying retention periods for different categories of Personal Information.

---

Purposes of Processing

The Data concerning the User is collected for the following purposes:

• Analytics: To analyze website traffic and user behaviour

• Contacting the User: To respond to inquiries and provide customer service

• Displaying content from external platforms: To enhance user experience

• Tag Management: To manage tracking and analytics tags efficiently

• Service delivery: To provide rental services and process bookings

• Order fulfillment: To process and ship equipment rentals to South African customers

For detailed information on the Personal Information used for each purpose, refer to the section “Detailed information on the processing of Personal Information.”

---

Detailed Information on the Processing of Personal Information

Analytics

Google Analytics (Google LLC)
Used to analyse website traffic and user behaviour.
Personal Data: Tracker; Usage Data
Processing location: United States – Privacy Policy – Opt Out

Contacting the User

Contact Form (this Application)
Used to collect inquiries, booking requests, and customer communications.
Personal Data: Name, email address, phone number, message content, and any other data voluntarily provided through the form.

Displaying Content from External Platforms

Google Fonts (Google LLC)
Used to display web fonts and enhance visual presentation.
Personal Data: Tracker; Usage Data
Processing location: United States – Privacy Policy

Tag Management

Google Tag Manager (Google LLC)
Used to manage analytics and tracking tags.
Personal Data: Tracker
Processing location: United States – Privacy Policy

---

Cookie Consent

This Application uses cookies and similar tracking technologies. In compliance with POPIA, the Owner obtains explicit consent before placing non-essential cookies on Users’ devices.

Users can manage their cookie preferences through the cookie consent banner displayed upon first visit and can withdraw or modify consent at any time through the cookie settings available on the website.

Essential cookies required for the basic functioning of the Application do not require consent.

---

Users’ Rights Under POPIA

Under the Protection of Personal Information Act (POPIA), Users have the following rights regarding their Personal Information:

1. Right to access: Request confirmation of whether the Owner holds your Personal Information and obtain a copy of such information;

2. Right to correction: Request correction of inaccurate, misleading, or outdated Personal Information;

3. Right to deletion: Request deletion of your Personal Information where retention is no longer necessary or lawful;

4. Right to object: Object to the processing of your Personal Information on reasonable grounds;

5. Right to restriction: Request restriction of processing in certain circumstances;

6. Right to withdraw consent: Withdraw consent at any time where processing is based on consent (without affecting lawful processing prior to withdrawal);

7. Right to lodge a complaint: Submit a complaint to the Information Regulator of South Africa if you believe your rights have been violated.

How to Exercise Your Rights

Users can exercise their rights by:

1. Online Data Management Portal: Visit silent-disco.co.za/manage-data/ to submit a request to:

   • Access your Personal Information stored by the Owner

   • Request correction of your Personal Information

   • Request deletion or removal of your Personal Information

   • Object to processing or request restriction

   • Withdraw consent for data processing

2. Direct Contact: Contact the Owner using the contact information provided in this document ([email protected])

All requests are processed free of charge and will be handled within a reasonable timeframe, not exceeding 30 days from receipt of the request, in accordance with POPIA requirements.

The Owner may request additional information to verify the identity of the User making the request to ensure the security and confidentiality of Personal Information.

---

Information Regulator (South Africa)

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Information Regulator:

Information Regulator (South Africa)
Website: https://www.justice.gov.za/inforeg/
Email: [email protected]
Phone: +27 (0)10 023 5200

---

Security Measures

The Owner implements appropriate technical and organizational measures to secure Personal Information against unauthorized access, accidental loss, destruction, or damage, including:

• Secure servers and encrypted data transmission (SSL/TLS)

• Access controls and authentication mechanisms

• Regular security assessments and updates

• Staff training on data protection obligations

• Incident response and data breach notification procedures

Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. Users acknowledge the inherent risks of providing information online.

---

Data Breach Notification

In the event of a data breach that compromises the integrity or confidentiality of Personal Information and is likely to cause harm to Users, the Owner will:

1. Notify the Information Regulator as soon as reasonably possible;

2. Notify affected Users where feasible and appropriate;

3. Take immediate steps to mitigate the breach and prevent further unauthorized access.

---

Legal Action

The User’s Personal Information may be used by the Owner in court or in the stages leading to possible legal action arising from improper use of this Application or the related Services, in accordance with applicable law.

The User declares to be aware that the Owner may be required to reveal Personal Information upon request of public authorities or law enforcement agencies.

---

Additional Information About Data Collection and Processing

System Logs and Maintenance

For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (system logs) or use other Personal Information (such as IP addresses) for this purpose.

Information Not Contained in This Policy

Additional details concerning the collection or processing of Personal Information may be requested from the Owner at any time using the contact information provided.

---

“Do Not Track” Requests

This Application does not support “Do Not Track” requests. To determine whether any third-party services used honor “Do Not Track” requests, please read their privacy policies.

---

Changes to This Privacy Policy

The Owner reserves the right to make changes to this Privacy Policy at any time by notifying Users on this page and, where technically and legally feasible, sending a notice to Users via contact information available to the Owner.

It is strongly recommended to check this page regularly, referring to the date of the last modification listed at the bottom.

Should changes affect processing activities based on User consent, the Owner shall collect new consent from the User where required by law.

---

Definitions and Legal References

Personal Information: Any information relating to an identified or identifiable natural or juristic person, as defined in POPIA.

Usage Data: Information collected automatically through this Application, including IP addresses, browser types, pages visited, time and date of visits, and other diagnostic data.

User: The individual using this Application who, unless otherwise specified, coincides with the data subject.

Data Subject: The natural or juristic person to whom Personal Information relates.

Data Processor (or Operator): Any natural or juristic person who processes Personal Information on behalf of the Owner, as described in this Privacy Policy.

Data Controller (or Owner): The natural or juristic person who determines the purpose of and means for processing Personal Information. Unless otherwise specified, the Data Controller is the Owner of this Application.

This Application: The means by which Personal Information of the User is collected and processed.

Service: The service provided by this Application as described in the applicable terms and on this site/application.

Tracker: Any technology (cookies, unique identifiers, web beacons, scripts, etc.) that enables the tracking of Users.

POPIA: The Protection of Personal Information Act 4 of 2013 (South Africa), as amended.

Information Regulator: The independent regulatory body established under POPIA to monitor and enforce compliance with data protection laws in South Africa.

---

Legal Information

This Privacy Policy is prepared in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA) and applies to the processing of Personal Information by SILENTSYSTEM ESPAÑA SL when providing services to Users in South Africa.

As a Spanish company, the Owner also complies with the General Data Protection Regulation (GDPR – Regulation EU 2016/679) applicable in the European Union.

In case of any conflict between this Privacy Policy and applicable law, the provisions of POPIA, GDPR, and other applicable legislation shall prevail.

---

Latest update: 30 January 2026