Privacy Policy

Othos Telecom (Pty) Ltd

Last updated: May 2026

1. Who we are

Othos Telecom (Pty) Ltd (“Othos Telecom”, “we”, “us”, or “our”) is a licensed telecommunications provider registered in South Africa, providing Cloud PBX, VoIP, and unified communication services to businesses. We are the Responsible Party for your personal information as defined under the Protection of Personal Information Act 4 of 2013 (“POPIA”).

Registered address: 20 Cumberland Road, Cape Town, South Africa

Contact: contact@othostelecom.co.za  |  021 673 6801

2. What personal information we collect

We collect personal information when you interact with our website, contact us, sign up for a trial, or use our services. This includes:

•       Identity information: name, surname, job title

•       Contact information: email address, phone number, physical or postal address

•       Company information: business name, company size, industry

•       Technical information: IP address, browser type and version, device type, pages visited, time spent on pages, referral source

•       Communication records: emails, support tickets, call recordings (where you are a service customer and have been notified)

•       Billing information: payment details processed securely through our payment provider (we do not store full card numbers)

•       Usage data: call logs, call durations, and feature usage within our platform for service customers

3. How we use your information

We process your personal information only where we have a lawful basis to do so. We use your information to:

•       Respond to enquiries and provide quotes

•       Set up, provision, and manage your Othos Telecom service account

•       Process payments and issue invoices

•       Send service-related communications (e.g. maintenance notices, product updates)

•       Send marketing communications where you have given consent or where we have a legitimate interest — you may opt out at any time

•       Improve our website and services through analytics (see Cookies section below)

•       Comply with legal and regulatory obligations, including those imposed by ICASA

•       Detect and prevent fraud or misuse of our services

4. Legal basis for processing

Under POPIA, we rely on the following grounds to process your personal information:

•       Contractual necessity — processing required to fulfil our service agreement with you

•       Legitimate interest — for analytics, improving our services, and direct marketing to existing customers

•       Consent — for marketing communications to prospects; you may withdraw consent at any time

•       Legal obligation — where processing is required by law

5. Sharing your information

We do not sell your personal information to third parties. We may share your information with:

•       Service providers acting as Operators on our behalf — including cloud infrastructure providers (Amazon Web Services), payment processors, email delivery platforms, and analytics providers. These parties are contractually bound to process your data only as instructed by us.

•       Regulatory authorities — where required by law, court order, or to comply with ICASA obligations

•       Professional advisers — lawyers, auditors, and insurers where reasonably necessary

We take reasonable steps to ensure all third parties maintain adequate data protection standards.

6. Cookies and analytics

Our website uses cookies and similar tracking technologies. We use:

•       Google Tag Manager and Google Analytics — to understand how visitors use our site (pages visited, time on site, traffic sources). Data is anonymised where possible.

•       Functional cookies — to remember your preferences and ensure the site works correctly

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our website. By continuing to use our website, you consent to our use of cookies as described above.

7. Data retention

We retain your personal information only for as long as necessary for the purposes for which it was collected, or as required by law:

•       Enquiry and contact records: up to 2 years from last contact

•       Service account data: for the duration of your contract plus 5 years

•       Call recordings: up to 6 months unless a longer period is requested by you for compliance purposes

•       Financial records: 7 years as required by South African tax legislation

When personal information is no longer required, we securely delete or anonymise it.

8. Your rights under POPIA

As a data subject under POPIA, you have the right to:

•       Access the personal information we hold about you

•       Request correction of inaccurate or incomplete information

•       Request deletion of your personal information (subject to legal retention requirements)

•       Object to the processing of your personal information

•       Withdraw consent for marketing communications at any time

•       Lodge a complaint with the Information Regulator of South Africa

To exercise any of these rights, contact us at contact@othostelecom.co.za. We will respond within 30 days.

Information Regulator contact: inforeg.org.za  |  complaints.IR@justice.gov.za

9. Data security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, or misuse. These measures include:

•       Hosting on Amazon Web Services (AWS) infrastructure with industry-standard security controls

•       Encrypted data transmission using TLS/HTTPS

•       Access controls and authentication requirements for our platform

•       Regular security assessments and staff training

No method of transmission over the internet is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

10. International transfers

Our primary infrastructure is hosted on AWS within South Africa. Some of our third-party service providers may process data outside South Africa. Where this occurs, we take steps to ensure that adequate protections are in place in accordance with POPIA requirements.

11. Children’s privacy

Our services are intended for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page indicates when it was last revised. We encourage you to review this policy periodically. Where changes are material, we will notify you by email or by a notice on our website.

13. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

Othos Telecom (Pty) Ltd

20 Cumberland Road, Cape Town, South Africa

Email: contact@othostelecom.co.za

Phone: 021 673 6801