Last updated: September 2024
READ THESE TERMS AND CONDITIONS (T’S & C’S) CAREFULLY BEFORE UTILISING SPECIFIC PUMPKN SERVICES. YOUR CONTINUED UTILISATION OF SPECIFIC SERVICES INDICATES THAT YOU HAVE BOTH READ AND ACCEPT THESE T’S AND C’S. YOU CANNOT USE SPECIFIC SERVICES IF YOU DO NOT ACCEPT THESE T’S AND C’S. ALL SECTIONS OF THESE T’S AND C’S ARE APPLICABLE TO ALL USERS UNLESS THE SECTION EXPRESSLY STATES OTHERWISE.
1. DEFINITIONS
The headings of the clauses in these T’s and C’s are for the purpose of convenience and reference only and shall not be used in the interpretation of, nor modify, nor amplify, these nor any clause of these T’s and C’s. Unless a contrary intention clearly appears:
1.1 words importing:
1.1.1 any gender includes all of the others;
1.1.2 the singular includes the plural and vice versa; and
1.1.3 natural persons include created entities (corporate or unincorporate) and vice versa;
1.2 the following terms shall have the meanings assigned to them in this clause 1.2 and cognate expressions shall have corresponding meanings, namely:
1.2.1 “API” means an Application Programming Interface, which is a tool that allows different software applications to communicate with each other. It serves as an intermediary that enables the integration of different systems, allowing them to work together and share data when accessing Third Party Provider services.
1.2.2 "Business Day" means any day excluding a Saturday, Sunday and/or a public holiday in the Republic of South Africa;
1.2.3 "Data Subject" means the person to whom the Personal Information being processed relates;
1.2.4 "Effective Date" means the date of first transfer or receipt of Personal Information;
1.2.5 "Operator", as defined in POPIA, means a person or entity who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party. For the purposes of these T’s and C’s, this may refer to either of the Parties, as set out more clearly in clause 4 and as the context so requires;
1.2.6 "Parties" refers to the Provider and the User jointly, and the term “Party” refers to either one of them as the context may require;
1.2.7 "Personal Information" refers to personal information as defined in POPIA that either Party receives from the other Party, or to which either Party has access to as a result of the Services provided by that Party to the other Party, or as a result of these T’s and C’s;
1.2.8 "Processing" means any operation or set of operations performed on Personal Information, whether or not by automatic means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, destruction, or as further defined in POPIA ;
1.2.9 “Provider” means AG Digital Venture (Pty) Ltd T/A Pumpkn.io, Registration no: 2022/434429/07, a private company with limited liability duly incorporated under the company laws of the Republic of South Africa, with registered business address at Office Suite 2.4, The Heritage Firestation, 16 Baker Street, Rosebank, Johannesburg and chosen email address being jerome@pumpkn.io.
1.2.10 "POPIA" refers to the Protection of Personal Information Act, No. 4 of 2013, as amended from time to time;
1.2.11 "Responsible Party" as defined in POPIA, means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information. For the purposes of these T’s and C’s this may refer to either of the Parties, as set out more clearly in clause 4 and as the context so requires;
1.2.12 "Third Party Providers" means entities from which the Provider collects certain Personal Information via API’s, for the purposes of providing the Services. This may include, but not be limited to, banks, Accounting software providers, CIPC and Home Affairs.
1.2.13 “User” means any Party (whether natural or juristic) who makes use of any of the Services, whether purchased, via means of a free demo, or otherwise .
1.2.14 “Services” means any of the Provider’s services that specifically involve the processing of personal information supplied by Third Party Providers for the purposes of facilitating or performing services for the User. This may include various Services but specific reference is drawn to the Provider’s Software-as-a-Service ("SaaS") product that aggregates data and Personal Information using API’s from Third Party Providers for the purpose of determining the creditworthiness of potential or current borrowers/loanees of the User.
2. INTRODUCTION
2.1 The Provider offers the Services to the User who wishes to make use of the Services.
2.2 These T’s and C’s regulate the processing of Personal Information in connection with the Services and the parties wish to define their respective obligations and liabilities under POPIA in relation to the processing of Personal Information.
2.3 The Parties are committed to business practices in compliance with all relevant legislation in the Republic of South Africa, which includes POPIA and the Electronic Communications and Transactions Act of 2002 (“ECT”).
2.3 The Parties agree and acknowledge that they have familiarised themselves with the requirements and provisions of the above relevant legislation, and in particular with the requirements and provisions of POPIA.
2.4 The User has accepted these T’s and C’s to give effect to the provisions of this clause 2, and to regulate matters ancillary thereto.
2.5 The purpose of the disclosure of Personal Information is to allow for the Services to be provided and for both Parties to have assurance that all Personal Information exchanged pursuant thereto shall be processed in strict compliance with the provisions of POPIA.
3. COMMENCEMENT AND DURATION
These T’s and C’s shall be applicable from the Effective Date and will continue in full force and effect until the ancillary or further Service Agreement (“Service Agreement”) is terminated by either Party in accordance with the terms of that Service Agreement or indefinitely, should there be no Service Agreement entered into. All clauses that would reasonably be expected to operate after any such expiration or termination of the Service Agreement or which of necessity must continue to have effect after such expiration or termination, will still have effect indefinitely.
4. ROLES AND RESPONSIBILITIES OF THE PARTIES
4.1 The Responsible Party or Operator may refer to either of the Parties, as the context so requires.
4.2 Notwithstanding clause 4.1, it is herein expressly recorded that, for the purposes of the Personal Information gleaned from Third Party Providers for the purposes of providing the Services, the Provider, as an Operator, processes this Personal Information on behalf of the User. The User is the Responsible Party when it comes to the Third Party Personal Information processed by the Provider and provided to the User.
4.3 Both Parties agree to process Personal Information in accordance with their respective roles as Operator and/or Responsible Party, in compliance with the prescripts of POPIA.
5. UNDERTAKINGS BY THE PARTIES
The Parties undertake as follows:
5.1 The Parties shall comply with their respective requirements relating to Operators and/or Responsible Parties, as the case may be, as prescribed by POPIA.
5.2 The Parties shall comply with the requirements as set out in these T’s and C’s, in a manner that will ensure that the other Party does not, as a result of that Party’s conduct, breach any of its obligations in terms of POPIA.
5.3 The Parties shall provide adequate training to all of their staff, contractors and agents to ensure compliance with the POPIA requirements relating to Personal Information Processing, use and confidentiality.
5.4 The Parties shall process Personal Information exclusively for purposes of carrying out its obligations in terms of these T’s and C’s and/or any Service Agreement in place between them from time to time.
5.5 The Parties shall ensure that any and all Personal Information provided by the Operator to the Responsible Party from time to time is provided in accordance with the requirements of POPIA and meets all of the consent requirements for the purposes for which it is intended to be used.
5.6 The Parties undertake to only Process Personal Information in a manner that is adequate, relevant and not excessive for the purposes set out herein and/or as set out in the Service Agreement.
5.7 The Parties will treat all Personal Information as confidential, to the extent necessary relating to the Services provided for herein and/or in the Service Agreement.
5.8 The Parties will only disclose Personal Information to its employees and consultants who:
5.8.1 have a need to access such Personal Information solely for the purposes as set out in the Service Agreement or these T’s and C’s; and
5.8.2 have been advised of the obligations of confidentiality and are under obligations of confidentiality substantially similar to those set out in these T’s and C’s.
5.9 The Operator undertakes to ensure that any Personal Information it processes on behalf of the Responsible Party is held in a secure manner, which meets industry standards, where available, and that such information is not shared outside of the scope of these T’s and C’s and/or the Service Agreement.
5.10 Both Parties agree to comply with industry acceptable data security and privacy protection standards that will ensure that all Personal Information processed by it is protected against unauthorized access and/or use in any manner or form whatsoever.
6. SHARING PERSONAL INFORMATION WITH THIRD PARTIES
6.1 The Parties shall not share Personal Information received in terms of these T’s and C’s with additional third parties, other than its associated business partners, without the written consent of the other Party.
6.2 If the Parties agree that either Party may share Personal Information in the manner contemplated in clause 5.1 above, the sharing Party shall only share the Personal Information once it has entered into a written agreement with the additional third party that includes provisions that will ensure that the third party implements appropriate reasonable, technical and organisational measures to secure the confidentiality and integrity of the Personal Information and processes it in a manner that will ensure compliance with the requirements of POPIA.
6.3 The User consents to the sharing of Personal Information by the Provider with the Third Party Providers and additional third parties identified by the Provider as required for the execution of the Provider’s duties, provided that this is done in a manner consistent with POPIA and the Provider’s Privacy Policy.
7. DATA SUBJECT RIGHTS
7.1 The Responsible Party shall be responsible for handling any requests from Data Subjects relating to their rights under POPIA, including but not limited to the right of access, rectification, erasure, and objection to processing.
7.2 The Operator shall assist the Responsible Party, where possible, in fulfilling its obligations to respond to Data Subject requests.
8. DATA BREACH NOTIFICATION
In the event of a data breach involving Personal Information processed under these T’s and C’s, the Operator shall notify the Responsible Party without undue delay and provide sufficient information to enable the Responsible to meet any obligations to report or inform Data Subjects of the data breach.
9. WARRANTIES
9.1 Both Parties warrant that they will comply with all obligations in terms of these T’s and C’s and agree that a breach of this warranty will constitute a material breach of these T’s and C’s.
9.2 Both Parties warrant that they shall implement appropriate technical and organisational measures to prevent the loss of, damage to and/or unauthorised access or destruction of Personal Information.
9.3 The User warrants that it has the legal capacity (and where relevant, the authority) accept these T’s and C’s.
10. LIABILITY
10.1 Both Parties shall indemnify and hold the other Party harmless against any claims, actions, damages, direct losses, costs, fines, penalties or liabilities arising out of or in connection with a Party’s misuse of Personal Information, failure to comply with POPIA or breach of these T’s and C’s.
10.2 Both Parties shall not be liable for any unlawful processing of Personal Information by the other Party or for any actions taken by the other Party that result in a breach of these T’s and C’s or POPIA.
11. RELATIONSHIP
11.1 Neither of the Parties are an agent of the other for any purposes whatsoever and neither of the Parties shall be entitled to act on behalf of, or to represent the other unless duly authorised thereto in writing.
11.2 The acceptance of these T’s and C’s will not be interpreted or construed to create an association, joint venture, or partnership between the Parties or to impose any liability attributable to such a relationship upon either Party.
12. ASSIGNMENT
12.1 The Provider may, on written notice to the User, cede, assign or otherwise transfer all or any of its rights or obligations under these T’s and C’s to any other person or entity, without the consent of the User.
12.2 The User may not cede, assign or otherwise transfer all or any of its rights and/or obligations under these T’s and C’s without the prior written consent of the Provider, which consent shall not be unreasonably withheld.
13. GENERAL
13.1 Neither Party shall be bound by any representation, express or implied term, warranty, promise or the like not recorded herein or reduced to writing and signed by the Parties or their representatives.
13.2 No addition to, variation, or agreed cancellation of these T’s and C’s, including this clause, shall be of any force or effect unless in writing and signed by or on behalf of the Parties.
13.3 No indulgence which, either Party may grant to the other shall constitute a waiver of any of the rights of the grantor.
13.4 The Parties undertake to display the utmost good faith to one another in regard to all matters arising out of or incidental to these T’s and C’s.
13.5 If any provision of these T’s and C’s shall be held illegal or unenforceable, such provision shall be deemed separate and divisible from and shall in no way affect or impair the validity or enforceability of the remaining provisions.
13.6 Save as otherwise provided herein, the Parties hereby consent and submit to the exclusive jurisdiction of the courts of the Republic of South Africa and/or the Information Regulator of South Africa, for the purpose of all or any proceedings arising from or concerning these T’s and C’s.
13.7 These T’s and C’s (including their validity, existence and implementation, the interpretation and application of its provisions, the respective rights and obligations of the Parties in terms of and arising out of the acceptance or breach of these T’s and C’s) shall be exclusively interpreted and governed in all respects by the laws of the Republic of South Africa.
14. LEGAL DISCLOSURE
14.1 Legal status: AG Digital Venture (Pty) Ltd (registration number: 2022 / 434429 / 07) (T/A Pumpkn) is a private company with limited liability duly incorporated under the company laws of the Republic of South Africa.
14.2 Main business of Pumpkin: AG-Digital Ventures (Pty) Ltd. t/a Pumpkn.io is a registered Credit Provider in terms of the National Credit Act. Pumpkn.io provides access to short-term business loans for SMEs, and facilitates access to a range of financial products through its lending partners.
14.3 Information Officer: Zaheer Dindar, zaheer@pumpkn.io
14.4 Email Address: compliance@pumpkn.io
14.5 Website address: www.pumpkn.io
14.6 Registered Business Address:
Office Suite 2.4, The Heritage Firestation, 16 Baker Street, Rosebank, Johannesburg
Prepared by Lay Law © Copyright 2024. All rights reserved.
AG-Digital Ventures (Pty) Ltd. t/a Pumpkn.io is a registered Credit Provider in terms of the National Credit Act
Last updated: January 19, 2023
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protectsYou.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
The words of which the initial letter is capitalised have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
For the purposes of this Privacy Policy:
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device uniqueID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collectPersonal data that is already associated with Your Third-Party Social MediaService's account, such as Your name, Your email address, Your activities orYour contact list associated with that account.
You may also have the option of sharing additional information with the Company through Your Third-Party Social MediaService's account. If You choose to provide such information and Personal Data, during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse Our Service. The technologies We use may include:
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies on the Free Privacy Policy website article.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
The Company may use Personal Data for the following purposes:
We may share Your personal information in the following situations:
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.
The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of Your data and other personal information.
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.
Our Service may give You the ability to delete certain information about You from within the Service.
You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us.
Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.
If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 16 without verification of parental consent, We take steps to remove that information from Our servers.
If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If you have any questions about this Privacy Policy, You can contact us:
The Heritage Firestation
16 Baker Street
Rosebank
Johannesburg
2193
Meet Pumpkn, the financial partner you can bank on.
The Heritage Firestation
16 Baker Street
Rosebank
Johannesburg
2193
© 2024 AG Digital Ventures (Pty) Ltd. t/a Pumpkn.io. All rights reserved. AG-Digital Ventures (Pty) Ltd. t/a Pumpkn.io is a registered Credit Provider in terms of the National Credit Act.National Credit Regulator registration number NCRCP18413 | SEO Services by SOMS Digital
