PRIVACY POLICY (POPIA)
Last updated: 30 December 2025
This Privacy Policy explains how MC Accounting and Taxation (Pty) Ltd (“MC Accounting and Taxation”, “we”, “us”, “our”) collects, uses, stores, shares and protects personal information in accordance with the Protection of Personal Information Act 4 of 2013 (“POPIA”).
1. RESPONSIBLE PARTY (WHO WE ARE)
MC Accounting and Taxation (Pty) Ltd
Company Registration No: 2024/016861/07
VAT No: 4040318646
SAIT Technical Tax Practitioner: PR-0115551
Location: Johannesburg, Gauteng, South Africa
Email: info@mcaccountingandtax.co.za
Call / WhatsApp: 081 458 4668
Business hours: Monday–Friday, 08:00–16:00
2. SCOPE
This Policy applies to personal information we collect through:
our Website and website forms;
email, WhatsApp, phone calls and messages; and
our business operations when you enquire about or engage our services.
3. PERSONAL INFORMATION WE COLLECT
We may collect personal information when you contact us, request a consultation, complete a form on our Website, email us, or communicate with us via WhatsApp or phone.
This may include:
Full name and surname
Email address
Mobile number
Business name and business details you provide
VAT registration status and related details you provide
Number of entities and high-level business structure information you provide
Information contained in your message or enquiry
Technical information (e.g., IP address, device/browser details, referral source, pages viewed, approximate location) where enabled through cookies/analytics on our Website
Any additional information you choose to provide
If you become a client, we may also collect further information needed to provide bookkeeping, payroll, tax and compliance services. This may include identity and verification information, statutory and payroll information, and records required for service delivery, compliance and recordkeeping.
Important: Please do not submit passwords, banking login details, or unnecessary highly sensitive personal information through website forms.
4. WHY WE PROCESS PERSONAL INFORMATION (PURPOSES)
We process personal information to:
respond to enquiries and consultation requests;
assess your needs and recommend an appropriate support level/package;
onboard you as a client and provide bookkeeping, payroll, tax and compliance support;
communicate with you regarding queries, deadlines, documentation and next steps;
maintain accurate internal records and audit trails for professional practice and compliance;
comply with legal, regulatory and professional obligations;
protect our business, clients and systems against fraud, misuse or unlawful activity; and
improve our Website and service experience (where cookies/analytics are enabled).
5. LAWFUL BASIS FOR PROCESSING (POPIA)
We process personal information in accordance with POPIA and on one or more lawful grounds, including:
Consent (where required/appropriate, such as certain marketing communications);
Contract (to perform a contract with you or take steps requested by you before entering into a contract);
Legal obligation (where we must comply with laws, regulatory obligations or professional requirements); and
Legitimate interests (such as running our operations, responding to enquiries, ensuring security and improving service quality), balanced against your rights.
6. HOW WE COLLECT INFORMATION
We collect information:
Directly from you (forms, email, WhatsApp, phone calls, messages, documents you provide);
Automatically via website technologies such as cookies and analytics where enabled; and
From third parties only where lawful and necessary (for example, where you authorise us to obtain information from your prior accountant, payroll platforms, banks, SARS/CIPC, or other service providers).
7. SHARING YOUR PERSONAL INFORMATION
We do not sell your personal information.
We may share personal information only when necessary for legitimate business purposes, service delivery or legal compliance, including with:
service providers who help us operate our business (e.g., website hosting/platform providers, email providers, cloud storage providers, accounting/payroll software providers);
professional advisers where required (e.g., legal, compliance, audit support);
SARS, CIPC, banks, payroll administrators, medical aid/retirement fund administrators, or other regulators/authorities where you instruct us to act on your behalf or where legally required; and
any other third party where you have provided consent or where the law permits/requires disclosure.
We take reasonable steps to ensure third-party providers process personal information securely and only for the intended purpose.
8. CROSS-BORDER TRANSFERS
Some technology providers we use may store or process data outside South Africa. Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place, including that the recipient is subject to laws, contractual terms, or binding rules that provide protection consistent with POPIA.
9. SECURITY SAFEGUARDS
We implement reasonable technical and organisational measures to protect personal information against loss, unauthorised access, misuse, alteration and unlawful disclosure. Measures may include access controls, restricted access on a need-to-know basis, secure storage practices and operational controls.
No system is completely secure. If a security incident occurs, we will take reasonable steps to address it and comply with any legally required notification obligations.
10. RETENTION OF PERSONAL INFORMATION
We retain personal information only for as long as necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by law, including recordkeeping requirements applicable to accounting, tax and payroll services.
11. YOUR RIGHTS (DATA SUBJECT RIGHTS)
Subject to POPIA and applicable law, you may:
request access to the personal information we hold about you;
request correction or updating of your personal information;
request deletion of personal information where appropriate and lawful;
object to certain processing in specific circumstances;
withdraw consent where processing is based on consent (this does not affect processing already completed lawfully);
request restriction of processing in certain circumstances; and
lodge a complaint with the Information Regulator.
To exercise your rights, contact us using the details in section 14. We may request reasonable proof of identity before processing certain requests.
12. COOKIES AND WEBSITE TECHNOLOGIES
Our Website may use cookies and similar technologies to enable site functionality, improve user experience, and measure website performance where enabled through our website platform settings.
You can manage cookies through your browser settings. Disabling cookies may affect certain Website features. Where our Website provides cookie controls (if enabled), you may manage your preferences through those controls.
13. CHILDREN’S PRIVACY
Our services are intended for business owners and adults. We do not knowingly collect personal information from children. If you believe a child has submitted personal information to us, please contact us and we will take reasonable steps to delete it.
14. CONTACT US
If you have questions about this Privacy Policy or how we process personal information, contact:
Email: info@mcaccountingandtax.co.za
Call / WhatsApp: 081 458 4668
Location: Johannesburg, Gauteng, South Africa
15. COMPLAINTS
If you are not satisfied with how we handle your personal information, you may contact the Information Regulator (South Africa).
Information Regulator (South Africa)
Website: https://inforegulator.org.za
Email: enquiries@inforegulator.org.za
Telephone: 010 023 5200 / 0800 017 160
POPIA Complaints: POPIAComplaints@inforegulator.org.za
PAIA Complaints: PAIAComplaints@inforegulator.org.za
Address: Woodmead North Office Park, 54 Maxwell Drive, Woodmead, Johannesburg, 2191
16. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. The “Last updated” date at the top will reflect the latest version.