Skip to main content
Skip to content
Kharon Fire & Security

Legal & Compliance

Privacy Policy

How Kharon collects, uses, protects and shares personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA).

Effective 3 June 2026

1. Who we are

Kharon Fire and Security Solutions (Pty) Ltd (registration 2016/313076/07) is the responsible party for the personal information processed through this website and the Kharon operations portal. Our registered address is Unit 58, M5 Freeway Park, 2B Uppercamp Road, Ndabeni, Maitland, 7405.

For any privacy matter, including access, correction or deletion requests, contact our Information Officer at admin@kharon.co.za or 061 545 8830.

2. Information we collect

Website enquiries: when you submit a contact or site-assessment request we collect the name, email address, phone number and message details you provide.

Portal accounts: for authorised admin, technician, client, finance and manager users we process account identity (name, email, role), authentication credentials (stored only as salted PBKDF2 hashes), multi-factor authentication settings and operational records relevant to your role.

Operational data: where you are an authorised user, we process job, site, system, certificate, defect and finance task records necessary to deliver fire-protection and compliance services.

Technical data: we retain only SHA-256 hashes of IP addresses for security and rate-limiting purposes. We do not store raw IP addresses.

3. How we use your information

To respond to enquiries and provide quotations and site assessments.

To deliver, schedule and document fire detection, gas suppression, compliance maintenance and security services.

To authenticate portal users, enforce role-based access and maintain audit trails.

To meet legal, regulatory and SANS compliance record-keeping obligations.

To protect our systems against fraud, abuse and unauthorised access.

4. Legal basis for processing

We process personal information on the basis of your consent, the performance of a contract or service request, compliance with legal obligations, and our legitimate operational and security interests, as permitted by POPIA.

5. Sharing and cross-border processing

Hosting and infrastructure: this website, portal and database are hosted on Cloudflare's global network, which may process data outside South Africa under appropriate safeguards.

Accounting: where finance services are provided, invoice and quote records are processed in Sage Accounting. We do not duplicate official accounting records outside Sage.

We do not sell personal information. We share it only with service providers necessary to operate our services, or where required by law.

6. Analytics and cookies

Public pages may use privacy-respecting, cookieless analytics that do not track individuals across sites. No advertising or cross-site tracking is used.

The secure operations portal (/portal) loads no analytics or third-party tracking of any kind. The portal sets only the strictly necessary cookies required for authentication, session security and CSRF protection.

7. Data retention

We retain personal information only for as long as necessary to fulfil the purposes above and to meet legal and compliance obligations. Operational and compliance records are kept for the periods required by applicable standards and law, after which they are securely deleted or anonymised.

8. Security

We apply technical and organisational safeguards including encrypted transport (HTTPS/HSTS), hashed credentials, multi-factor authentication for privileged accounts, strict role-based access control, CSRF protection, rate limiting, content-security policies and audit logging.

9. Your rights under POPIA

You have the right to be informed about how your personal information is processed; to access it; to request correction or deletion; to object to processing; and to lodge a complaint.

To exercise any of these rights, contact our Information Officer at admin@kharon.co.za. We may need to verify your identity before actioning a request.

Our PAIA manual, which describes how to request access to records, is available from the link in the site footer.

10. Complaints

If you believe we have not handled your personal information lawfully, you may lodge a complaint with the Information Regulator of South Africa (inforegulator.org.za) after first raising the matter with our Information Officer.

11. Changes to this policy

We may update this policy from time to time. The current version is effective from 3 June 2026. Material changes will be reflected on this page.

Questions about your personal information? Contact our Information Officer.

Contact Kharon