Privacy Policy
Effective Date: 06/06/2025

1. Introduction
At Portfolio Bureau PTY ltd. (“we”, “us”, “our”), your privacy is important to us. As a registered Financial Services Provider and private wealth management firm, we are committed to protecting your personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (“POPIA”), as well as, where applicable, the General Data Protection Regulation (“GDPR”) for EU and international clients.

This Privacy Policy outlines how we collect, process, store, and protect your personal information when you use our website www.portfoliobureau.com, contact us, or engage our services.

2. What Information We Collect
We collect and process the following personal information:

Identifying Information:

• Contact details (email, phone number, physical address)

Technical Information:

• IP address, browser type, device data, site usage patterns via cookies

3. Purpose of Processing
We process your information to:

• Provide private wealth and financial advisory services

• Perform necessary due diligence in line with FICA and anti-money laundering legislation

• Verify your identity and meet compliance requirements

• Communicate with you about your portfolio or our services

• Respond to inquiries or support requests

• Send service updates, regulatory notices, or marketing communications (only with your consent)

4. Legal Grounds for Processing
Under POPIA, we rely on the following justifications for processing personal data:

• Your Consent – freely given, specific, informed, and unambiguous

• Contractual Necessity – to perform a service or agreement with you

• Legal Obligation – to comply with laws like FICA, tax legislation, or the FAIS Act

• Legitimate Interests – such as risk management, business operations, or fraud prevention

If you are located in the EU/EEA, the same bases apply under GDPR, with additional safeguards as required.

5. Sharing of Personal Information
We will not sell or rent your personal information. Your data may be shared with:

• Our contracted service providers (e.g., IT, legal, compliance, cloud platforms)

• Regulatory or supervisory bodies (FSCA, SARS, FIC) as required by law

• Other third parties with your explicit consent

All processors or third parties are required to comply with data protection obligations and confidentiality agreements.

6. Cross-Border Transfers
In certain circumstances, your personal information may be stored or processed in countries outside of South Africa. When this occurs, we ensure that:

• The destination country has adequate data protection laws; or

• Contractual and technical safeguards are in place (e.g., Standard Contractual Clauses under GDPR)

7. Data Retention
We retain personal information only for as long as necessary for the purposes outlined above or as required by law (e.g., FICA record-keeping: 5 years). After that, data is securely destroyed or anonymised.

8. Your Rights (Under POPIA & GDPR)
You have the right to:

• Access the personal data we hold about you

• Request correction, deletion, or restriction of your information

• Object to processing under certain conditions

• Withdraw your consent at any time (without affecting prior lawful processing)

• Lodge a complaint with the Information Regulator (POPIA) or your local data protection authority (GDPR)

To exercise any of your rights, please email: [Insert Contact Email]

9. Data Security
We implement appropriate, reasonable technical and organizational security measures to prevent unauthorized access, loss, misuse, or alteration of your personal information, including:

• Encrypted systems and data storage

• Role-based access control

• Secure client onboarding systems and communication platforms

• Regular risk assessments and compliance audits

10. Cookies and Website Tracking
Our website uses cookies to enhance user experience and analyze traffic. You can accept or refuse cookies via your browser settings.

• Necessary cookies help our site function correctly

• Analytical cookies help us improve performance

• You may disable cookies, but it may affect website functionality

For more information, view our [Cookie Policy] (link if applicable).

11. Links to Third-Party Sites
Our website may contain links to other sites. We are not responsible for the privacy practices or content of such third parties. Please review their privacy policies separately.

12. Changes to This Policy
We may update this Privacy Policy from time to time. All updates will be posted on this page with the revised effective date. Continued use of our website or services after changes indicates your acceptance of the updated policy.

13. Contact Us
For any questions, requests, or complaints regarding this Privacy Policy or how we manage personal information, please contact:

Portfolio Bureau PTY ltd.
Suite 1502,
Portside,
4 Bree Street,
Cape Town, 
8001,
South Africa

Tel: +27 21 419 2277
Fax: +27 21 421 7278
Email: [email protected]

If you are based in South Africa and wish to escalate a complaint, you may contact:
Information Regulator (South Africa)
Email: [email protected]
Website: https://www.justice.gov.za/inforeg/