This privacy policy explains how Key Employer of Record South Africa (Pty) Ltd ("Key EOR SA", "we", "us") collects, uses, and protects information when you visit keyemployerofrecordsa.com or interact with our services.
We comply with the South African Protection of Personal Information Act (POPIA) and the EU General Data Protection Regulation (GDPR). Our parent group, Key Recruitment, holds ISO 27001:2022 certification.
1. Information we collect
Information you provide
- Name, email address, phone number, and company information when you complete a contact or booking form
- Estimated salary, role, and country information when you use our cost calculator
- Email content when you contact us directly
Information collected automatically
- Anonymised analytics data (pages visited, time on site, device type, country) via Google Analytics 4, only with your consent
- Anonymised behavioural data (heatmaps, session recordings excluding personal information) via Microsoft Clarity, only with your consent. Clarity automatically masks all form fields, names, and email addresses to protect your privacy.
- Visitor information for advertising and remarketing via the LinkedIn Insight Tag, only with your consent. This allows us to measure the effectiveness of any LinkedIn campaigns we run and to show relevant ads to people who have visited our site.
- Server logs (IP address, browser type, referring URL) for security and performance purposes
- Cookie preferences stored locally in your browser
2. How we use your information
- To respond to enquiries and provide quotes
- To deliver our Employer of Record service if you become a client
- To improve our website and content based on aggregated, anonymised analytics
- To comply with legal obligations under POPIA, GDPR, and South African employment law
We do not sell your personal information to any third party.
3. Cookies and tracking
We use cookies for four purposes:
- Essential cookies: required for the site to function (always active)
- Analytics cookies: Google Analytics 4 to understand how visitors use the site (only active after you accept on the consent banner)
- Behavioural analytics: Microsoft Clarity to record anonymised session replays and heatmaps. All form fields, names, and email addresses are automatically masked. Active only with your consent.
- Advertising and remarketing: The LinkedIn Insight Tag to measure LinkedIn campaign effectiveness and show relevant ads to people who have visited our site. Active only with your consent.
If you decline tracking cookies, the site continues to work normally. Microsoft Clarity and the LinkedIn Insight Tag are not loaded at all without your consent. Google Analytics remains in Consent Mode and only collects basic, anonymised, cookieless page-view information.
You can change your preference at any time by clicking the Manage cookies link in the footer of any page on this site. This resets your stored preference and re-shows the consent banner.
4. Sharing your information
We share information only with:
- Service providers: Formspree (form submission processing), Google (Analytics), Microsoft (Clarity behavioural analytics), LinkedIn (Insight Tag for ad campaign measurement), and Netlify (hosting). Each has contractual obligations to protect your data
- Our parent group: Key Recruitment Group, where relevant for delivering integrated services
- Legal authorities: where required by law in South Africa or other applicable jurisdictions
5. Your rights
Under POPIA and GDPR, you have the right to:
- Request a copy of the personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your information (subject to legal retention requirements)
- Object to processing or withdraw consent
- Lodge a complaint with the South African Information Regulator or your local EU data protection authority
To exercise any of these rights, email Email: info@keyeorsa.com.
6. Data retention
We retain enquiry information for up to 24 months. Client information is retained for the duration of the engagement and for 5 years after termination as required by South African tax and employment law.
7. International data transfers
Form data is processed by Formspree (US), Google Analytics (Google data centres globally), Microsoft Clarity (Microsoft Azure data centres), and Netlify (US/EU edge network). All providers are GDPR compliant and operate under Standard Contractual Clauses where required.
8. Security
The site uses HTTPS encryption for all traffic. Our parent group, Key Recruitment, holds ISO 27001:2022 certification, the international standard for information security management. Form data is transmitted over encrypted connections to our processors.
9. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be communicated to clients with active engagements.
10. Email disclaimer
This email and any attachments are confidential and may be legally privileged. They are intended solely for the named recipient(s). If received in error, please notify the sender immediately, delete this message, and do not use, disclose, or copy any part of it.
Key Employer of Record South Africa accepts no liability for any loss or damage arising from this email or its attachments, including that caused by malware or unauthorised access. Views expressed are those of the sender and do not necessarily represent the company.
Personal information contained in this email is processed in accordance with the UK Data Protection Act 2018, UK GDPR, and South Africa's Protection of Personal Information Act (POPIA), and must be handled with appropriate confidentiality and security.
11. Contact
For any privacy questions:
- Email: info@keyeorsa.com
- Phone: +27 21 180 5995 / +44 118 315 1099
- Address: Workshop17, 32 Kloof Street, Cape Town, 8001
- Post: Cape Town, Western Cape, South Africa