Privacy Policy
Last updated: June 2026
1. Introduction
Aregnum (Pty) Ltd (“Aregnum”, “we”, “us”, or “our”) is committed to protecting the personal information of our clients, their residents, visitors, and website users. This Privacy Policy explains how we collect, use, store, share, and protect your personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) and, where applicable, the General Data Protection Regulation (GDPR).
Our website address is: https://aregnum.com
2. Who we are
Aregnum provides cloud-based estate management, office park management, and visitor management software solutions. Our systems integrate with access control hardware to manage secure entry and exit for residential estates, gated communities, retirement villages, office parks, corporate campuses, and commercial buildings.
Information Officer: Greg Hall Email: greg@aregnum.com Website: https://aregnum.com
3. What personal information we collect
We collect personal information through different channels depending on how you interact with us.
3.1 Website visitors
When you visit our website or submit a form, we may collect:
- First name and last name
- Email address
- Phone number
- Company or estate name
- Product interest (which of our systems you are enquiring about)
- Your message or enquiry
- IP address and browser information
- Pages visited and time spent on our site (via cookies and analytics)
3.2 Estate residents and homeowners
When an estate or community uses our system, we may process the following on behalf of the estate (as an operator/processor):
- Full name
- Contact details (phone number, email address)
- Unit or property number
- Vehicle registration numbers
- Facial recognition data (where biometric access control is enabled)
- NFC card or QR code identifiers
- Entry and exit records (date, time, gate used)
- Profile photographs
3.3 Visitors to estates, office parks, and buildings
When you visit a property managed through our system, we may collect:
- Full name
- Contact details (phone number)
- Vehicle registration number
- ID or identification details (as required by the estate or building)
- Date and time of visit
- Host/resident being visited
- Entry and exit records
- Facial recognition data or QR code scan data (where applicable)
3.4 Reseller partners and hardware installers
When you engage with us as a business partner, we may collect:
- Contact person name and details
- Company name and registration details
- Geographic region and coverage area
- Hardware brands and product lines
- Banking or payment details (for commission or invoicing purposes)
4. How we collect your information
We collect personal information through:
- Our website contact form (hosted by HubSpot)
- Meeting booking requests
- Phone calls and email correspondence
- Our estate and visitor management application
- Access control hardware (scanners, biometric readers, NFC readers, cameras)
- Third-party integrations (ZKBio CVSecurity by ZKTeco)
- Cookies and website analytics tools
5. Why we process your information (purpose and legal basis)
We process personal information for the following purposes:
- To respond to your enquiry and provide information about our products and services (consent and/or legitimate interest)
- To provide our services to estates, office parks, and buildings that use our software (performance of a contract)
- To manage access control and ensure the safety and security of residents, visitors, and property (legitimate interest and/or legal obligation)
- To manage our reseller and installer partnerships (performance of a contract)
- To send marketing communications about our products, features, and updates (consent, which you may withdraw at any time)
- To improve our website and services through analytics and usage data (legitimate interest)
- To comply with legal obligations, including record-keeping requirements
6. Third-party service providers (operators/processors)
We share personal information with the following categories of third-party service providers who process data on our behalf:
| Provider | Purpose | Data processed |
|---|---|---|
| HubSpot | CRM, forms, email marketing | Contact details, enquiry data, marketing preferences |
| ZKTeco (ZKBio CVSecurity) | Access control platform | Resident and visitor records, entry/exit logs, biometric data |
| Google (Analytics, Ads) | Website analytics, advertising | Website usage data, anonymised browsing behaviour |
| Meta (Facebook, Instagram) | Advertising | Anonymised audience data for ad targeting |
| Telviva | Communication services | Phone call data |
| InfoBip | SMS and messaging | Phone numbers, message content |
| Google Calendar | Meeting scheduling | Name, email, meeting details |
All third-party providers are contractually obligated to protect your personal information and may only use it for the purposes we have specified. Where data is transferred outside of South Africa, we ensure that adequate safeguards are in place as required by POPIA.
7. Cookies and tracking
Our website uses cookies and similar technologies to:
- Enable core website functionality
- Analyse website traffic and usage patterns (Google Analytics)
- Track the effectiveness of our advertising campaigns (Google Ads, Meta Pixel)
- Manage form submissions (HubSpot tracking code)
When you first visit our website, you will be presented with a cookie consent banner. You may choose to accept or decline non-essential cookies. Essential cookies that are necessary for the website to function cannot be disabled.
You can manage your cookie preferences at any time through your browser settings.
8. How long we keep your information
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected:
- Website enquiries and CRM data: Retained for as long as a business relationship exists, plus 5 years after the last interaction
- Resident and homeowner records: Retained for the duration of the estate’s contract with Aregnum, plus 12 months after contract termination to allow for data migration
- Visitor records: Retained for a maximum of 12 months, unless a longer period is required for security or legal purposes
- Access control logs (entry/exit records): Retained for 12 months
- Biometric data (facial recognition): Retained only for the duration of the individual’s active registration and deleted upon de-registration
- Reseller/partner data: Retained for the duration of the partnership, plus 5 years for tax and audit purposes
- Marketing communication preferences: Retained until you withdraw your consent
9. Your rights under POPIA
As a data subject, you have the right to:
- Access your personal information that we hold
- Correct any inaccurate, incomplete, or outdated personal information
- Delete your personal information, subject to any legal obligations that require us to retain it
- Object to the processing of your personal information for direct marketing purposes
- Withdraw consent for processing where consent was the basis for collection
- Lodge a complaint with the Information Regulator if you believe your rights have been violated
- Request a copy of your personal information in a structured, commonly used format
To exercise any of these rights, please contact our Information Officer at greg@aregnum.com. We will respond to your request within 30 days.
10. Information Regulator (South Africa)
If you are not satisfied with how we have handled your personal information, you have the right to lodge a complaint with:
The Information Regulator (South Africa) JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001 Email: enquiries@inforegulator.org.za Website: https://inforegulator.org.za
11. For residents in the European Union
If you are located in the EU, your personal information is also protected under the General Data Protection Regulation (GDPR). In addition to the rights listed above, you have the right to data portability and the right to restrict processing. Our legal basis for processing is as described in Section 5 above.
12. Security of your information
We take reasonable technical and organisational measures to protect your personal information against unauthorised access, loss, destruction, or damage. These measures include:
- Encrypted data transmission (SSL/TLS) on our website and application
- Access control restrictions on our systems and databases
- Regular security reviews and updates
- Contractual obligations on all third-party service providers to maintain appropriate security standards
While we take all reasonable steps to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.
13. Children’s information
Our services are not directed at children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information.
14. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. The updated version will be posted on this page with a revised “Last updated” date. We encourage you to review this policy periodically.
15. Contact us
If you have any questions about this Privacy Policy or how we handle your personal information, please contact us:
Aregnum (Pty) Ltd Email: greg@aregnum.com Website: https://aregnum.com