Privacy Policy
This policy explains how ExpandoWorks collects, uses, stores, shares, and protects personal information when people use this website, request a quote, submit a contact form, place an order, or use the reseller portal and CMS.
Last updated: 28 April 2026. This policy is written for South African users and is intended to support compliance with the Protection of Personal Information Act, 2013 (POPIA). It should be reviewed by ExpandoWorks' appointed Information Officer and legal adviser before being treated as final compliance documentation.
Who Is Responsible
ExpandoWorks (Pty) Ltd is the responsible party for personal information collected through this website, unless a separate agreement states otherwise.
Information We Collect
We may collect the following categories of personal information:
- Contact details such as name, company, email address, telephone number, and delivery details.
- Order, quote, payment, reseller request, support, and correspondence information.
- Uploaded project files, including Gerber ZIP files and related manufacturing specifications.
- Account and access information for reseller or CMS users.
- Technical information such as IP address, browser type, device information, cookies, and site usage logs.
Why We Process Information
We process personal information only where there is a lawful reason to do so, including to:
- respond to enquiries, quote requests, support requests, and reseller applications;
- process product and PCB orders, payments, delivery, refunds, and after-sales support;
- perform engineering review, manufacturability checks, warranty support, and project administration;
- operate and secure the website, cart, reseller portal, CMS, and payment integrations;
- comply with tax, accounting, legal, regulatory, audit, and recordkeeping obligations;
- send direct marketing only where allowed by law or where consent has been given.
Sharing And Operators
We may share personal information with trusted operators and service providers who help us operate the website, host systems, process payments, deliver orders, provide email, analytics, accounting, support, and manufacturing services. Operators must process information only on our instructions and apply appropriate confidentiality and security measures.
We may also disclose information where required by law, court order, regulator request, payment dispute process, fraud prevention requirement, or to protect our rights and the rights of users.
Cross-Border Processing
Some service providers may store or access information outside South Africa. Where this happens, we will take reasonable steps to ensure that the recipient is subject to appropriate safeguards, contractual protections, or privacy laws that provide adequate protection for personal information.
Security And Retention
We use reasonable technical and organisational safeguards to protect personal information against loss, unauthorised access, misuse, alteration, or disclosure. We keep information only for as long as reasonably necessary for the purpose collected, unless a longer period is required by law, tax, audit, dispute, warranty, or legitimate business requirements.
Your Rights
Subject to POPIA and other applicable law, you may ask us to:
- confirm whether we hold personal information about you;
- give you access to your personal information;
- correct or update inaccurate, irrelevant, excessive, outdated, incomplete, misleading, or unlawfully obtained information;
- delete or destroy information where legally permitted;
- object to processing in appropriate circumstances;
- withdraw consent where processing is based on consent;
- opt out of direct marketing.
Requests can be sent to sales@expandoworks.com. You may also lodge a complaint with the Information Regulator of South Africa.