Data Protection & POPIA Compliance Statement
Elite CV – Executive Services
Operated by New Elite Holdings (Pty) Ltd
Last Updated: 03 March 2026
1. Introduction
Elite CV, operated by New Elite Holdings (Pty) Ltd, is committed to protecting the personal information of its clients in accordance with:
The Protection of Personal Information Act, 4 of 2013 (POPIA) – Republic of South Africa
Where applicable, the General Data Protection Regulation (GDPR)
UK GDPR
Other applicable international data protection frameworks
Because we provide executive career services, we process sensitive professional information. We therefore apply heightened confidentiality and data protection standards.
2. Responsible Party
For purposes of POPIA, New Elite Holdings (Pty) Ltd acts as the Responsible Party when determining the purpose and means of processing personal information.
Contact details:
Email: [email protected]
Jurisdiction: Republic of South Africa
3. Categories of Personal Information Processed
We may process the following categories of personal information:
3.1 Identification Information
Full name
Contact details
Location
Nationality (if provided)
3.2 Employment & Career Information
Employment history
Performance metrics
Achievements
Education and certifications
Professional memberships
Career gaps
Salary expectations
LinkedIn data
Target job descriptions
3.3 Special Personal Information (Only if voluntarily provided)
Health-related career gaps
Demographic or diversity disclosures
Visa or immigration information
We do not actively request special personal information unless necessary for professional positioning.
4. Lawful Basis for Processing (POPIA)
In accordance with POPIA, personal information is processed only where:
The data subject has given consent;
Processing is necessary to conclude or perform a contract;
Processing complies with a legal obligation;
Processing protects a legitimate interest of the data subject;
Processing is necessary for pursuing our legitimate business interests.
5. Purpose of Processing
We process personal information for:
Delivery of executive CV and branding services
Drafting customised professional documents
Conducting consultations
Processing payments
Responding to enquiries
Record-keeping and legal compliance
Improving service quality
We do not sell personal information.
6. POPIA Compliance Principles
Elite CV adheres to the eight core POPIA principles:
Accountability – We accept responsibility for lawful processing.
Processing Limitation – We collect only necessary information.
Purpose Specification – Data is collected for specific, lawful purposes.
Further Processing Limitation – We do not process beyond original purpose.
Information Quality – We rely on client-provided accuracy.
Openness – Our policies are publicly available.
Security Safeguards – We implement reasonable security measures.
Data Subject Participation – Clients may access or correct data.
7. Security Safeguards
We implement reasonable technical and organisational safeguards including:
Secure cloud-based storage
Access restriction protocols
Password-protected systems
Secure email platforms
Limited internal access
Reputable third-party service providers
While we implement industry-standard protections, no system is completely immune from cyber threats.
8. Cross-Border Data Transfers
Because we serve clients globally:
Data may be stored or processed outside South Africa.
Cloud infrastructure providers may operate internationally.
Payment processors may process data in other jurisdictions.
Where cross-border transfers occur, we ensure:
Adequate safeguards are in place; or
The transfer is necessary for contract performance; or
The data subject consents to such transfer.
9. Data Retention
We retain personal information only as long as necessary for:
Completion of services
Legal compliance
Business record keeping
Standard retention period: Up to 24 months after project completion, unless earlier deletion is requested (subject to legal obligations).
After retention period, data may be securely deleted or anonymised.
10. Data Subject Rights Under POPIA
Under POPIA, you have the right to:
Request access to your personal information
Request correction or deletion
Object to processing
Withdraw consent (where applicable)
Lodge a complaint with the Information Regulator
Requests may be submitted to:
[email protected]
Identity verification may be required.
11. Information Regulator
If you believe your rights under POPIA have been infringed, you may lodge a complaint with:
The Information Regulator (South Africa)
Website: https://www.justice.gov.za/inforeg/
We encourage contacting us first to resolve concerns.
12. Third-Party Operators
We may engage trusted third-party operators for:
Cloud storage
Document processing
Email services
Payment processing (PayPal / PayFast)
Operators are contractually required to:
Maintain confidentiality
Implement reasonable security measures
Process data only as instructed
13. LinkedIn Credential Handling
Where clients voluntarily provide LinkedIn login credentials:
Access is used solely to update profile content.
Credentials are not stored beyond service necessity.
Clients are advised to change passwords post-completion.
Elite CV cannot be held liable for third-party platform breaches beyond our control.
14. Data Breach Response
In the event of a security compromise affecting personal information:
We will assess impact promptly.
Where required under POPIA or applicable law, affected individuals and/or authorities will be notified.
Remedial steps will be implemented without undue delay.
15. Confidential Executive Engagements
For C-Suite and high-profile clients:
Enhanced discretion protocols apply.
No documents are published or shared without written consent.
We do not use executive documents as samples without permission.
16. Amendments
This statement may be updated to reflect legal or operational changes. Updated versions will be published with a revised effective date.
17. Contact
For all data protection enquiries:
Email: [email protected]
Jurisdiction: Republic of South Africa