Route 62 Brewing Company (we, us, our) is committed to safeguarding the privacy of your personal data.

We understand that the protection of your personal data is an essential requirement for you and that you expect us to handle your personal data according to high standards of privacy and security. This Privacy Statement aims to explain in a simple and transparent way what personal data we gather about you and how we process it. In this connection, we have prepared this Q & A to explain how we use and process your personal data.

What is personal data?

Personal data means any information which identifies an individual person or from which an individual person is identifiable.

What is a data subject, a data processor and a data controller?

  • A data subject means an identified or identifiable individual person (i.e. human); in particular by reference to an identifier (such as a name or an identification number).
  • A data controller determines the purposes and means of the processing of personal data. The data controller has decision making power in respect of the processing.
  • A data processor is responsible for processing personal data on behalf of a data controller.
  • In most cases, we are the data controller of personal data. There are certain instances where we act as data processor.

What personal data do we collect, have or compile about you?

Personal data that is typically collected and used by us includes but is not limited to the following:

  • Your contact details, such as your name, your address(es), your telephone number(s) and email address(es);
  • Other personal data about you, such as your personal information collected by us for our customer online purchases purposes e.g. your identity, address; bank account, financial information; transactional information on your account with us; your gender; date and place of transaction; photographs or other visual images you may choose to share with us about your experience with us, email conversations with our staff.
  • Personal data collected by our cookies when you visit our website (in this connection, please refer to our Cookie Section below.
  • Please note that the personal data set out above is an indicative list only and may not be exhaustive.

Why do we collect and process your personal data?

We will only collect and use your personal data where we have lawful grounds and legitimate business reasons to do so.

We collect and process your personal data to:

  • ensure our compliance with our regulatory obligations under the applicable anti-money laundering or other applicable laws and regulations;
  • to comply with the minimum age requirements in terms of the liquor legislation;
  • assess an application by you in respect of purchases and any other products or services from us; and
  • as is necessary for the performance of our obligations to you under the agreement you enter into with us at the time, we on-board you, as may be amended in accordance with its terms.

As a result, the personal data you provide to us at any point, may be shared by us with one or more of the following organisations or persons:

  • banking, regulatory, governmental or other relevant authorities, a court or other authority of competent jurisdiction;
  • other financial institutions in order to conclude online transactions;
  • credit reporting agencies, if applicable;
  • our affiliates, officers, directors, employees, professional advisers and auditors;
  • any professional adviser and/or professional services business that you have been using to liaise with us;
  • any parties that we work with to provide you with our products or services and to support our business; and
  • any other party with whom you have consented that we may share your personal data with.

How do we collect your personal data?

Most of your personal data is collected at the time we on-board you as a customer. It may also be collected when there are changes to your personal data and our records need to be updated. We will mostly collect your personal data directly from you. In some cases, as and when required, we may also collect information about your card transactions from card issuing agencies or their authorised representatives and we may further request you to provide us with other information to conclude an online transaction, where necessary.

Your personal data for marketing and communication purposes

We may from time to time use your personal data to send you information about our products, services and promotions and those of the entities within our group, which we believe may be of interest to you. At the time we on-board you, we will ask you to provide your express consent to being contacted for such purposes. If we do not have your consent to the processing of your personal data for marketing purposes, or if we have your consent and you subsequently notify us of the withdrawal of your consent, we will not send you any marketing correspondence.

You may change your mind and update your preferences at any time by notifying us.

For how long do we store your personal data?

We will only hold your personal data for as long as is necessary for the purposes for which it was obtained.
However, if we are obliged pursuant to our regulatory or statutory requirements to retain your personal data for a specified period of time, then we will retain your personal data for that minimum specified period.

Automated decision making and profiling

We do not currently use any system pursuant to which your personal data is subjected to automated decision making or profiling. However, if this changes, it may affect the products and services we offer you and we will amend our Privacy Notice accordingly.

Use of Cookies

For information about cookies and how they’re used on this website, visit our Cookie section below.

Transfer of personal data outside South Africa

Your personal data may be transferred to and stored in locations outside South Africa where our service providers use data repositories located outside of South Africa. However, any such transfer does not affect our commitment to safeguard the privacy of your personal data and we will ensure that the transfer is lawful.

Your rights

As data subject, you have a number of rights under applicable data protection laws in respect of your personal data, which include but are not limited to the following:

  • Right of access to your personal data;
  • Right to rectify inaccurate personal data;
  • Right to erase your personal data if the continued processing of such data is not justified;
  • Right to restrict the processing of your personal data;
  • Right to object to processing of your personal data (including direct marketing);
  • Right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal effects concerning you or significantly affects you;
  • Right to lodge a complaint with the Data Commissioner through the Data Protection Office.

POPI Act in South Africa

POPI Act (POPIA) was promulgated with the following aims (according to the POPIA spirit):

  • Strengthen the control and personal autonomy of data subjects over their personal data, thereby contributing to respect for their human rights and fundamental freedoms, in particular their right to privacy, in line with current relevant international standards, in particular the European Union’s General Data Protection Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR);
  • Simplify the regulatory environment for business in our digital economy; and
  • Promote the safe transfer of personal data to and from foreign jurisdictions, given the diversification, intensification and globalisation of data processing and personal data flows.

If you wish to obtain information about your rights under the new POPI Act legislation, please consult the POPIA website:

Your consent and your right to withdraw your consent

Your consent must be a freely given, specific, informed and unambiguous indication of your wishes to our collection, use or processing of your personal data, either by a statement or a clear affirmative action on your part.

We will process your personal data if you give us your consent in accordance with the law. Our account opening mandate and agreements (including our General Terms and Conditions) contain express provisions regarding your consent, pursuant to which you authorise us to process your personal data.

However, we will not be able to provide you certain products or services as a result of such withdrawal.

Notwithstanding the withdrawal of your consent, we may still continue to collect and process your personal data if we are obliged to do so pursuant to our regulatory or statutory requirements [or if this is necessary pursuant to a contract to which we are a party].


Nothing in this document shall be represented or construed as any representation, warranty or undertaking on our part or any of our officers, employees, directors, agents or affiliates. Accordingly, we do not give any representation, warranty or undertaking and we accept no responsibility or liability as to the accuracy, or completeness, of the information set out in this document. The information contained does not purport to be complete and is subject to change.

You are advised to rely on your independent appraisal of and investigations into the information provided, and we advise you to obtain legal advice if you have any concerns regarding your data protection rights.


The Website and App make use of Cookies in order to provide you with relevant content and the best experience possible whilst using the Website and/or App. At any stage during Your use of the Website and/or App you may choose to block the Cookies used by NFT, however this may impact your use or experience of the Website and/or App.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

Queries and complaints

If you have any queries or complaints in respect of your personal data, please contact the Data Protection Office:

Data Protection Officer
Route 62 Brewing Company
T: (+2760) 714 0846