Privacy Policy

At FST Mining & Engineering (“we”, “us”, “our”) we respect your privacy and are committed to protecting the personal information you share with us in accordance with South Africa’s Protection of Personal Information Act, 2013 (“POPIA” or “POPI Act”).

1. Responsible Party & Contact

We act as the “Responsible Party” under POPIA for all personal information processed through our website and business operations. If you have any queries, requests, or complaints about how we handle your information, you may contact our appointed Information Officer at:
Sarie Oosthuizen
sarie@fstmining.co.za
+27 (14) 880 0064
On the Property of Sibanye Stillwater
Marikana Division, Marikana, North West, South Africa

2. What Personal Information We Collect

We only collect information that is necessary and relevant, including (but not limited to):

  • Your name, company name, job title
  • Contact details (email address, telephone number, postal address)
  • Details you provide when making inquiries, submitting forms, or requesting services
  • Technical data such as IP address, browser type, device, and website usage (via cookies)
  • Any other information you voluntarily provide to us

3. Purpose & Lawful Basis for Processing

We process your personal information for legitimate purposes including:

  • To respond to your inquiries, requests or service proposals
  • To deliver our services, send quotes, invoices or confirmations
  • To facilitate communications, support & project management
  • To maintain records for internal administrative and legal compliance
  • To improve our website, and for analytics and marketing (where you consent)

We will not use your personal information for purposes incompatible with those for which it was collected, except with your consent or as required by law.

4. Consent & Voluntariness

Where processing requires your consent (for example in marketing or certain cookies), that consent will be freely given, specific, informed and unambiguous. You may withdraw your consent at any time (see Section 8 below).

5. Disclosure & Recipients

We may share your information with:

  • Trusted third-party service providers (e.g. email platforms, hosting, analytics) under contractual obligations ensuring POPIA compliance
  • Regulatory or legal authorities, when required by law
  • In the event of a corporate restructuring or sale, subject to confidentiality and POPIA safeguards

We do not sell your personal data to third parties.

6. International Transfers

If it becomes necessary to transfer your personal data outside South Africa, we will ensure that the receiving country or entity provides an adequate level of protection consistent with POPIA, or we will obtain your express consent, or rely on another lawful basis under POPIA.

7. Security & Safeguards

We take reasonable and appropriate technical and organisational measures to secure your personal information against loss, damage, unauthorized access or disclosure, in line with POPIA’s Security Safeguards condition (Condition 7)
We continuously review and update our systems and staff training to maintain security.

8. Retention & Deletion

We will not retain your personal information longer than necessary to achieve the purpose for which it was collected, unless a longer retention is required by other applicable laws or regulations (e.g. tax, audit).
When no longer needed, we will securely destroy or anonymize the information.

9. Data Subject Rights

Under POPIA, you have certain rights as a data subject, including:

  • The right to access your personal information
  • The right to correct, update or delete your personal information
  • The right to object to processing or request restriction
  • The right to withdraw consent (for processing based on consent)
  • The right to lodge a complaint with the Information Regulator

To exercise any of these rights, please contact our Information Officer with proof of identity.

10. Breach Notification

If we become aware of a data breach involving your personal information, we will notify:

  • The South African Information Regulator as required by POPIA
  • You (the affected data subject) without undue delay, if the breach is likely to result in serious harm

Notifications will include details of the breach, its consequences, and measures taken or proposed to mitigate the harm.

11. Cookies & Online Tracking

We use cookies and similar technologies to track website usage, collect analytics and optimize your experience. Where such tracking constitutes processing of personal identifiers, we will request your consent where required under POPIA. You may choose to disable cookies via your browser settings, though this may affect site functionality.

12. Changes to Policy

We may update this policy from time to time (e.g. to reflect changes in legal requirements or business practices). When we do, we will post the revised policy with a new effective date.

13. Governing Law & Enforcement

This privacy policy is governed by the laws of South Africa, and your rights under POPIA are enforceable with the Information Regulator. Non-compliance with POPIA can attract fines, penalties or even imprisonment in extreme cases.