Skip to main content
Logo dark

Privacy Policy

Privacy Policy

Last updated: June 10, 2025

This Privacy Policy explains how FYM Partners (“we”, “us”, “our”), operated by ACAWUTA LLC, collects, uses, discloses, and protects personal information when you interact with our websites, products, and services.

We comply with the Protection of Personal Information Act, 2013 (POPIA), the EU/UK General Data Protection Regulation (GDPR), and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA).

---

POPIA Notice

This Privacy Policy specifically addresses compliance with POPIA.

  • Purpose Limitation: We only collect, use, and share your personal information for lawful and specific purposes described in this policy.
  • Minimality: We collect only the minimum information necessary.
  • Consent: We seek your explicit consent where required and respect your right to withdraw consent at any time.
  • Openness: You may request access to, correction of, or deletion of your information as per POPIA Section 23 and 24.
  • Information Officer Contact: Our Information Officer can be reached at privacy@fymafrica.com.
  • Data Breaches: In the event of a data breach, we will notify you and the Information Regulator in accordance with Section 22.
  • Cross-border Transfers: All transfers outside South Africa are safeguarded under POPIA Section 72.

1) Who We Are

For POPIA we act as the Responsible Party, and for GDPR we act as the Controller for most processing activities.

  • Legal entity: ACAWUTA LLC t/a FYM Partners
  • Registered address: Cincinnati, Ohio, United States
  • Contact email: privacy@fymafrica.com
  • Phone: +1 646 631 1764
  • Information Regulator (South Africa): inforegulator.org.za
  • EU Representative (for GDPR): Available upon request via privacy@fymafrica.com

2) Personal Information We Collect

Categories of personal information we may collect include:

  • Identifiers (name, email address, phone number, government ID data where KYC is required)
  • Professional details (company, role, jurisdiction preferences)
  • Financial information (billing details, limited bank information for invoicing and payments)
  • Usage data (pages viewed, device information, IP address, analytics)
  • Communications and documents shared with our team (support requests, onboarding materials)

Sensitive or special category data (such as identity verification documents) are processed only when necessary for regulatory or contractual compliance and subject to heightened security safeguards.

3) How We Use Personal Information & Legal Bases

We process personal information to:

  • Provide and operate our services (company formation, compliance, management, consulting)
  • Process orders, payments, and customer support requests
  • Meet legal and regulatory obligations (including KYC/AML, tax, and corporate recordkeeping)
  • Improve, secure, and personalize our services and communications
  • Send administrative notices and, where legally permitted, marketing communications
  • Detect, prevent, or address fraud and security incidents

Lawful bases (GDPR/POPIA): performance of a contract, legal obligations, legitimate interests, consent, or vital interests.

4) Sharing of Personal Information

We may share personal information with:

  • Service providers and operators/processors (hosting, analytics, communications, payments, KYC/AML)
  • Banking partners and corporate registries
  • Professional advisers (legal, tax, compliance)
  • Authorities or regulators where disclosure is required by law or to protect our rights

All operators are bound by written data processing agreements ensuring confidentiality, security, and compliance with POPIA Section 21 and GDPR Article 28.
We do not sell personal information or use it for cross-context behavioural advertising.

5) International Data Transfers

When transferring personal information across borders we rely on:

  • Standard Contractual Clauses (SCCs) under GDPR
  • Binding corporate rules or adequacy decisions where applicable
  • POPIA Section 72 safeguards, ensuring comparable protection

You can request details of applicable transfer mechanisms at privacy@fymafrica.com.

6) Data Retention

We retain personal information only as long as necessary for the purposes described above or as required by law (e.g., financial and AML recordkeeping).

When retention is no longer required, data is securely deleted or anonymized.

7) Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your data
  • Object to or restrict processing
  • Withdraw consent (where processing is consent-based)
  • Receive a copy of data in a portable format
  • Lodge a complaint with your data protection regulator

POPIA-specific rights include objection to processing (Section 11(3)), request for correction/deletion (Section 24), and complaint to the Information Regulator.

GDPR rights (Articles 12–22) include data portability and objection to automated decision-making.

To exercise these rights, contact us at privacy@fymafrica.com. We may verify your identity before responding.

8) Security

We implement appropriate technical and organizational measures to safeguard personal data, including encryption, access controls, and secure hosting environments.

In the event of a data breach, affected individuals and regulators will be notified as required under POPIA Section 22, GDPR Articles 33–34, and CCPA/CPRA.

9) Cookies & Analytics

Our websites use cookies to improve performance and analyze usage.

  • Necessary cookies enable core functions.
  • Optional cookies (e.g., analytics or marketing) are used only with consent, per GDPR and POPIA requirements.

You can manage cookie preferences via browser settings or in-site cookie banners.

10) Children’s Privacy

Our services are not directed to children under 16 (or the minimum age required by local law). We do not knowingly collect data from minors.

If you believe a child has provided personal information, contact us immediately for deletion.

11) Automated Processing

We do not perform fully automated decision-making that has a legal or similarly significant effect on individuals.

12) Additional Information for EEA/UK & South Africa

  • EEA/UK: You may contact your local supervisory authority (e.g., ICO in the UK or your EU national DPA).
  • South Africa: Contact the Information Regulator via inforegulator.org.za if concerns remain unresolved.

13) California Privacy (CCPA/CPRA)

  • We do not sell or share personal information.
  • We disclose categories of information (identifiers, commercial info, internet activity) only for business purposes.
  • California residents may request access, correction, or deletion by emailing privacy@fymafrica.com.
  • Authorized agents may make requests on a consumer’s behalf with appropriate verification.

14) Changes to This Policy

We may update this Privacy Policy to reflect operational, legal, or regulatory changes. Updates will appear here with a revised “Last updated” date. Material changes will be communicated where legally required.

15) Contact Us

For privacy questions, rights requests, or complaints, contact:

  • Email: privacy@fymafrica.com
  • Postal: Cincinnati, Ohio, United States
  • Data Protection Contact: FYM Partners Privacy Team

We will respond promptly and in compliance with applicable data protection laws.