High Risers
Score my AI readiness
Legal

Privacy Policy

How High Risers collects, uses and protects your personal information, in line with the Protection of Personal Information Act 4 of 2013 (POPIA).

Last updated: 18 May 2026

This Privacy Policy explains how High Risers(“we”, “us”, “our”) collects, uses, stores, shares and protects your personal information when you visit highrisers.aior use our AI training, workshop, advisory, assessment and related services (the “Services”). By using the Services you acknowledge the practices described here.

1. Who is responsible for your data

The responsible party (data controller) is:

  • High Risers (Registration No. 2024/295391/07)
  • Address: Johannesburg, South Africa
  • Information Officer / privacy contact: info@highrisers.ai

2. Personal information we collect

  • Account & identity: name, email address, phone number, organisation, role, password (stored hashed).
  • Transaction & billing: products purchased, subscription plan, billing dates, payment status, and tokenised payment references returned by our payment processor.
  • Usage & technical: IP address, device and browser type, pages viewed, content accessed, timestamps and cookies.
  • Communications: support messages, assessment/scorecard responses, survey answers and marketing preferences.

We do not store full card numbers, CVV or bank credentials. All card and bank payment data is collected and processed directly by a third-party PCI-DSS-compliant payment processor (see section 5). We receive only a tokenised reference and the transaction outcome.

3. How we use your information

  • To provide, deliver and administer the Services you purchase (workshops, programmes, briefings, assessments, advisory and related digital content);
  • To process payments, manage recurring billing and renewals, and issue invoices and receipts;
  • To authenticate you and protect your account and our platform against fraud and abuse;
  • To respond to enquiries and send service-related notices;
  • To send marketing or educational communications only where you have consented, with an opt-out in every message;
  • To analyse usage and improve the quality, security and relevance of the Services;
  • To comply with legal, regulatory, accounting and tax obligations.

4. Legal basis for processing

We process personal information where it is necessary to perform our contract with you, where you have given consent, where we have a legitimate interest not overridden by your rights, or where we are required to do so by law — consistent with the conditions for lawful processing under POPIA.

5. Sharing your information

We do not sell your personal information. We share it only with:

  • Payment processing: a third-party PCI-DSS-compliant payment processor that securely processes payments and manages subscriptions on our behalf, under its own privacy policy.
  • Infrastructure & operational providers: hosting, email delivery, analytics and support tools, bound by confidentiality and data-processing obligations and acting only on our instructions.
  • Legal & regulatory authorities: where disclosure is required by law, court order, or to establish, exercise or defend legal claims, or to prevent fraud or harm.

6. Cross-border transfers

Some service providers (including payment, hosting and email providers) may process data outside South Africa. Where this occurs we take reasonable steps to ensure the recipient is subject to data-protection safeguards comparable to POPIA, in line with section 72 of POPIA.

7. Data retention

We keep personal information only for as long as necessary to provide the Services and to meet legal, accounting and regulatory requirements. Transaction and billing records are typically retained for at least five (5) years to comply with South African tax and financial-record legislation. Account data is deleted or anonymised within a reasonable period after account closure, unless a longer retention period is legally required.

8. Cookies

We use strictly necessary cookies to keep you signed in and secure, and optional analytics cookies to understand usage. You can control cookies through your browser settings; disabling strictly necessary cookies may prevent parts of the Services from working.

9. Security

We apply reasonable technical and organisational safeguards — including encryption in transit, hashed passwords, access controls and the use of a PCI-DSS-compliant payment processor — to protect personal information. No method of transmission or storage is completely secure; we cannot guarantee absolute security but will notify you and the Information Regulator of any compromise as required by POPIA.

10. Your rights under POPIA

Subject to applicable law, you have the right to:

  • request access to the personal information we hold about you;
  • request correction or deletion of inaccurate, irrelevant or excessive information;
  • object to processing or withdraw consent (this may limit our ability to provide the Services);
  • lodge a complaint with the Information Regulator.

To exercise any right, contact info@highrisers.ai. You may also complain to the Information Regulator (South Africa): inforegulator.org.za.

11. Children

The Services are not directed at persons under 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us information, contact us and we will delete it.

12. Changes to this Policy

We may update this Policy from time to time. Material changes will be posted on this page with a revised “Last updated” date and, where appropriate, notified to you by email.

13. Contact us

  • Email: info@highrisers.ai
  • Address: Johannesburg, South Africa

This document is a good-faith compliance template and does not constitute legal advice. Have it reviewed by a qualified attorney before relying on it.