CORPORATE FRIENDS CLUB INTERNATIONAL

Privacy Policy

Last updated: 2026-05-10 · CORPORATE FRIENDS CLUB INTERNATIONAL

Placeholder notice. Legal counsel should review and replace each section below with the operator's reviewed policy text before this page goes to production. Do not publish as-is.

1. Who we are

CORPORATE FRIENDS CLUB INTERNATIONAL, South africa. For privacy inquiries, contact [email protected].

2. What information we collect

  • Identity data: name, member ID, photograph, date of birth, nationality.
  • Contact data: email address, phone number, postal address.
  • Membership data: chapter affiliation, role, dues history, transaction records.
  • Technical data: IP address, browser type, session cookies (CFCSESSID), pages visited, login timestamps.
  • Uploads: passport copies, profile pictures, documents you submit through member forms.

3. How we use your information

  • To operate your member account and authenticate you on the portal.
  • To process dues, donations, and other financial transactions.
  • To send transactional email (account alerts, receipts, password resets).
  • To produce member statistics and chapter reports.
  • To meet legal, regulatory, and tax-reporting obligations.

4. Legal basis

We process your data on the basis of: (a) the membership contract you have with us, (b) your consent for optional marketing, (c) legal obligations such as financial reporting, and (d) our legitimate interest in running and securing the portal.

5. Sharing

We do not sell your data. We share it only with payment processors (when you pay dues), email delivery providers (for transactional mail), hosting infrastructure (Cloudflare, the application server), and legal or regulatory authorities where required by law.

6. Cookies

We use one strictly necessary cookie (CFCSESSID) to keep you logged in. We do not use third-party tracking, advertising, or analytics cookies.

7. Data retention

Active member records are retained for the duration of membership plus seven years for financial-record-keeping requirements. Uploaded documents are retained until you ask us to delete them or your membership ends, whichever comes first.

8. Your rights

You may request access to, correction of, or deletion of your personal data by emailing [email protected]. We will respond within 30 days. You may also lodge a complaint with the Information Regulator of South Africa (POPIA) or the relevant data protection authority in your jurisdiction.

9. Security

Passwords are stored as Argon2id hashes; we never store or log your typed password. The portal uses HTTPS throughout, with HSTS, CSP, and clickjacking protection. We use server-side rate limiting against brute-force login attempts and CSRF tokens to protect form submissions. Despite these measures, no system is perfectly secure - if you suspect your account has been compromised, please contact us immediately.

10. Changes

We may update this policy. The current version is always at https://api.cfcintl.co.za/privacy.php with the “last updated” date at the top.