Grow ECD Resource Centre Privacy and Cookie Policy
Effective 20 May 2026
Please read this privacy notice carefully.
Introduction
This Policy applies when you access or use the Grow ECD Resource Centre at https://resources.growecd.org.za/ or any part of it, as well as any associated microsites that may be launched in the future (collectively “the/our Website”). Please read this Policy carefully to get a clear understanding of how Grow Foundation NPC (“GROW”, “we” or “us”) collects, uses, protects or otherwise handles your personal information, which is collected via the Website.
You are not obliged to provide the personal information to us but if you do, this Policy applies.
If you are concerned about any aspect of this policy as it relates to your personal information, please do not continue to engage with us, use our Website or our resources.
Contact us
If there are any questions regarding this Policy, you may contact us using the following details:
- Email: info@growecd.org.za
- Tel: 021 5312134
Who is responsible for processing your personal information?
GROW is the “responsible party” (i.e. the organisation responsible) for all personal information that is collected and used for the purposes of data privacy laws, principles and regulations which may apply to you.
- Grow Foundation NPC, trading as GROW ECD, a non-profit company
- Registration number 2011/106929/08 duly incorporated in the Republic of South Africa
- Registered address: Unit 2, Viking Place, 33 Thor Circle, Thornton, Cape Town
This Policy does not apply to the processing of personal information by third parties which we do not own, control, manage or employ, such as websites or resources linked to, from or advertised on our Website or through our products and services, or sites which link to or advertise our Website or our products and services. We are not responsible for the privacy practices of such third parties or third-party websites, or for any claims, loss or damage arising from these.
What personal information do we collect from the people that use our Website?
“Personal information” refers to any information about an identifiable living natural person or, where applicable, an identifiable existing juristic person.
You are not required to provide any personal information. However, you may choose to do so by accessing the Website, accepting the cookies, signing up, and/or by contacting us regarding our services or by making contact in respect of any questions you may have about this Policy.
Specifically, we may either directly or indirectly collect the following categories of personal information from you when you visit or make use of our Website:
- First and last names, email address and mobile number;
- Contact preferences (email, SMS, none);
- Role (ECD Centre Owner, Principal, Teacher, Parent, Support Organisation); and
- Communication history, enquiries or feedback with us or directed to us via contact forms (support queries, feedback, or resource requests), emails, calls, and social media.
GROW does not intend the Website to be used by a person under the age of 18 (“Child”). We do not knowingly collect personal information from users who are under the age of 18. If you are under 18, you may use our Website only with the involvement of a parent or guardian. If we become aware that we have unintentionally collected personal information from a Child, we will delete the information from our records. If you believe that a Child may have provided us with personal information, contact us as specified in the “Contact us” section of this Privacy Policy.
How do we use your personal information?
Where applicable, we may use the personal information we collect from you in order to:
- provide you with access to the resources on the Website;
- pre-fill your profile on return visits to avoid repeatedly asking for the same information;
- honour your communication preferences, while notifying you of changes to the Website;
- offer access to app-linked or restricted materials;
- provide support;
- gather analytical or valuable information so that GROW can improve the Website, and understand the sector;
- monitor the usage of the Website;
- detect, prevent and address technical issues;
- produce aggregated, anonymous reporting for donors, partners and internal planning;
- in any other way described when you provide the information; and
- for specific, lawful and clear purposes.
Lawful basis
We will limit the types of personal information we process to only that to which you consent and which is necessary for our legitimate operational interests. Through your use of our Website, we wish to balance our legitimate operational interests and your reasonable expectation of privacy. Accordingly, we will take appropriate and reasonable technical and organisational steps to prevent unauthorised access to, or disclosure of your personal information. In limited instances, we will request your express consent prior to processing certain categories of personal information.
We may also process your personal information where it is necessary to perform in terms of a contract with you or when it is necessary for us to comply with a legal or regulatory obligation.
When and how we collect data
We process your personal information from you when you browse our Website, register on our Website, or enter information on our Website.
Some data is collected through cookies (please see the Cookies section below for more information).
We also collect data about resource downloads and usage actions to help us understand which resources are most useful and how to improve them.
This data is:
- used only for operational and reporting purposes;
- considered essential for the operation of the Website;
- may be linked to your sign-up information;
- not used for advertising or profiling; and
- may continue to be processed as it is necessary for the core functionality of the Website,
- may continue to be processed where it is necessary for the Website to function, even if you decline non-essential cookies.
How do we store your personal information?
We may store your personal information using our own secure on-site servers or other internally hosted technology. Your personal data may also be stored by third parties, via cloud services or other technology, with whom GROW has contracted, to support GROW's business operations, and are required to keep the information confidential.
Security
We continually review and update our data protection measures to ensure the security, integrity, and confidentiality of your information in accordance with industry best practices. The measures we adopt to ensure the security of your personal information include technical measures and internal policies to prevent unauthorised access, loss or use of personal information.
Only those employees, partners (GROW's partners, affiliates, agents, funders or contractors) and service providers that require access to your information to undertake their work relating to our services will be permitted access to your information and only if they have concluded an agreement with us requiring them to implement appropriate security measures and to maintain the confidentiality of your information.
We will inform the Information Regulator if someone unlawfully obtained access to any personal information we process.
Retention
We will not retain your personal information longer than is necessary to achieve the purpose for which the information was collected and processed, unless we are required to do so by law, there is another lawful purpose to retain your information for a longer period (such as for historical, research or statistical purposes), we reasonably need it for lawful purposes related to the performance of our functions and activities or you agree to us retaining it for a specified further period.
Once the purpose for which the personal information was initially collected and used no longer applies or becomes obsolete, GROW will ensure that it is deleted, destroyed or de-identified sufficiently so that a person cannot re-identify such personal information.
Third-party disclosure: sharing personal information
We may disclose your personal information to GROW's independent contractors, agents, consultants, sub-contractors or other representatives as well as any acquirer of the Website or the resources provided by it.
We will ensure that all the above-mentioned third parties agree to keep your personal information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our policies, or protect our or others' rights, property, or safety.
Non-personally identifiable visitor information (or ‘de-identified’ information) may be provided to other parties for marketing, advertising, or other uses.
Global information sharing
We may send your personal information to a jurisdiction outside of the Republic of South Africa in order to achieve the purpose(s) for which the personal information was collected, including for processing and storage by third parties. When we transfer your information outside of South Africa, we ensure it benefits from an adequate level of data protection under the applicable law.
Your rights in respect of your personal information
In terms of applicable legislation, you may have certain rights including:
- Right to know and access: You have the right to obtain confirmation as to whether we process your personal information and, where we do, to access that information and obtain a copy of any records we hold about you.
- Right to rectification: You can require us to have inaccurate personal information corrected.
- Right to object: You have the right to object to the processing of your personal information at any time, on reasonable grounds relating to your particular situation, unless the processing is required by law.
- Right to erasure: You can require us to erase personal information in certain circumstances where there is no lawful basis for us to retain such personal information. Please note, however, that in some instances we must retain your personal information for certain periods of time as required by law.
- Right to restrict: You can require us to restrict our processing of your personal information in certain circumstances.
- Right to withdraw consent: You can withdraw any consents to processing information that you have given us and prevent further processing if there is no other legitimate ground upon which we can process your personal information.
- Right to complain: You can raise a complaint about our processing with the data protection regulator in your jurisdiction, or with our Information Officer.
- Reject cookies:You can reject the use of cookies by changing your browser settings or clicking “reject” when you first enter our Website.
You are encouraged to inform us of changes to your personal information: it is important that the personal information we hold about you is accurate and current.
Right to lodge a complaint
You have the right to complain, if you believe that the processing of your personal information by GROW is in breach of relevant legislation, to your applicable regulator or the South African Information Regulator on the following details:
- JD House
- 27 Stiemens Street
- Braamfontein
- Johannesburg
- 2001
- https://inforegulator.org.za/
- POPIAComplaints@inforegulator.org.za
- Tel: 012 406 4818
- Fax: 086 500 3351
Changes to this Policy
We reserve the right to amend and update this Policy from time to time and in our sole discretion, without notice, provided that when we do so we will post the revised version of this Policy on our Website. If you continue to engage with us or access or use our Website after the amendments are made to the Policy and displayed on our Website, you will be deemed to have accepted the revised Policy.