What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


PoPIA Compliance Information 

Document last updated on 29 June 2021 

This document outlines how Conceal Carry and our third party providers process, store, manage, and share personal data in accordance with the Protection of Personal Information Act or Southern Africa.

What is the POPI Act? 

The Protection of Personal Information Act (or POPI Act) is South Africa’s equivalent of the EU GDPR. 

The Act applies to any person or organisation who keeps any type of records relating to the personal information of anyone, unless those records are subject to other legislation which protects such information more stringently. 

It therefore sets the minimum standards for the protection of personal information. It regulates the “processing” of personal information. “Processing” includes collecting, receiving, recording, organising, retrieving, or using such information; or disseminating, distributing or making such personal information available. 

The Act will also relate to records which are already in the possession of the entity or person doing the processing. 

Where we save your information 

Our website: When you register an account, you add your information onto our website. This information is securely stored with Xneelio (https://xneelo.co.za/insights/two-sides-of-a-coin-gdpr-and-popia/

The information is used for delivery purposes and communication relating to your orders.

How long information is kept 

Our website: On our website, information is stored until either you delete your account or request the deletion of the account. Should you wish to have all your records removed, please send your request to info@concealcarry.co.za

Physical forms: The only form used is the shipping waybill, these are destroyed within 60 days

Third parties that have access to your information

As part of providing you with the best possible service, we have to make use of third-party providers and provide them with some of your information, however, this information is far more limited than what you supply and is only accessed by Conceal Carry. 

Payfast: Payfast is our payment partner for online payments. As they function as a bank, they follow the same strict data enforcement policies that is required by banks in South Africa. 

Wave: We use Wave Online to manage our accounting. Thus all purchases and customer info is loaded onto Wave. Information retained on Wave is limited to Client Name, Contact person Name & Surname, delivery address, email address, phone number and purchase record. Purchase record is item and value. No card or banking information is stored with Wave.

Google: We use Google for several services including (but not limited to): Google Analytics for monitoring website usage and statistics, Google my Business for managing our business listing and replying to reviews, Google Maps for navigating to your address for collections and drop-offs. 

Apple: As I use Apple devices, your contact information may be saved in their iCloud service (i.e. Apple Mail, Contacts, Calendar), as well as using their Maps service for navigating to and from your property for collections, drop-offs and home grooms. 

The Courier Guy: If you purchased a product through Conceal Carry, we make use of The Courier Guy to deliver your parcel straight to your door. Currently The Courier Guy has some security issues relating to their online platform, so as a result we keep only the bare minimum of information on their servers, and remove the information as soon as the parcel has been delivered. The Courier Guy is working on increasing their security on their website. 

What information we store 

We may store some or all of the information listed below. You can request what information we have on file for you at any time. The list below is for indicative purposes only, and may not include all elements. 

For users that register on our website (if any), we also store the personal information they provide in their user profile: name, surname, email address, physical address, postal address, phone number. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

Requesting the removal of all information 

At your discretion, you may request at any time for Conceal Carry to remove all your information from our systems. To do so, please send an email to info@concealcarry.co.za to request the removal. There are, however, some limitations: 

You may also request a breakdown of all information that we have stored, what has been deleted, and what will be scheduled for deletion.

Our POPI Compliance Officer 

The POPI Act requires businesses to have an allocated compliance officer for any queries, complaints or information. 

Our Compliance Officer: Roger Smit | info@concealcarry.co.za  

Who we are

Our website address is: https://www.concealcarry.co.za.

PAIA Manual