Privacy Policy

Let’s Crea8 (Giovanni Liebenberg t/a Let’s Crea8)

Last Updated: April 23, 2026

1. Introduction

Let’s Crea8 (“we”, “us”, or “our”) is a web design, graphic design, digital marketing, and e-commerce integration service provider based in South Africa. We respect your privacy and are committed to protecting your personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (POPIA), and where applicable, international data protection laws such as the EU/UK General Data Protection Regulation (GDPR / UK GDPR).

This Privacy Notice applies to all data subjects whose personal information we process. A “data subject” includes, but is not limited to:

  • Clients and prospective clients
  • Suppliers and vendors
  • Service providers and contractors (including occasional subcontractors)
  • Job applicants
  • Any other individuals whose personal information we process in the course of our business operations

(This notice does not apply to our own employees/staff, who receive a separate internal staff privacy policy.)

This Privacy Notice explains how we collect, use, store, share, and protect personal information when you interact with our website (crea8.co.za), contact us via forms, email, WhatsApp, phone, submit a job application, supply goods/services to us, or otherwise engage with our business.

By providing your personal information to us (whether via the website or any other channel), you acknowledge that you have read and understood this Notice.

1. International Clients and Data Protection Laws

We provide services to clients in South Africa and internationally, including the United Kingdom and the United States. While this Privacy Notice is primarily drafted to meet POPIA requirements, we aim to apply equivalent protections consistent with GDPR principles when processing personal data of individuals in the EU or UK.

If you are located in a jurisdiction with specific data protection rights, please contact us so we can assist you appropriately.

2. Who We Are (Responsible Party)

Business Name: Giovanni Liebenberg t/a Let’s Crea8
Physical Address: 16 Park Street, Perlamoenbaai, Gansbaai, 7220, Western Cape, South Africa
Information Officer: Giovanni Liebenberg (Founder & Owner)
Email: gio@crea8.co.za
Phone: +27 83 300 0158

You can contact our Information Officer with any questions or requests regarding your personal information.

3. Personal Information We Collect

We collect the following categories of personal information / personal data:

  • Contact details: Name, email address, phone number, and physical/postal address.
  • Business details: Company name and VAT registration number.
  • Billing-related information: Details required to issue and send invoices and statements.
  • Technical / usage information: We may indirectly collect anonymous technical data (such as IP address, browser type, or device information) via tools like Google Search Console. We do not actively collect this for identification purposes.
  • Cookies and tracking data: Managed through CookieYes on our WordPress website.

We do not collect special personal information (such as health, religious, biometric, or race data) or information about children under 18. Our services are aimed at business owners, executives, and general managers.

For suppliers, contractors and job applicants we typically collect only basic contact and business details necessary for the relevant relationship (e.g. invoicing, project coordination or recruitment).

4. Lawful Bases for Processing

We only process your personal information on valid lawful bases, including:

  • Consent – Where you have given clear consent for a specific purpose.
  • Contract – To perform our services or take steps at your request before entering into a contract.
  • Legal obligation – Where we are required by law to process your data.
  • Legitimate interests – For our business purposes (e.g. website maintenance, responding to enquiries, improving our services), provided your rights do not override our interests.

5. How We Collect Your Information

We collect your personal information through:

  • Website contact / enquiry forms
  • Email, WhatsApp, and phone correspondence
  • Google Search Console (anonymous technical data only)
  • Cookies (via CookieYes)

6. Purpose of Processing

We process your personal information only for the following specific purposes:

  • To communicate with you about the web design, graphic design, digital marketing, or e-commerce services in which you have expressed interest.
  • To provide our contracted services and manage client projects.
  • To issue invoices, process billing, and maintain financial records.
  • To respond to enquiries and provide customer support.
  • For legitimate business purposes such as website maintenance, analytics (anonymous), and record-keeping.

7. Voluntary or Mandatory Provision

Providing certain personal information (such as name, email, phone, and business details) is mandatory if you wish to receive a quote, engage our services, or receive billing documents. Without this information we may be unable to provide or invoice for our services.

Other information is voluntary. You may choose not to provide optional details, but this may limit our ability to assist you fully.

8. Sharing Your Personal Information

We only share your personal information with third parties when strictly necessary and on a “need-to-know” basis. This includes:

  • Service providers we use for day-to-day operations (such as Google Workspace for email and storage, iCloud, Microsoft OneDrive, Zoho Invoice for billing, WordPress hosting and maintenance tools like ManageWP and Uptimerobot, and CookieYes).
  • Occasional subcontractors may be used by Let’s Crea8 for social media management or additional graphic design work when we are overloaded with projects. These subcontractors are engaged on an ad-hoc basis. In such cases, only key project requirements are shared, and personal information is not disclosed unless it is absolutely necessary for the specific task. We have appropriate agreements in place to ensure they process any information securely and in line with POPIA (and GDPR principles where applicable).

9. Cross-Border Transfers

Some of our service providers (e.g. Google Workspace, iCloud, Microsoft OneDrive, Zoho) may store or process data outside South Africa, including in countries such as the United States.

Where personal information is transferred internationally, we take reasonable steps to ensure appropriate safeguards are in place, such as:

  • Secure, encrypted connections.
  • Service provider agreements that include appropriate safeguards (including Standard Contractual Clauses or equivalent mechanisms where required for GDPR compliance).
  • Reliance on your consent or the necessity of the transfer to perform our contract with you.

10. Cookies and Tracking Technologies

We use cookies and similar technologies on our website, managed through CookieYes. A cookie consent banner is displayed to allow you to manage your preferences.

Essential cookies are necessary for the website to function. Non-essential cookies are only used with your consent. You can manage or withdraw consent at any time through the banner or your browser settings.

11. Storage and Security

We store your personal information using secure tools including Mac software (Mail, Contacts), Google Workspace, Zoho Invoice, and WhatsApp (with disappearing messages set to 90 days where applicable).

We take reasonable technical and organisational measures to protect your information, including:

  • Avast Premium Security on our devices.
  • Apple Passwords for secure credential management.
  • Regular deletion of sensitive data (such as passwords) where possible.
  • Access controls and secure communication channels.

While we strive to protect your information, no system is completely secure. We will notify you and the relevant supervisory authority of any security compromises as required by law.

12. Retention of Personal Information

We retain your personal information only as long as necessary for the purposes described above or as required by law. You may request permanent deletion of your information at any time (subject to legal obligations such as billing records).

13. Your Rights

You have the following rights regarding your personal information:

  • Request access to the personal information we hold about you.
  • Request correction or deletion of inaccurate, irrelevant, or excessive information (right to erasure / “right to be forgotten”).
  • Object to the processing of your information in certain circumstances.
  • Withdraw consent where processing is based on consent.
  • Request data portability (to receive your data in a structured, commonly used format).

To exercise these rights, please contact our Information Officer at gio@crea8.co.za. We will respond within a reasonable time as required by law.

We also have a dedicated page for personal data requests: https://crea8.co.za/personal-data

14. PAIA Manual

You may access our PAIA Manual here: PAIA Manual – Let’s Crea8

15. Complaints

If you are unhappy with how we have handled your personal information, please first contact our Information Officer. You also have the right to lodge a complaint with the Information Regulator (South Africa) or the relevant supervisory authority in your jurisdiction.

Information Regulator (SA): inforeg@justice.gov.za | +27 10 023 5200

16. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website with the updated “Last Updated” date. We encourage you to review it periodically.

17. Contact Us

For any questions about this Privacy Policy or our data practices, please contact:

Giovanni Liebenberg
Email: gio@crea8.co.za
Phone: +27 83 300 0158