Privacy Policy

1. Who we are and scope of this policy

Titans Lab (Pty) Ltd ("Titans Lab", "we", "us" or "our") is a Synthetic Intelligence research and development company based in South Africa. We design and operate SI platforms including, but not limited to, Cogni, Synapse and Titans Telco.

This Privacy Policy explains how we collect, use, store and share personal information when you visit our websites, interact with us, or use our products and services. It is written primarily with South Africa's Protection of Personal Information Act, 2013 ("POPIA") in mind, but is also intended to be consistent with widely recognised global privacy standards (for example the EU/UK GDPR) where they apply to our activities.

2. Information we collect

Depending on how you interact with us, we may collect and process the following categories of information:

• Identification and contact details – such as name, email address, mobile number, country, role or employer, and similar details you choose to share with us.
• Professional and assessment information – such as role, skills, experience, assessment results, interview recordings, and documents submitted through Synapse or related flows.
• Usage and technical data – including IP address, device identifiers, browser type, approximate location, log data, and interaction data generated when you browse our sites or use our SI products.
• Business relationship data – such as communications with us, support requests, commercial proposals, and contract information where you represent an organisation working with Titans Lab.
• Information from third parties – for example background-check, KYC or verification partners, or prospective employers working with Synapse, where this is necessary for a specified use case and permitted by law.

3. How we use personal information

We use personal information only for lawful, specific and explicitly defined purposes, including to:

• Provide, operate and improve our websites, SI platforms and related services.
• Respond to enquiries, support requests and feedback.
• Conduct assessments, verification, matching and reporting in Synapse and related talent or hiring solutions.
• Configure, train, evaluate and monitor SI systems (including Cogni) in a way that respects applicable privacy requirements.
• Maintain security, detect and prevent fraud, abuse or unauthorised access.
• Comply with legal, regulatory, tax and accounting obligations.
• Communicate with you about updates, security notices, and (where permitted) product information and marketing.
• Establish, exercise or defend legal claims and manage our business operations.

4. Legal grounds for processing

Under POPIA and similar global frameworks we rely on one or more of the following legal grounds when we process personal information:

• Your consent – for example where you sign up to receive marketing communications, or agree to participate in an assessment or research programme.
• Performance of a contract – where processing is necessary to enter into or perform a contract with you or the organisation you represent.
• Compliance with legal obligations – including requirements under POPIA and other applicable laws.
• Legitimate interests – where we have a legitimate interest in operating, securing and improving our services and that interest is not overridden by your privacy rights. Examples include analytics, service improvement, and some aspects of direct marketing to existing enterprise clients.

Where we rely on consent, you may withdraw it at any time; this will not affect processing carried out before withdrawal.

5. Direct marketing

We may send you information about Titans Lab products, events or research where you have given consent or where we are otherwise permitted to do so under POPIA or equivalent laws (for example, existing customer relationships). You can opt out of marketing communications at any time by using the unsubscribe link in the message or by contacting us using the details below.

6. How we share information

We do not sell your personal information. We may share information with carefully selected third parties, only for the purposes described in this policy and subject to appropriate safeguards:

• Service providers that support hosting, infrastructure, security, communications, analytics, or other operational functions.
• Verification and assessment partners involved in KYC, background checks or skills verification where you participate in a Synapse or similar flow.
• Prospective employers or clients where you have agreed to participate in an assessment, matching or verification process.
• Professional advisers such as lawyers, auditors or insurers, where necessary for managing risk and compliance.
• Regulators and authorities where we are legally required to do so, or where this is necessary to protect our rights, your rights, or the rights of others.

7. International transfers

Our infrastructure and some of our providers may be located outside South Africa. Where personal information is transferred across borders, we take steps to ensure that it is protected in accordance with POPIA and, where relevant, other applicable frameworks. These steps may include contractual protections (such as data protection agreements) and working with providers in jurisdictions recognised as having adequate data protection standards.

8. Data retention

We keep personal information only for as long as is reasonably necessary for the purposes described in this policy, including to comply with legal and regulatory obligations, resolve disputes, and enforce our agreements. We apply retention limits and periodic reviews to delete or de-identify data that is no longer needed.

9. Security

We use technical and organisational measures designed to protect personal information, including access controls, encryption where appropriate, monitoring, and regular review of our security posture. No system can be guaranteed to be completely secure, but we work to reduce risk and respond quickly to potential incidents.

10. Your privacy rights

Under POPIA and, where applicable, other privacy laws, you may have rights in relation to your personal information. These can include the right to:

• Request confirmation that we hold personal information about you and access to that information.
• Request correction or updating of inaccurate, incomplete or outdated information.
• Object to certain forms of processing, including direct marketing.
• Request deletion of information where there is no longer a lawful reason for us to keep it (subject to legal or contractual requirements).
• Withdraw consent where processing is based on your consent.

These rights are not absolute and may be limited by applicable law. When you contact us to exercise a right, we may need to verify your identity and ask for additional information so that we can respond appropriately.

11. Automated decision-making and profiling

Some Titans Lab platforms, including Synapse and certain SI engines, use algorithms to support assessments, scoring or recommendations. We design these systems with human oversight and governance, and we do not make solely automated decisions that have legal or similarly significant effects on you without appropriate safeguards, as required by law.

12. Cookies and tracking technologies

We use cookies and similar technologies on our sites to help them function correctly, remember preferences, understand usage and improve the experience. These technologies may also support basic analytics and security. For more detail on the types of cookies we use, and how you can manage your preferences, please refer to our separate Cookies Policy.

13. Children

Our services are not directed at children under the age of 18 and we do not knowingly collect personal information from children. If you believe that a child has provided us with personal information, please contact us so that we can review and, where appropriate, delete it.

14. Contact details

If you have questions about this policy or wish to exercise your rights, you can contact us at:

• Data Protection Officer
  Titans Lab (Pty) Ltd, Cape Town, South Africa
• Email: privacy@titans-lab.co.za
• Phone: 012 884 6105

15. Information Regulator

If you are not satisfied with how we handle your personal information, you may lodge a complaint with the Information Regulator of South Africa. You are also entitled to approach any other regulator that has jurisdiction over your matter.

• Website: www.justice.gov.za/inforeg/
• Email: inforeg@justice.gov.za

16. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology or legal requirements. When we make material changes we will update the effective date above and, where appropriate, provide additional notice (for example on our website or through email).