Home/Privacy Policy
Privacy & Data Rights

Privacy policy for TITC and titc.io

TalentintheCloud PTY Limited, trading as TITC and titc.io, handles personal data for strategic advisory, executive search, market intelligence and related business communications. This notice explains how we collect, use and protect personal data in line with South Africa's POPIA and, where applicable, the GDPR.

Effective date: March 12, 2026 Applies to titc.io and direct enquiries POPIA and GDPR aligned
Responsible Party

TITC

TalentintheCloud PTY Limited is the responsible party/controller for personal data collected through this site and through related client, candidate and business development interactions unless a separate notice says otherwise.

What This Covers

Website and engagement data

This notice covers information you share via our contact forms, direct email, LinkedIn, referrals, candidate materials, client enquiries and publicly available professional sources relevant to our work.

Who we are and when this policy applies

The website at titc.io is operated by TalentintheCloud PTY Limited, trading as TITC and titc.io. We act as a responsible party under POPIA and as a controller where GDPR terminology applies.

This policy applies to personal data collected through the website, through direct outreach, and through recruitment, leadership, advisory or intelligence conversations that begin through the site or our public business channels.

Please do not send identity numbers, bank details, medical data or other highly sensitive information through the website contact forms unless we have specifically asked for it and there is a lawful reason to do so.

Categories of personal data we collect

Depending on how you engage with us, we may collect:

  • Contact and identity data: name, email address, telephone number, company name, job title and country.
  • Enquiry data: the contents of messages submitted through our website forms, email or other business channels.
  • Professional and recruitment data: CVs, employment history, skills, qualifications, remuneration expectations, references and other career-related details you choose to share with us.
  • Client and mandate data: information about hiring plans, advisory requirements, market interests, counterparties and project context.
  • Technical website data: limited server, device and browser information needed to operate, secure and improve the site.
  • Public-source information: professional details from LinkedIn, company websites, public announcements and other lawful public sources relevant to our services.

How and why we use personal data

We process personal data to run the website, respond to enquiries, assess candidates or executive profiles, deliver strategic advisory and market intelligence services, and maintain ongoing business relationships.

Our legal basis depends on the context. We may rely on:

  • Consent: where you ask us to contact you, share your profile, keep your details on file, or use optional information for a defined purpose.
  • Contract or pre-contract steps: where processing is needed to discuss, enter into or perform an engagement with you or your organisation.
  • Legitimate interests: where we have a proportionate business reason to assess leadership, maintain client relationships, source relevant talent, protect the site or operate our services, and those interests are not overridden by your rights.
  • Legal obligations: where we must keep records, respond to lawful requests, or comply with applicable regulation.

We do not use the website to make solely automated decisions that produce legal or similarly significant effects on individuals.

Where data comes from and who we share it with

Most personal data comes directly from you, from the organisation you represent, or from public professional sources. We may also receive information from referrals, introductions, clients, counterparties and service providers involved in a live mandate.

We may share personal data with:

  • Clients and prospective employers: where this is part of a search, advisory or diligence process and there is an appropriate lawful basis to do so.
  • Service providers and processors: such as website hosting, form processing, email, document storage, productivity, CRM, analytics, communications or security providers who support our operations.
  • Professional advisers and regulators: where needed for legal, compliance, insurance or dispute-resolution purposes.

We do not sell personal data. Where a third party processes personal data for us, we expect contractual and practical safeguards appropriate to the data and the risk involved.

International transfers and retention

Because we use cloud-hosted service providers, personal data may be stored or processed outside South Africa or outside the country where it was originally collected. Where that happens, we aim to use appropriate contractual, technical and organisational safeguards.

We retain personal data only for as long as it is needed for the original purpose, for an ongoing relationship, or to meet legal, regulatory or evidential requirements. As a general guide:

  • Website enquiry and business development data is typically retained for up to 24 months after the last meaningful interaction.
  • Candidate, client and mandate records may be retained for longer where there is an active or recurring relationship, a contractual obligation, or a legitimate need to maintain a historical record.
  • Data may be deleted, anonymised or securely archived sooner where it is no longer required.

Your rights and choices

Subject to applicable law, you may ask us to provide access to your personal data, correct inaccurate information, delete data, restrict processing, object to certain processing, or provide a portable copy where that right applies.

You may also withdraw consent at any time where we rely on consent. Withdrawal does not affect processing already carried out lawfully before the withdrawal.

  • Access request: email [email protected] with enough detail for us to identify the records involved.
  • Correction or deletion: tell us what needs to change and why.
  • Marketing or outreach objections: you may ask us to stop contacting you for business development purposes at any time.

We aim to respond within one calendar month, subject to identity verification and any lawful extensions permitted by regulation.

Cookies, website activity and profiling

We use the website to publish information, receive enquiries and maintain site security. We may collect limited technical logs and website performance data needed to operate, secure and improve the site.

At the time of this notice, the website is not designed around intensive behavioural profiling. If we introduce non-essential cookies, advertising technology or similar tracking tools in future, we will update this policy and seek consent where the law requires it.

Security, incidents and complaints

We use reasonable technical and organisational measures to protect personal data against loss, unauthorised access, misuse, alteration and disclosure. No website or cloud service can be guaranteed to be completely secure, but we work to reduce risk and respond quickly when issues arise.

If we become aware of a personal data incident, we will assess the scope and impact, contain the issue, work with affected providers, and notify regulators and affected individuals where the law requires it. Under GDPR this may mean notifying the relevant supervisory authority within 72 hours where feasible; under POPIA, notification must be made as soon as reasonably possible when a compromise creates a real risk.

Privacy contact: Darren Franks
Address: Unit 13, First Floor, Block B, Blueberry Office Park, 28 Apple Street, Randpark Ridge, Johannesburg, South Africa

You may also complain to the Information Regulator (South Africa) or, if you are in the EEA or UK and applicable law gives you that option, to your local supervisory authority.

Need More Detail?

Read how TITC handles data operationally

Our data handling policy explains the controls, retention standards and incident-response steps that sit behind this public privacy notice.

View data handling policy Contact TITC