Privacy Architecture

AuraWorks (Pty) Ltd acts as the Responsible Party for data collected via our primary digital touchpoints and as a Data Processor when resolving intent data for our institutional clients.

Our scope encompasses the AuraWorks Intent Engine and the Consent-Led Identity Bridge. Our guiding principle is "Privacy by Design"—minimizing collection to only what is necessary for high-value B2B industrial commerce.

Our system distinguishes between Personal Information and Corporate Intelligence:

• Standard Data: Identities provided explicitly via the "Digital Receptionist" or contact infrastructure.
• Technical Data: Network identifiers including IP addresses and referral sources.
• Corporate Resolution: We resolve technical identifiers into Corporate Identities (identifying the firm visiting the site, rather than a private individual) unless specific consent is granted.

We use trusted third-party providers via secure FastAPI tunnels to verify corporate data. We never trade your data to third-party brokers.

Under Section 11 of POPIA, we process data based on:

• Consent: Explicitly obtained via Digital Receptionist interfaces.
• Legitimate Interest: Facilitating commerce between industrial suppliers and procurement entities.
• Contractual Necessity: To deliver Weekly Hot Lead Reports and active subscription services.

All automated nurture sequences include a one-click unsubscribe mechanism. We adhere strictly to Section 69 of POPIA regarding electronic marketing.