Legal & Transparency

Privacy Policy

1. Data Protection Overview

Authentic Beauty Code (the "Company", "we", "us", or "our") is committed to protecting your personal data and ensuring that your privacy is respected. This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information, in conjunction with your access to and use of our website and e-commerce services.

We operate in strict accordance with the Protection of Personal Information Act (POPIA) of South Africa. By using our website, you consent to the data practices described in this policy.

2. Information Categories We Collect

Voluntary Information

  • Full Name & Surname
  • Delivery & Billing Addresses
  • Email Address & Phone Number
  • Marketing Preferences

Automated Information

  • IP Address & Device Type
  • Browser Metadata
  • Browsing History on our site
  • Session Durations

3. Legal Basis for Processing

We process your data under the following legal frameworks:

  • Contractual Necessity: To fulfill your orders and deliver products.
  • Legitimate Interest: To improve our HiShine Collection offerings and website security.
  • Consent: Where you have explicitly opted into our newsletter or beauty updates.

4. Secure Payment Processing

All financial transactions are handled through secure, PCI-DSS compliant third-party payment gateways (such as Payfast). Authentic Beauty Code does not see or store your credit card numbers or CVV codes. Our systems only receive confirmation of payment status to proceed with order fulfillment.

5. Logistics and Data Sharing

To ensure your beauty products reach you safely, we share limited information with our logistics partners (e.g., Aramex). This includes your name, delivery address, and contact number for delivery notifications. These partners are contractually prohibited from using your data for any other purpose.

6. Retention and Deletion

We retain your personal information for as long as necessary to provide our services and to comply with legal obligations (such as tax laws). You may request the deletion of your personal data at any time, provided there are no outstanding contractual or legal requirements for us to maintain it.

7. Your Statutory Rights

Under POPIA, you have the right to:

  • Object to the processing of your personal information.
  • Request access to the record of your personal information.
  • Request the correction, destruction, or deletion of your information.
  • Submit a complaint to the Information Regulator.

8. Contact Us

If you have any questions regarding this policy or our privacy practices, please contact our Information Officer via email:

admin@cosakgroup.co.za