Privacy Statement

  1. Introduction (“the Site”) is a registered domain of Hepstar Financial Services (Pty) Ltd (“The Administrator”), an authorised Financial Services Provider (FSP: 45097).

This privacy statement (‘Privacy Statement’) is supplementary to the Terms of Use presented on the Site. When using the Site, you (“the User”) invariably agree to the Terms of Use.

The User’s right to privacy is not only enshrined in the Constitution, but is given protection under various statutes such as the Protection of Personal Information Act and the Financial Advisory and Intermediary Services Act (read together with the General Code of Conduct and Policyholder Protection Rules) which regulate the Administrator’s business. 

This Privacy Statement discloses how the information you provide to the Site will be dealt with, what we are authorised to do and what we are required to do in terms of statutory or regulatory requirements.


  1. How we collect information

All information collected on this site, including information of a personal nature or related to payment mechanisms used (“Personal Information”), are submitted by the User willingly and with the required knowledge and consent. Personal Information may include, but is not limited to:

  • Name
  • Address
  • Phone number
  • Age
  • Pre-existing medical conditions
  • Credit card details


Personal Information is collected from the following sources:

  • Provided during the purchase of a product or service on the Site;
  • Provided to personnel of the Administrator via telephone or e-mail for purpose of enquiring about or purchasing a product or service offered on the Site or by the Administrator;
  • Provided when entering competitions and/or completing surveys.


  1. How we use your information

Personal Information provided by the User is used for legitimate business purposes only and as intended by the User to -  

  • Complete and/or process a specific transaction; or
  • Fulfil your order and provide you with the services intended.


  1. Disclosures to third parties

The User consents to the Administrator disclosing Personal Information to third parties if it is required to complete a transaction, access risk, obtain approval from the underwriter or calculate payment. Such third parties may include:

  • Members of the Administrator’s group;
  • Insurers, Claims Assistance Companies and Underwriting Managers;
  • Professional advisers who are bound by confidentiality codes.


The Administrator may be legally obliged to disclose your Personal Information in order to:

  • Cooperate with police investigations or other legal proceedings;
  • Fulfil a statutory obligation or an obligation to regulatory bodies which regulate its business, such as the Financial Services Board.


  1. Storage of Personal Information

In terms of law, the Administrator is obligated to maintain proper records of policyholder information (including Personal Information) for a minimum period of  5 (five) years. The Administrator stores Personal Information for this purpose on a secure and access-controlled network.

All payment information, such as credit card details, is stored by the relevant payment service provider. The Administrator only has access to encrypted payment information. Access to encrypted payment data is access-controlled.

Personal Information stored is used to provide the User with ongoing service. We may also use the information to process any transactions you undertake with us and for internal administration and analysis.

The Administrator does not sell, rent or trade your personal information to third parties for marketing purposes without your express consent.


  1. Cookies

The Site uses cookies (a piece of text stored on the User’s computer by their web browser). Below we describe two types of cookies:


6.1. Session cookies

A session cookie serves as a checkpoint to maintain certain information for the duration of a session of use. A session cookie only lasts for the duration of the Users use of the Site and expires upon closing the browser or if the User has not used the Site for a period of time. These are required for proper functioning of the site, but are not used to identify the User.


6.2. Permanent cookies

Permanent cookies store a unique number in the cookies directory of your browser installation on your hard drive and are used to identify the User. These cookies do not expire after a session or period of time. These cookies do not contain Personal Information and are merely used to recognise the User to offer products and or services of its preference and better the browsing experience. You may configure your internet browser to reject permanent cookies.


  1. IP Address

Your Internet Protocol (‘IP’) address is usually associated with the place from where you access the internet.


  1. Legislation

The Administrator is a private company, duly registered in the Republic South African. All business conducted is subject to and in accordance with South African law regulating the collection, storage and processing of Personal Information.


  1. Consent

Disclosure of Personal Information on the Site or to the Administrator by any other means is done with the User’s express consent. The User invariably consents to the collection, storage and processing of his/her Personal Information by the Administrator in the manner set out in this Privacy Statement.


  1. Changes

This Privacy Statement may change from time to time with notice provided on the Site. Use of the Site by the User constitutes acceptance of the Privacy Statement at the time of use.


  1. Contact

Should you have any questions or concerns about the information we hold about you, please do not hesitate to contact us at the details provided on the Site.