Watch Desk Privacy
Privacy Policy
Who we are
Luxury Time SA (Pty) Ltd ("Luxury Time", "we", "us") operates the WatchDesk platform. We operate five branches across South Africa — Johannesburg (Sandton), Pretoria (Menlyn), Cape Town CBD, Port Elizabeth (Newton Park) and KwaZulu-Natal (La Lucia Ridge, Umhlanga). We are the sole "responsible party" in terms of the Protection of Personal Information Act 4 of 2013 (POPIA).
1. Information we collect
We only collect information you provide directly inside WatchDesk. Specifically:
- Account data: full name, email address, mobile phone number, city, and (for stores) store name & business registration number. These are entered at sign-up and can be edited in Profile.
- Account credentials: a password of your choosing, stored as a salted hash.
- Watch submissions: brand, model, reference number, serial number, year, materials, case size, movement type, condition notes, service history, included accessories, photos, and any notes-to-buyer you add.
- Offer & transaction history: offers received from Luxury Time SA, your accept / decline decisions, and the activity timeline for each submission.
- Notification preferences: your push notification toggle from Settings.
We do not collect ID numbers, location data, payment card details, contacts, cookies for advertising, or device tracking identifiers inside the app. Identity and payment verification happen in person at the Luxury Time SA store and are not processed through WatchDesk.
2. Why we process it
- To authenticate users and prevent fraud (legitimate interest).
- To evaluate, price and purchase watches (contract performance).
- To comply with FICA, SARS and SAPS second-hand-goods reporting (legal obligation).
- To send transactional notifications and service updates (consent).
3. Lawful basis
We rely on section 11(1)(a)–(f) of POPIA — your consent, performance of a contract, compliance with a legal obligation, and our legitimate interests in running an authenticated marketplace.
4. Sharing
We share personal information only with: (a) vetted watchmakers who authenticate submitted pieces; (b) financial institutions processing payments; (c) law-enforcement or regulators where legally required; and (d) secure cloud infrastructure providers located in the Republic of South Africa or the European Union (countries with adequate protection).
5. Retention
Identity and transaction records are retained for 5 years after the last transaction in line with FICA. Submissions that did not result in a transaction are deleted after 12 months.
6. Your rights
- Access the personal information we hold about you.
- Correct or delete inaccurate data.
- Object to processing or withdraw consent at any time.
- Lodge a complaint with the Information Regulator (SA) at inforeg@justice.gov.za.
7. Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is role-based and audit-logged.
8. Contact our Information Officer
Email info@luxurytime.co.za or call 087 821 8899.