Purpose of this notice
This POPIA Notice explains how Lexuno approaches the processing of personal information under the Protection of Personal Information Act 4 of 2013.
It should be read together with the Lexuno Privacy Policy, Cookie Policy, Terms of Use, and Disclaimer.
Lexuno and POPIA
POPIA protects personal information processed by public and private bodies in South Africa and sets minimum requirements for lawful processing.
Lexuno aims to process personal information lawfully, reasonably, securely, and for specific platform, directory, booking, support, legal discovery, and account-management purposes.
Responsible party and operator roles
Depending on the feature and context, Lexuno may act as a responsible party for platform operations, public website activity, support, directory handling, account administration, and booking workflows.
Where Lexuno processes information on behalf of a law firm, lawyer, or other responsible party, Lexuno may act as an operator and process information according to the relevant instructions and safeguards.
Personal information we may process
Lexuno may process personal information such as names, contact details, location, account details, profile information, search activity, booking details, enquiry messages, legal need categories, support communications, device information, and platform logs.
Legal enquiries may include sensitive context. Users should submit only the information needed for legal discovery, booking, support, or intake.
Special personal information
Some legal enquiries may involve sensitive or special personal information, such as health, criminal, employment, family, financial, biometric, or child-related information.
Lexuno processes this information only where relevant to the user request, allowed by law, required for platform handling, or necessary for routing a legal enquiry to an appropriate lawyer or law firm.
Why we process information
We process personal information to operate Lexuno, provide search and directory services, route booking requests, support users, manage lawyer and firm profiles, secure the platform, improve resources, handle correction requests, and comply with legal obligations.
We also process information for audit trails, fraud prevention, abuse prevention, analytics, service improvement, internal administration, and lawful business records.
Direct collection and source of information
We usually collect information directly from users when they search, register, submit forms, manage profiles, request bookings, contact support, or use platform features.
We may also process public factual information, owner-provided profile information, authorised representative information, service-provider information, and information from lawful public sources where appropriate.
Security safeguards
Lexuno uses reasonable technical and organisational measures designed to protect personal information from loss, unauthorised access, misuse, disclosure, alteration, or destruction.
Security measures may include access controls, role-based permissions, logging, validation, service-provider controls, secure hosting practices, and internal handling rules.
Security compromises
If there are reasonable grounds to believe that personal information has been accessed or acquired by an unauthorised person, Lexuno will assess the incident and take steps required by POPIA.
Where required, Lexuno may notify the Information Regulator and affected data subjects as soon as reasonably possible, subject to the requirements and exceptions in POPIA.
Cross-border processing
Lexuno may use service providers or infrastructure that process information outside South Africa.
Where cross-border processing applies, Lexuno aims to use appropriate safeguards, contractual controls, and lawful transfer grounds.
Your POPIA rights
Subject to applicable law, you may request access to personal information, ask for correction or deletion, object to certain processing, withdraw consent where consent is the legal basis, and complain to the Information Regulator.
To exercise rights relating to Lexuno, contact us with enough information to identify you, the relevant record, and the request.
Information Regulator
The Information Regulator is the South African regulator established under POPIA.
Data subjects may contact or lodge complaints with the Information Regulator where they believe their personal information rights have been interfered with.
Updates to this notice
Lexuno may update this POPIA Notice as platform features, data handling, service providers, legal requirements, or regulatory guidance change.
The latest version will be published on Lexuno with an updated effective date.