GDPR Compliance Statement
myPilotPost · Thuthu (Pty) Ltd · Last Updated: February 07, 2026
Thuthu (Pty) Ltd t/a myPilotPost · Registration Number: 2025/102758/07
23 Fielding Crescent, Mondeor Green, Johannesburg, Gauteng, 2091, South Africa
What is GDPR?
The GDPR (General Data Protection Regulation) is an important piece of legislation designed to strengthen and unify data protection and privacy laws for all individuals within the European Union (EU). The regulation was enacted on May 25, 2018.
Who is Impacted by GDPR?
The GDPR enhances EU individuals' privacy rights and places significantly enhanced obligations on organizations handling data. The provisions of the GDPR apply to any organization that processes personal data of individuals in the European Union, including tracking their online activities, regardless of whether the organization has a physical presence in the EU.
How Does myPilotPost Comply with GDPR?
myPilotPost (operated by Thuthu (Pty) Ltd, registered in South Africa) is committed to protecting the privacy and personal data of all users, including those in the European Union. While our primary operations are governed by South African law, specifically the Protection of Personal Information Act (POPIA), we have implemented all necessary measures to ensure compliance with GDPR requirements when processing data of EU individuals.
Our GDPR compliance measures include:
- Implementation of robust data protection policies and procedures aligned with both POPIA and GDPR requirements
- Appointment of responsible data protection personnel to oversee compliance
- Regular review and updating of our privacy practices to maintain compliance
- Implementation of appropriate technical and organizational security measures
- Ensuring lawful bases for data processing activities
- Providing transparent information about data collection and processing
- Enabling data subject rights including access, rectification, erasure, and portability
- Maintaining records of processing activities
- Implementing data breach notification procedures
Data Processing Agreement
Yes. myPilotPost offers a Data Processing Agreement (DPA) that complies with GDPR and other applicable privacy laws, including POPIA.
Request a DPA: You can request and digitally sign a copy of our DPA by emailing legal@mypilotpost.com. We will countersign it and provide you with a fully executed downloadable copy via email within 10 business days.
Cross-Border Data Transfers
As a South African company, myPilotPost ensures that any transfer of personal data from the EU to South Africa or other jurisdictions complies with GDPR requirements through appropriate safeguards, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequate security measures to protect data in transit and at rest
- Compliance with both GDPR and POPIA requirements
- Transparency regarding data storage locations and processing activities
Your Rights Under GDPR EU Residents
If you are an EU resident, you have the following rights regarding your personal data:
Your personal data
Correct inaccurate data
"Right to be forgotten"
Limit how we use data
Receive your data
Object to processing
At any time
With supervisory authority
Questions About GDPR Compliance?
If you have any questions about myPilotPost and GDPR compliance, or wish to exercise your data protection rights, please contact us at:
Email: legal@mypilotpost.com
Address: 23 Fielding Crescent, Mondeor Green, Johannesburg, Gauteng, 2091, South Africa
Thuthu (Pty) Ltd t/a myPilotPost
Registration Number: 2025/102758/07
Last Updated: February 07, 2026