Legal
Effective 6 March 2026
This Privacy Policy explains how Westrust (Pty) Ltd (registration number 1993/004000/07), trading as Westrust, collects, uses, stores, shares and otherwise processes personal information through its website and related communications.
Westrust is a South African professional services business. The website is intended to provide general information about the firm and its services in South Africa. It is not intended to create a mandate, attorney-client relationship, fiduciary appointment or other professional engagement merely because a user visits the website or submits an enquiry.
This Policy is designed to support compliance with the Protection of Personal Information Act, 4 of 2013 (POPIA), the Promotion of Access to Information Act, 2 of 2000 (PAIA), and general South African electronic communications best practice.
Responsible party: Westrust (Pty) Ltd
Registration number: 1993/004000/07
Address: 104 William Road, Norwood
General email: info@westrust.com
Telephone: 010 446 0031
Website: www.westrust.com
Privacy and data protection contact / Information Officer: Carmela Visentin (carmela@westrust.com)
If you have a privacy query, objection, correction request, deletion request or complaint, you should contact the Information Officer using the details above in the first instance.
This Policy applies to personal information processed through the website, including contact enquiries, recruitment-related submissions sent to the published recruitment email address, technical website data, and any correspondence that follows from those interactions.
This Policy does not apply to third-party websites or platforms linked from the website. Those sites operate under their own notices and terms.
The website is not designed to solicit special personal information or other highly sensitive information through online forms. Users should not submit confidential case material, identity numbers, banking details, financial distress files, litigation bundles, health information, information relating to children, or other sensitive records through the website unless specifically requested through a secure offline channel.
If a user voluntarily provides information that is unnecessary for an initial website enquiry, Westrust may delete, redact or otherwise limit its use where appropriate.
Westrust processes personal information only where there is a recognised justification under POPIA. Depending on the context, that justification may include the data subject's consent, the conclusion or potential conclusion of a contract, compliance with a legal obligation, the protection of a legitimate interest of the data subject, or Westrust's legitimate interests in operating and securing its business and website in a lawful and proportionate manner.
The website may use essential cookies or similar technologies that are necessary for core functionality, security, session management and performance. As currently described to us, the website does not include newsletter sign-up features, payment functionality, client portals or online document upload tools.
If Westrust later enables analytics, tracking or other optional technologies, this Policy and any cookie disclosures should be updated so that users are given a clear explanation of those technologies, the purposes for which they are used, and any relevant choices or consents.
Westrust does not currently use the website for newsletter subscriptions or direct electronic marketing sign-ups. Personal information submitted through the website will not be used for unsolicited direct marketing in a manner inconsistent with POPIA.
Westrust may disclose personal information, strictly on a need-to-know basis, to employees, contractors, IT and website service providers, hosting providers, professional advisers, regulators, law-enforcement authorities, courts, counterparties or other third parties where disclosure is lawful and reasonably necessary for the relevant purpose.
Any operator or service provider who processes personal information for Westrust should be subject to appropriate confidentiality and security obligations.
Some website infrastructure, email systems, software tools or backup environments may be hosted or supported outside South Africa. Where personal information is transferred cross-border, Westrust will take reasonable steps to ensure that the transfer is lawful and that an adequate level of protection or another recognised POPIA transfer mechanism applies.
Westrust takes reasonable technical and organisational measures to secure the integrity and confidentiality of personal information under its control and to guard against loss, misuse, unauthorised access, disclosure, alteration or destruction. No internet transmission or storage environment is completely secure, and users therefore provide information at their own risk to the extent permitted by law.
Westrust will retain personal information only for as long as reasonably necessary to fulfil the purpose for which it was collected, to manage the relationship or enquiry, to comply with legal or professional obligations, to maintain required records, or to protect legitimate business interests. Information that is no longer needed may be deleted, de-identified or destroyed in accordance with applicable law and internal record-management practices.
Subject to applicable law and any lawful limitations, data subjects may request access to personal information, request correction or deletion, object to certain processing, withdraw consent where processing is based on consent, and lodge a complaint with the Information Regulator or another competent authority.
Requests should be directed to the Information Officer using the contact details set out above. Formal access-to-record requests may also be made under PAIA using the prescribed procedure described in the Westrust PAIA Manual.
If Westrust becomes aware of a security compromise affecting personal information and notification is required by law, Westrust will take such steps as are reasonably required under POPIA, including notifying affected persons and/or the Information Regulator where applicable.
The website is not directed at children and is intended for business and professional use. Westrust does not knowingly seek to collect personal information directly from children through the website.
Westrust may update this Privacy Policy from time to time to reflect legal developments, operational changes or website changes. The latest version published on the website will apply from its stated effective date.
Please direct privacy concerns first to Carmela Visentin at carmela@westrust.com. If the issue is not resolved, a complaint may be lodged with the Information Regulator using the contact details reflected in the Westrust PAIA Manual or on the Regulator's official website.
↑ Back to top