How fast can we start working with Specno?

Within a week. No long onboarding. No hiring cycles. We show up in your workflow and get to work.

Do we have to sign a long contract?

No. Start with a strategy sprint. See what clarity feels like before committing to anything bigger.

We already have a product team. Can Specno still help?

Yes. We fill the gaps, whether that's strategic clarity, AI readiness, or execution capacity.

Is Specno outsourcing?

No. Outsourcing takes a brief and delivers output. We challenge the brief, own the outcome, and are accountable for the result.

What do we actually get at the end?

A product that holds up after launch. A roadmap that makes sense. Revenue.

Legal

Privacy Policy

Last updated: 20 April 2026

This Privacy Policy explains how Specno (Pty) Ltd (“Specno”, “we”, “us”, or “our”) collects, uses, shares and protects your personal information when you visit specno.com (the “Website”), contact us, request a proposal, subscribe to our communications, or engage us for software and design services (together, the “Services”).

We are committed to processing your personal information lawfully, fairly and transparently. This Policy is drafted to meet our obligations under the South African Protection of Personal Information Act, 2013 (POPIA), the EU and UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other applicable data-protection laws.

By using our Website or Services, you acknowledge that you have read and understood this Policy. If you do not agree with any part of it, please do not use the Website or provide us with your personal information.

1. Who we are

Specno (Pty) Ltd is a software and product consultancy registered in South Africa.

Registered address: Centennial Place, West Block, Bridge Street, Century City, Cape Town, 7441, South Africa.
Responsible party / Data controller: Specno (Pty) Ltd.
Information Officer: Contact via privacy@specno.com.

For the purposes of POPIA, Specno is the “Responsible Party”. For the purposes of the GDPR and UK GDPR, Specno is the “Data Controller” of the personal information described below, except where we process information on behalf of a client under a signed services agreement, in which case we act as “Operator” (POPIA) or “Processor” (GDPR) on that client’s instructions.

2. Personal information we collect

We collect personal information that you give us directly, information that is collected automatically when you interact with our Website, and a limited amount of information received from third-party sources.

2.1 Information you provide to us

Identity and contact information: first and last name, company name, job title, work email address, phone number.
Enquiry content: project details, budgets, timelines and any other information you choose to include when you submit our contact forms, request a proposal or email us.
Marketing preferences: whether you opt in to receive updates from us.
Recruitment information: if you apply for a role, your CV, work history, portfolio links and any other information included in your application.

2.2 Information collected automatically

Device and technical data: IP address, device type, operating system, browser type and version, screen size, referring URL, and similar diagnostic data.
Usage data: pages viewed, time spent on pages, click-through paths, scroll depth, and interactions with forms or calls-to-action.
Cookies and similar technologies: as described in Section 10 below.

2.3 Information from third parties

Professional networks: publicly available information from LinkedIn, Clutch and similar platforms when you engage with our profiles or campaigns there.
Referrals: information shared with us by clients, partners or introducers who recommend you to us.
Service providers: analytics, advertising and customer-relationship-management vendors who help us understand and respond to enquiries.

3. How we use your personal information and our legal basis

We only process your personal information where we have a lawful basis to do so. Under POPIA those bases are the conditions in Section 11. Under the GDPR / UK GDPR they are the grounds in Article 6 (and Article 9 for any special-category information).

To respond to your enquiry and provide a proposal. Legal basis: steps taken at your request prior to entering a contract (POPIA s11(1)(b); GDPR art.6(1)(b)).
To deliver services under a signed agreement. Legal basis: performance of a contract (POPIA s11(1)(b); GDPR art.6(1)(b)).
To send marketing communications you have opted in to. Legal basis: consent, which you may withdraw at any time (POPIA s11(1)(a); GDPR art.6(1)(a)).
To operate, secure and improve our Website. Legal basis: our legitimate interests in running a safe and effective website (POPIA s11(1)(f); GDPR art.6(1)(f)). Where required, we seek your consent through a cookie banner.
To comply with legal obligations. Legal basis: compliance with a law or regulatory requirement (POPIA s11(1)(c); GDPR art.6(1)(c)).
To manage recruitment applications. Legal basis: steps taken at your request prior to a potential employment contract and our legitimate interest in building our team.
To protect our rights and those of our clients. Legal basis: our legitimate interests, including preventing fraud, enforcing our Terms, and defending legal claims.

Where we rely on legitimate interests, we have assessed those interests against your rights and freedoms and concluded that our processing is proportionate. You can ask us for a copy of that assessment at any time.

4. Automated decision-making and AI

We do not make decisions that have a legal or similarly significant effect on you using automated processing alone. Some of our tools (for example, spam filters on contact forms) include automated steps, but meaningful human review is involved before any decision that affects you is finalised.

Where we use artificial-intelligence tools to help triage enquiries, draft responses, or analyse usage, we do so consistent with the transparency principles of the EU AI Act and comparable laws. No personal information is used to train publicly available foundation models without your consent.

5. How we share personal information

We do not sell your personal information. We share it only in the following circumstances and only to the extent necessary:

Service providers and operators who support us, including hosting, analytics, email delivery, customer-relationship management, recruitment platforms, and communications tools. Each is bound by a written agreement that restricts how they may process the information.
Professional advisers such as our lawyers, accountants, auditors and insurers, under duties of confidentiality.
Authorities where we are required to disclose by law or a valid legal process, or where disclosure is reasonably necessary to protect rights, property or safety.
A successor in the event of a merger, acquisition, reorganisation or sale of all or part of our business. We will notify you of any such change and how it affects your rights.
With your consent for any other disclosure.

6. International data transfers

Specno is based in South Africa, but many of our service providers are located in the United States, the European Union, the United Kingdom, and other countries. When we transfer personal information across borders, we take steps to ensure it remains protected:

For transfers out of South Africa: we rely on POPIA Section 72 conditions, including adequate comparable protection, binding corporate rules, your informed consent, or transfers necessary for a contract with or in your interests.
For transfers out of the EEA or UK: we rely on adequacy decisions where available, or on Standard Contractual Clauses together with supplementary measures where required.

You can ask us for information about the safeguards in place for a specific transfer by contacting privacy@specno.com.

7. How long we keep personal information

We keep personal information only for as long as is necessary to fulfil the purposes for which it was collected, including legal, accounting or reporting requirements.

Enquiry and proposal data: up to 24 months after our last interaction, unless you have become a client (in which case we retain it for the duration of the engagement and as long as needed afterwards to comply with tax, legal and regulatory obligations).
Client records: for the duration of the engagement and up to 5 years afterwards, or longer where required by law.
Marketing contacts: until you unsubscribe or withdraw consent, plus a short period to honour your preference.
Recruitment applications: up to 12 months from your application, unless you agree to be kept on file for longer.
Website analytics: up to 26 months from collection, in aggregated or pseudonymous form where possible.

When personal information is no longer needed we delete or anonymise it. Where deletion is not immediately possible (for example, because it is stored in encrypted back-ups), we isolate it from further processing until it can be removed.

8. How we protect personal information

We maintain appropriate technical and organisational security measures, including encryption of information in transit and at rest where appropriate, access controls on a need-to-know basis, regular security reviews, secure software development practices, and confidentiality obligations for everyone who processes information on our behalf.

No system is completely secure. If we become aware of a breach that has or is likely to have created a real risk to your rights, we will notify you and the relevant regulator as required by law.

9. Your rights

Depending on the law that applies to you, you have the right to:

Access the personal information we hold about you.
Correct information that is inaccurate or out of date.
Delete or destroy personal information that is no longer needed.
Object to processing based on our legitimate interests or to direct marketing.
Withdraw consent at any time where we rely on it, without affecting the lawfulness of processing before withdrawal.
Restrict our processing in certain circumstances.
Portability — receive a copy of information you have provided to us in a structured, commonly used format and ask us to transmit it to another controller where technically feasible.
Not be subject to a solely automated decision that has a legal or similarly significant effect.
Lodge a complaint with a supervisory authority (see Section 13).

To exercise any of these rights, email privacy@specno.com. We will respond within the timeframe required by applicable law (for POPIA and GDPR, usually within 30 days). We may ask for reasonable evidence of your identity before acting on a request.

10. Cookies and similar technologies

Our Website uses cookies and similar technologies to operate, secure and improve the Website, and, where you consent, to measure performance and tailor our communications.

Strictly necessary cookies are required for the Website to function. These cannot be switched off.
Analytics cookies (for example, Google Analytics 4) help us understand how the Website is used in aggregate. Loaded only with your consent.
Behavioural / session-recording cookies (for example, Hotjar) help us identify usability issues. Loaded only with your consent, with IP anonymisation and keystroke suppression enabled.
Marketing and retargeting cookies (for example, the LinkedIn Insight Tag) measure the effectiveness of our campaigns. Loaded only with your consent.
Business visitor identification cookies (for example, Leadfeeder by Dealfront) help us identify the companies that visit our Website, using reverse IP lookup and public company data. Loaded only with your consent.

You can change your cookie preferences at any time through the cookie banner or by clearing cookies in your browser. Your choice is stored for 12 months before we ask again.

11. Children

Our Website is not directed at children under the age of 18, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

12. Links to third-party websites

Our Website may contain links to third-party websites, tools and services that are not operated by Specno. We are not responsible for the privacy practices of those third parties. We recommend reviewing their privacy notices before providing any personal information.

13. Complaints and regulators

We would like the chance to address any privacy concerns directly, so please contact privacy@specno.com first.

You also have the right to complain to a supervisory authority, including:

South Africa: Information Regulator, JD House, 27 Stiemens Street, Braamfontein, Johannesburg — inforegulator.org.za.
United Kingdom: Information Commissioner’s Office — ico.org.uk.
European Union: the data-protection authority in your country of residence.

14. Changes to this Policy

We may update this Policy from time to time. If we make material changes we will post an updated version on this page and update the “Last updated” date. Where required by law we will notify you directly.

15. Contact us

If you have any questions about this Policy or how we process your personal information, please contact:

Email: privacy@specno.com
Post: The Information Officer, Specno (Pty) Ltd, Centennial Place, West Block, Bridge Street, Century City, Cape Town, 7441, South Africa.