Privacy Policy
Effective date: 2 April 2026 Last updated: 2 April 2026
Operator: Pieter Fourie — sole proprietor trading as IronPanel
Registered address: 18 Fourie str, Heidelberg, Westerncape, 6665, South Africa
Website: ironpanel.us
Contact: via the contact form at ironpanel.us/contact
This privacy policy explains what personal information IronPanel collects, how it is used, how it is protected, and what rights you have regarding your information.
IronPanel is operated by a sole proprietor based in South Africa serving clients in the United States and internationally. This policy is written to be straightforward and honest — not to obscure what is collected behind legal language.
1. What We Collect and Why
IronPanel collects the minimum information necessary to respond to enquiries and deliver services.
1.1 Contact Form Submissions
When you submit the contact form on this website (powered by Contact Form 7), the following information is collected:
- Your name
- Your email address
- Your website URL (if provided)
- Your message content
Why: To respond to your enquiry and assess whether the services you need are within scope.
How long it is kept: Contact form submissions are retained in the website’s WordPress database until manually deleted. Submissions that do not result in a client engagement are deleted within 90 days. Submissions that become part of a client engagement are retained for the duration of the engagement plus 3 years for record-keeping purposes.
1.2 Email Correspondence
When you email IronPanel directly or respond to a reply to your contact form submission, your email address and message content are retained in the Service Provider’s email system.
Why: To maintain a record of communications related to your enquiry or engagement.
How long it is kept: Email correspondence related to client engagements is retained for 3 years after the end of the engagement. Enquiries that do not result in engagements are deleted within 90 days.
1.3 Service Delivery — Client Infrastructure Access
If you become a client, the Service Provider will receive and store access credentials for your server infrastructure (SSH keys or passwords, control panel credentials, domain registrar login details) solely for the purpose of delivering the agreed services.
Why: Access credentials are required to perform remote server administration.
How long it is kept: All client credentials are deleted or returned to the client within 14 days of service termination, or immediately on written request.
Security: Credentials are stored in an encrypted password manager and never transmitted in unencrypted plain text.
2. What We Do Not Collect
IronPanel does not collect or use:
- Cookies beyond those set automatically by WordPress for site functionality
- Analytics data — there is no Google Analytics, Facebook Pixel, or any tracking script on this website
- Payment card information — payments are processed through third-party payment providers (currently Wise and/or PayPal depending on client preference). IronPanel never sees or stores card details. Refer to the privacy policies of Wise (wise.com) and PayPal (paypal.com) for how your payment information is handled.
- Sensitive personal information — health data, financial account details, government identification
3. How Your Information Is Used
Information collected through the contact form and email is used exclusively for:
- Responding to your enquiry
- Scoping and delivering agreed services
- Invoicing and payment administration
- Legal record-keeping as required
IronPanel does not sell, rent, share, or disclose your personal information to any third party for marketing or commercial purposes.
4. Where Your Data Is Stored
Website and contact form data is stored on IronPanel’s web server hosted at DartNode, Houston, Texas, USA.
Email correspondence is stored on IronPanel’s private mail server, also hosted in Houston, Texas, USA.
The Service Provider is based in South Africa. When you submit a contact form or email IronPanel, your information is received and processed by a person in South Africa. This constitutes a cross-border transfer of personal data.
By submitting the contact form, you acknowledge that your information will be received and processed by the Service Provider in South Africa for the purpose of responding to your enquiry. If you do not wish your information to be processed in this way, do not submit the form.
5. Data Security
IronPanel takes the following measures to protect your personal information:
- The website is served over HTTPS with a valid SSL certificate
- The web server runs on hardened Debian Linux with Fail2ban intrusion prevention
- WordPress is kept updated with security patches applied promptly
- Client credentials are stored in an encrypted password manager
- Email is handled on a private mail server with DKIM, SPF, and DMARC configured
- Access to the web server and mail server is restricted to SSH key authentication
No security measure is absolute. In the event of a data breach affecting your personal information, IronPanel will notify affected individuals within 72 hours of becoming aware of the breach.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
Right to access: You may request a copy of the personal information IronPanel holds about you.
Right to correction: You may request that inaccurate personal information be corrected.
Right to deletion: You may request that your personal information be deleted, subject to any legal record-keeping obligations.
Right to withdraw consent: Where processing is based on consent, you may withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.
USA residents: IronPanel’s data practices are consistent with the principles of US state privacy laws including the California Consumer Privacy Act (CCPA) where applicable. IronPanel does not sell personal information.
South African residents: IronPanel processes personal information in accordance with the Protection of Personal Information Act (POPIA) of South Africa.
To exercise any of these rights, contact IronPanel via the contact form at ironpanel.us/contact. Requests will be responded to within 30 days.
7. Third-Party Services
IronPanel uses the following third-party services in connection with website operation:
| Service | Purpose | Privacy Policy |
|---|---|---|
| DartNode | Web and mail server hosting (Houston, TX) | dartnode.com |
| Contact Form 7 | Contact form processing | contactform7.com |
| Let’s Encrypt | SSL certificate provisioning | letsencrypt.org |
Wise / PayPal — Payment processing — wise.com / paypal.com
IronPanel does not use social media plugins, advertising networks, or analytics services that track visitor behaviour.
8. Cookies
This website uses only the cookies set automatically by WordPress for basic site functionality. These are session cookies that expire when you close your browser.
IronPanel does not use tracking cookies, advertising cookies, or persistent analytics cookies.
A cookie consent banner is not displayed because IronPanel does not use non-essential cookies.
9. Children’s Privacy
IronPanel’s services are directed exclusively at business clients. IronPanel does not knowingly collect personal information from individuals under 18 years of age. If you believe a minor has submitted information through this website, contact IronPanel for immediate deletion.
10. Changes to This Policy
IronPanel may update this privacy policy from time to time. The effective date at the top of this page will be updated when changes are made. Material changes will be communicated to active clients via email.
Continued use of this website after a policy update constitutes acceptance of the updated policy.
11. Contact
For any privacy-related questions, requests, or concerns:
IronPanel — operated by Pieter Fourie, sole proprietor, South Africa
ironpanel.us/contact
All privacy requests receive a personal response within 30 days.