Selected MacBook Air models with Microsoft 365 Personal. Save R999. Shop now

iStore Policies

Select a policy on the drop down menu below to view the full terms and conditions.


ZA Online Stores (Pty) Ltd (the Company) view privacy, security and compliance with applicable data laws seriously. We are committed to protecting your privacy and personal information and complying with applicable data laws in South Africa when you access our website or make use of the Company goods or services, and accordingly, shall take all reasonable steps, including technological, procedural and other controls, to protect your personal information. Any personal information that you provide to the Company will be used and retained in accordance with this Privacy Policy and all other relevant codes and standards. This Privacy Policy is intended to inform you of the privacy practices that the Company apply and to explain how we collect, store, use, transfer and disclose (handle) your personal information. Please read it in full as it applies to you.

1. Information that we may collect about you

1.1. We use the term “personal information” or “personal data” to mean information that relates to you. Personal information includes, for example, your name, contact information including your cell phone number, email address, identity number, age, gender, income, ethnic group and information relating to your education, criminal, employment, and/or financial history. Information that is not linked to a particular individual, such as statistical or aggregated information, is not personal information and is not covered by this Privacy Policy. We may collect, process, use, disclose and transfer non-personal information for any purpose. You can choose not to provide personal information that we may request of you, but, in general, most of the personal information we request is required in order to provide the Company goods and/or services, and the lack of such personal information may prevent us from doing so.

1.2. Generally, we may collect personal information about you when you access the Company website and/or subscribe for the services offered by the Company. We may also collect information about you when you use the website, report a problem with the website, use support services, or communicate with us. In addition, information may be collected when you respond to customer surveys, and promotions. What is mentioned above is not a complete list of all the ways that we could collect information. Below, we have set out information that may be collected and processed:

1.2.1. information that you provide on or through the website. This includes information provided at the time of registration (such as your name, date of birth, address, account information and email address), receive maintenance, making payments or posting material. We may also ask you for information when you report a problem with the website or the good and/or services;

1.2.2. details of your visits to and use of our website including, but not limited to, traffic data, location data, weblogs, service provider page viewing statistics and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;

1.2.3. details about written or verbal enquiries, problems or other contact and any recordals when you utilise our goods and/or services, and/or use our help desk, call centre or other channels of communication;

1.2.4. information related to you and your use of the website and/or the Company goods and/or services, including but not limited to: your online activity, contributions, payment history, correspondence, internet protocol addresses, device and software data (such as type, configuration and unique identifiers);

1.2.5. information obtained from surveys that we may ask you to voluntarily complete from time to time, which we use for research purposes;

1.2.6. information posted by you pursuant to reviews of the website and the Company goods and/or services; and

1.2.7. any other information that may be necessary: (i) to carry out actions for the conclusion or performance of a contract to which you are a party; (ii) to comply with an obligation imposed on us by law; (iii) to protect your legitimate interest; and/or (iv) to pursue a legitimate interest of ours or of a third party to whom the information is supplied.

1.3. The Company may also collect non-personal information such as your IP address, date, time and duration of your access to the website to track your visits to the website so that we are able to deliver a more personalized experience. This information is used to develop future products and/or services that meet your requirements and needs.

1.4. Internet protocol addresses. We may collect information about your device, including where available your internet protocol address, operating system and browser type, for system administration and to report aggregate information to our advertisers and/or service providers. This is statistical information about your browsing actions and patterns and does not identify you.

1.5. Special personal information. Depending on the Company goods and/or services that you require, we may also collect special personal information including your:

1.5.1. financial information – such as your bank account details;

1.5.2. criminal information – such as information about your commission or alleged commission of any offence or about any related legal proceedings;

1.5.3. employment information – including your membership of a trade union.

2. Acceptance

2.1. Legal capacity. You may not access our website or order our goods or request our services if you are younger than 18 (eighteen) years old or do not have legal capacity to conclude legally binding contracts.

2.2. Deemed acceptance. By accepting this Privacy Policy, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.

2.3. Cookies and other analytics. By using the website, you are consenting to our use of cookies, caching tools and analytics tools, in accordance with this Privacy Policy. If you do not agree, please refrain from using the website. Like many Apps, we use cookies and similar technologies to collect additional data and to improve our the Company goods and/or services. These technologies use small data files that are transferred to your mobile device. If you return to an application, it shows that it is a repeat visit. The technologies cannot be used to identify you on the websites of third parties, including the website of the analysis provider. It can additionally be used to store your preferred settings, e.g. language and country settings, so that they will be immediately available on your next visit. We use the web analysis system in order to raise the efficiency of our App. Personal information is collected and stored either electronically by the use of “cookies” or provided voluntarily with your consent and knowledge. You may disable cookies in your browser, however should you do so please understand that you will not be able to fully experience the features of the website.

3. Use and analysis of personal information

3.1. For us to make your use of the website and the Company goods and/or services as successful as possible, the Company collects, stores and uses your personal information. When you agree to provide information to us, we will indicate the purpose/s for which we may use or process it, however below are some examples:

3.1.1. process the goods and services you’ve bought from us, and keep you updated with your order progress;

3.1.2. keep you informed generally about new products and services (unless you choose not to receive our marketing messages);

3.1.3. to communicate any requested information;

3.1.4. to provide you with any the Company goods and/or services and/or Products and any changes to the service or product;

3.1.5. to authenticate a user and provide access to restricted pages;

3.1.6. to create new and interesting products or services that we feel may meet your future requirements and personalize them for you;

3.1.7. to contact you with offers or promotions based on how you use our products and services. These include your calling and messaging activities, location information and browsing information (unless you choose not to receive these messages);

3.1.8. to carry out research and statistical analysis including to monitor how customers use of products and services on an anonymous or personal basis;

3.1.9. to prevent and detect fraud or other crimes, recover debts or trace those who owe us money;

3.1.10. to provide aggregated reports to third parties (such reports do not contain any information which may identify you as an individual);

3.1.11. for training purposes;

3.1.12. to bill you for using our products or services, or to take the appropriate amount of credit from you;

3.1.13. at your option, we will let you know about other companies' products and services we feel may interest you (including offers and discounts we’ve specially negotiated for our customers);

3.1.14. to ensure that content on the website and the Company goods and/or services are presented in the most effective manner for you and for your computer or other device;

3.1.15. to determine your general geographic location, enforce the terms of this Privacy Policy, personalise the website and the Company goods and/or services and our marketing to better reflect particular interests, helping us to quickly and efficiently respond to inquiries and requests and otherwise analyse, enhance, administer or promote the service offering for you and other users;

3.1.16. to administer this website;

3.1.17. to carry out our obligations arising from any agreements entered into between you and us, if any; and

3.1.18. to allow you to participate in interactive features of the website and the Company goods and/or services, when you choose to do so.

3.2. If you have any concern regarding the use of your information, please contact us at

3.3. Except as otherwise set out expressly herein, we do not disclose personal information about users to our advertisers (if any) but we may provide them with aggregate information or information in an otherwise anonymous form about our users (for example, we may inform them that 107 women, under the age of 25, have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, individuals with a particular interest).

3.4. We may make use of the personal information we have collected from you to enable us to comply with advertisers' wishes by displaying their advertisement to that target audience.

3.5. In addition, we may use other companies, agents or contractors to perform services on our behalf or to assist us with the provision of access to the website and the Company goods and/or services to you. For example, we engage services providers to provide marketing, communications, infrastructure and information technology services, personalise and optimise our website and the online services, provide customer service, analyse and enhance data, including users' interaction with the online services, and process consumer surveys. In the course of providing such services, these service providers may have access to your personal information. We do not authorise these service providers to use or disclose your personal information except in connection with providing the services we request of them.

3.6. Only personal information that is necessary for the purposes stated in this Privacy Policy will be collected, stored, used and otherwise processed by the Company.

4. Disclosure of your personal information

4.1. All non-personal information collected and assembled by the Company, is owned and retained by the Company. You are hereby expressly notified of and consent to our collection of your personal information.

4.2. The personal information that has been collected by the Company, may be disclosed or otherwise processed by us if permitted by applicable law, if the necessary consent has been obtained from you and/or if the access, use, preservation, disclosure or other processing of such information is reasonably necessary:

4.2.1. for legal and regulatory compliance of applicable law, regulation, legal process, or governmental request;

4.2.2. for the purpose of conducting research and improving our products or services;

4.2.3. for debt collecting purposes and/or debt recovery;

4.2.4. for emergency services where applicable, this includes your approximate location;

4.2.5. to enforce applicable terms of use and terms and conditions (including but not limited to this Privacy Policy), including investigation of potential violations thereof;

4.2.6. to detect, prevent, or otherwise address illegal or suspected illegal activities, security or technical issues;

4.2.7. to protect against harm to the rights, property or safety of us, our users or the public as required or permitted by law, which includes exchanging information with other companies and organisations for the purposes of fraud protection and where applicable credit risk reduction;

4.2.8. in connection with any reorganization, restructuring, merger or sale, or other transferring of assets; provided that the receiving party agrees to respect your personal information in a manner that is consistent with this Privacy Policy; and/or

4.2.9. for the compilation, use and sharing of information that does not pertain to any specific individual,

and you hereby consent to us and our duly authorized agents and contractors processing your personal information for such purposes.

4.3. At your option and only with your consent, we may also share your information with partner organisations, so they can contact you about their products and services.

4.4. We may share, transfer or disclose the information in our databases and server logs to comply with a legal requirement, for the administration of justice, interacting with anti-fraud databases, to protect your vital interests, to protect the security or integrity of our databases or this website, or to take precautions against legal liability. We will inform you of any such transfer or disclosure if required to do so by law.

4.5. The Company may for lawful purposes and in accordance with applicable laws, monitor your calls, e-mails or messages and such information will be made available to third parties if and to the extent required by law.

5. Transfer across borders

5.1. The information that we collect from you may be transferred to, and stored at, a destination outside of South Africa. It may also be processed by staff members operating outside of South Africa who work for us or for one of our service providers (including but not limited to payment processors, cloud service or other information technology providers, and other companies that provide services to us). Such staff members may be engaged in, among other things, the provision of the service or the provision of maintenance and support services.

5.2. In this instance, we will not send your information to a jurisdiction that does not have information protection legislation similar to that of the RSA, unless we have ensured that the recipient agrees to effectively adhere to the principles for processing of information in accordance with POPIA.

6. Your Rights and Obligations

6.1. You may only send us your own personal information or the information of another data subject where you have their permission to do so.

6.2. You have the right to ask us to review your personal information that you have provided to us and make any changes to it.

6.3. You have the right to make a request for a copy of the personal information that we hold about you. Having provided adequate proof of identity, you have the right to request that we confirm, free of charge, whether or not the responsible party holds personal information about the data subject and request from a responsible party the record or a description of the personal information about the data subject held by the responsible party. For further information on your right to access your personal information, please see our access to information page.

6.4. You have the right to choose whether you wish to receive marketing material. By accepting this policy, you consent to receiving marketing material. Should you no longer wish to receive such material you can opt out by contacting us by email at The Company undertakes to comply with all applicable law in relation to direct marketing.

6.5. You have the right to request the Company to correct or delete your personal information. However, the Company will retain such personal information that it is required to retain in terms of any applicable law and for as long as it is necessary to fulfill the purposes as set out in this Privacy Policy. We take reasonable steps to ensure that the personal information we collect and store is accurate, complete and up-to-date. We also endeavour as best we can to delete any incorrect or unnecessary personal information, particularly in respect of your contact details. Please ensure that your personal information is accurate, complete and up-to-date by contacting us as soon as possible if you become aware that your personal information is in any way inaccurate, incomplete or out-of-date.

6.6. You have the right to request details in respect of the identity of third parties who have or had access to your personal information, if applicable, and you have the right to request the identity of third persons who are in charge of your personal information as well as those third person to whom your personal information may be have been communicated, if applicable.

6.7. You have the right to lodge a complaint with the Information Regulator in accordance with POPIA.

6.8. Please note that the website may, from time to time, contain links to and from the websites of our partner networks, advertisers, service providers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and cookie policies and that the Company does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. This also applies to any third-party websites or content you connect to using our products and services.

6.9. Right to object to use of personal information. In certain circumstances, you have the right to object to us processing your personal information. Please click here to contact us and a member of our dedicated team will respond to you.

6.10. How to lodge a complaint. Should you believe that we have used your personal information contrary to applicable law, you undertake to first attempt to resolve any concerns with us directly. Kindly click here to contact us and a member of our dedicated team will contact you. If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator in accordance with POPIA.

7. Security and storage of your personal information

7.1. The Company is committed to protecting the security and confidentiality of your personal information and will take all reasonable steps to secure the personal information that you submit to us. We use a variety of security technologies and physical, electronic and managerial procedures to protect the personal information that we have collected, or that you have provided. This will minimise the risk of loss, misuse, alteration, disclosure and unauthorised access of your information that is under our control.

7.2. Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot always guarantee the absolute security of your personal information which is transmitted via the website which may be accessed by an unauthorised third party via for instance any unlawful activity.

7.3. We ensure that third parties required to process your personal information in accordance with this policy and/or for other lawful purposes, are contractually bound to apply the appropriate security practices.

7.4. We hold and use personal information for as long as permitted for legal, regulatory, fraud prevention and legitimate business purposes.

8. Access to Information

POPIA together with the Promotion of Access to Information Act (PAIA) provide you the right to access information held about you. Your right of access can be exercised in accordance with our PAIA manual.

9. Changes

We may change the terms of this Privacy Policy at any time by updating this web page. We will notify you of any changes by placing a notice in a prominent place on the website or by sending you an email detailing the changes that we have made and indicating the date that they were last updated. If you do not agree with the changes, then you must stop using the website and our goods and/or services. If you continue to use the website or our goods and/or services following notification of a change to the terms, the changed terms will apply to you and you will be deemed to have accepted those updated terms.

Privacy Key Terms

Below is a list of recurring terms in the Core Group’s privacy policy and procedures.


Key term

The process of either encrypting or removing personal data from a database, so that the individuals whom the data describe remain anonymous. This is done for the purpose of protecting individuals’ private activities while maintaining the integrity of the data gathered and shared.

Behavioural Advertising

The act of tracking users’ online activities and then delivering ads or recommendations based upon the tracked activities.

Binding Corporate Rules (BCRs)

Personal data protection policies which are adhered to by a controller or processor established on the territory of a Member State for transfers or a set of transfers of personal data to a controller or processor in one or more third countries within a group of undertakings, or group of enterprises engaged in a joint economic activity.

Biometric Data

Personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopy data.

Core Group

Collectively refers to ZA Online Stores (Pty) Ltd t/a iStore; The Core Computer Group (Pty) Ltd; The Core Computer Business (Pty) Ltd; Core Gaming Systems (Pty) Ltd; One Sandton Drive Properties (Pty) Ltd; Mobile In Africa (Pty) Ltd and Think Ahead Educational Solutions (Pty) Ltd.


Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


A small text file stored on a user machine that may later be retrieved by a web server from the machine. Cookies allow web servers to keep track of the end user’s browser activities, and connect individual web requests into a session.

Data Controller

An entity that has the authority over the processing of personal data. It controls the use of personal data by determining the purposes for its use and the way personal data will be processed.

Data Enrichment

A process used to enhance, refine or otherwise improve existing data.

Data Processing

Any operation or set of operations which is performed on personal data, such as collecting, recording, organizing, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination or otherwise making the data available, aligning or combining data, or blocking, erasing or destroying data. Not limited to automatic means.

Data Protection Officer

The individual appointed by the Core Group to carry out certain responsibilities and functions in respect of privacy and data protection.

Data Retention

The policies and processes used within the Core Group for determining the time period for archiving and storing of personal data.

Data Subject

The natural or juristic person that the personal data refers to. 

Direct Marketing

A form of advertising in which companies provide physical marketing materials to consumers to communicate information about a product or service.


The method by which plaintext or any other type of data is converted from a readable form to an encoded version that can only be decoded by another entity if they have access to a decryption key.

Genetic Data

Personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question.

IP Address

A unique address that identifies a device on the Internet or a local network and which allows a system to be recognized by other systems connected via the Internet protocol.

Online Behavioural Advertising

Websites or online advertising services that engage in the tracking or analysis of, e.g., search terms, browser or user profiles, preferences, demographics, online activity, offline activity, location data, and offer advertising based on that tracking.

Personal Data

Any information relating to an identified or identifiable individual and where applicable a juristic person. An identifiable individual is one who can be identified, directly or indirectly, in particular, by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

Personal Data Breach

A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Privacy and Data Protection

The collection of laws and regulation that applies to the collection, usage, storage, protection and other processing of personal data.  This includes data protection, privacy, banking secrecy, electronic communications and confidentiality laws and regulations, and any other applicable laws or regulations to the extent they relate to privacy of personal data.

Privacy Champion

An internal employee who serves as the privacy practice sponsor and acts as an advocate to further foster privacy as a core organization concept.


A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.


A natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third-party or not. However, public authorities which may receive personal data in the framework of an inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

Restriction of Processing

The marking of stored personal data with the aim of limiting their processing in the future. 

Special Categories of Personal Data

Special categories of personal data, include: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data (for uniquely identifying an individual) and of data concerning health, sex life or sexual orientation.


A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Cookie Notice

At ZA Online (Pty) Ltd t/a iStore (the “Company”), we respect your concerns about privacy and view data protection very seriously. We use technology on our website to collect information that helps us enhance our experience and our products and services. The cookies that we use at the Company allow our website to work and help us to understand what information and advertising is most useful to our visitors.

Please familiarise yourself with our cookie practices and let us know if you have any questions by sending us an email to

What does cookie mean?

A cookie is a small file of letters and numbers that we store on your browser or your computer if you agree.

There are many types of cookies. They all work in the same way, but have certain minor differences. For a detailed guide on cookies, we suggest that you visit the About Cookies website

Who is collecting it?

This Cookie Notice applies to any websites, apps, branded pages on third-party platforms, and applications accessed or used through such websites or third-party platforms (hereinafter, “our websites”) which are operated by or on behalf of the Company.

By using our websites, you are consenting to our use of cookies in accordance with this Cookie Notice and our Privacy Notice. If you do not agree to our use of cookies in this way, you should set your browser settings accordingly, disable the cookies that we use, alternatively not use our websites at all. If you disable the cookies we use, this may impact your user experience while on the websites.

The Company will only collect, use or disclose your personal data where it is fair and lawful to do so. For a more detailed understanding of how we use personal data collected by Company cookies, please refer to our Privacy Policy.

What purpose do we use cookies for?

We use cookies to make the Company’s websites more user friendly, ensure a personalised experience is provided on our websites, and to customize our products, services and websites to your interests and needs. Cookies are used to help speed up your future activities and your experience on Company’s websites.

The cookies you consent to, are also used to collect your personal data which we then profile into audiences so that we can deliver targeted advertising customised to your interests and limit the number of times you see an advertisement.

We also insert cookies in communications, such as emails and newsletters to improve our content and advertising. Lastly, we use cookies to compile anonymous, aggregated statistics that allow us to understand how our websites are being used and to help us improve them and measure the effectiveness of advertising campaigns.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

How can I control cookies?

You can provide your consent; or

You can disable Company or third-party cookies by use of your browser settings but that may affect some operations on Company web site.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit

Complaint procedure

1. Introduction

1.1. ZA Online Stores (Pty) Ltd t/a iStore (the “Company”) always aim to provide a high standard of care in all our services.

1.2. Our customers’ views are important to us and help to ensure our services are consistently meeting people’s needs. If you are unhappy with any of our services, it is important that you let us know.

2. Making a suggestion

2.1. Often people feel more comfortable about suggesting improvements rather than complaining formally. Anyone receiving services, and their friends and/or family, may make a suggestion.

2.2. First you should speak to the Line Manager or the Manager on duty at the particular time.

2.3. If the suggestion is something that the Company as an organisation needs to consider you can send it to our Customer Service Department at

3. Making a complaint

3.1. We aim to handle complaints quickly, effectively and in a fair and honest way. We take all complaints seriously and use valuable information from investigating to help us improve the service we provide. We treat all complaints in confidence.

3.2. The Company assures clients and their families that it will not withdraw or reduce services because someone makes a complaint in good faith.

4. Who to complain

Anyone affected by the way the Company provides services can make a complaint.

5. How you can make a complaint

5.1. You can complain:

5.1.1. in person

5.1.2. by telephone

5.1.2. through a member of our staff

5.2. Where someone complains orally, we will make a written record and provide a copy of it:

5.2.1. by letter;

5.2.2. by email

6. Anonymous complaints

We deal with anonymous complaints under the same procedure; however, it is better if you can provide contact details so we can tell you the outcome of our investigation.

7. Responsibility

5.1. The Store Manager has overall responsibility for dealing with all complaints made about their service.

5.2. We will provide as far as is reasonably practical:

5.2.1. any help you need to understand the complaints procedure; or

5.2.2. advice on where you may get that help.

8. How we handle complaints

8.1. The Store Manager or the Company may ask one of the management team to investigate the complaint. That person will have enough seniority and experience to deal with the issues raised by the complaint.

8.2. We will acknowledge a complaint within 3 (three) working days and give you the name and contact details of the person investigating it.

8.3. We will keep you informed about the progress of the investigation. We aim to have all complaints finished within 28 (twenty-eight) working days unless we agree a different time scale with you.

8.4. When we have finished investigating, we will correspond, via email or telephone, with you to discuss the outcome, and write to you with:

8.4.1. details of the findings; and

8.4.2. our proposals to resolve your complaint.

9. Time period

You should complain as soon as you are able to do so after the date on which the event occurred or came to your notice.

10. Further steps

10.1. The Store Manager or the Company may ask one of the management team to investigate the complaint. That person will have enough seniority and experience to deal with the issues raised by the complaint.

10.2. You can contact the Ombudsman at:

Tel: 0860000272