Last updated: May 24, 2021
COMMITMENT TO YOUR PRIVACY
- In performing the Organisation’s services in the ordinary course of business, the Organisation may collect, use and disclose Personal Information. Anyone from whom the Organisation collects such information can expect that it will be appropriately and lawfully protected and that any use of or other dealing with this information is subject to consent, where this is required by law. This is in line with the general privacy practices of the Organisation.
- This Policy sets out how the Organisation collects, uses, discloses, and safeguards the Personal Information it processes in the course of its business.
- In this Policy, in addition to the other terms that have been defined in the body of the Policy, the Organisation makes use of the following terms:
- “Personal Information” means all information which may be considered to be personal in nature or information about an identifiable natural and / or existing juristic person (where applicable) in terms of the Electronic Communications and Transactions Act 25 of 2002 (“ECTA“), the Consumer Protection Act 68 of 2008 (“CPA“) and the Protection of Personal Information Act 4 of 2013 (“POPIA”); and
- “User, you, your or yourself” refers to any person who makes use of the Website for any purposes whatsoever, whether or not such use is free of charge or paid for.
- In addition, unless the contrary is specified, terms that are used in the Policy that are specifically defined in POPIA, are given the meanings ascribed to them in POPIA.
WHAT PERSONAL INFORMATION DOES THE ORGANISATION COLLECT AND WHY?
The Organisation may collect Personal Information in conducting its ordinary business operations, including through the use of its Website. In processing such Personal Information, the Organisation at all times ensures that (i) it complies with the provisions of POPIA, and (ii) such Personal Information is used for legitimate business purposes.
The Organisation does not, except where otherwise permitted by law, collect, use or disclose your Personal Information without your consent.
USE AND DISCLOSURE OF PERSONAL INFORMATION
- The Organisation operates its Website, and conducts its business in general, in accordance with South African legislation. The Organisation considers it imperative to protect the privacy interests of data subjects.
- In the event that the Organisation sends Personal Information outside of South Africa (including if such information is hosted offshore), the Organisation will ensure that it takes all reasonable steps to ensure that it complies with all applicable laws in this regard, including POPIA.
RETENTION OF PERSONAL INFORMATION
All Personal Information retained on the Organisation’s database, including such information obtained through the use of the Website, is in accordance with the retention provisions set out in the applicable laws and regulations of South Africa, including those set out in POPIA.
YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION
- It is important to note that you have rights in relation to your Personal Information.
- You have the right to contact the Organisation at any time to ask the Organisation to:
- confirm that it holds your Personal Information (at no charge);
- provide you access to any records containing your Personal Information or a description of the Personal Information that the Organisation hold about you (subject to payment of a prescribed fee); and / or
- confirm the identity or categories of third parties who have had, or currently have, access to your Personal Information (also subject to payment of a prescribed fee).
- The Organisation’s contact information.
- When you make a request regarding your Personal Information, the Organisation will take reasonable steps to confirm your identity.
- There may be times when the Organisation cannot grant access to your Personal Information, including where granting you access would (i) interfere with the privacy of others, or (ii) result in a breach of confidentiality. The Organisation will always provide you with reasons if this is the case.
- If you are of the view that any Personal Information that the Organisation holds about you is incorrect in any way, including that it is inaccurate, irrelevant, outdated, incomplete or misleading, you are allowed to ask the Organisation to correct it. If you believe that any Personal Information that the Organisation holds about you is excessive or has been unlawfully obtained, you can ask the Organisation to destroy or delete it. You may do the same if you think that the Organisation has retained if for longer than necessary, given the purpose. The Organisation will do so unless there are good grounds not to (such as that the Organisation is required to hold it for a period prescribed by any applicable legislation).
- It is important, however, to understand that if you withdraw your consent for the Organisation to use some of your Personal Information, it may affect the quality and level of service that the Organisation can provide to you.
- The Organisation has adopted a security model to protect your Personal Information that complies with generally accepted information security practices and procedures. As part of the Organisation’s security systems, the Organisation has implemented fire-wall technology, password controls, encryption processes and antivirus software. This is in addition to the physical security measures adopted by the Organisation to ensure that it takes all appropriate, reasonable technical and organisational measures to prevent (i) loss of, damage to, or unauthorised destruction of Personal Information, and (ii) unlawful access to or processing of Personal Information. The Organisation has a stringent security policy in place that every officer, employer and supplier of the Organisation must adhere to.
- The Organisation confirms that it takes all reasonable measures to:
- identify all reasonably foreseeable internal and external risks to any Personal Information in its possession or under its control;
- establish and maintain appropriate safeguards against any risks that are identified by the Organisation;
- regularly verify that these safeguards are effectively implemented by or on behalf of the Organisation; and
- ensure that such safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.
- Cookies are small files containing information that the Website uses to track a visit by a user. The Organisation uses session cookies to better understand how the Website is used by users to improve the performance of the Website for users, particularly the way search pages are delivered. The Organisation has installed settings on the Website to ensure that session cookies do not remain on your computer at the end of your visit to the Website, and cannot be used to obtain any personally identifiable details.
- Any communications that you do receive from the Organisation pursuant to clause 10.1 will set out how to opt out of receiving future communications from the Organisation, free of charge, if you no longer wish to receive material for any reason whatsoever. The Organisation will only send you marketing messages when you tick the relevant boxes at certain times when engaging with the Organisation.
The Organisation, in its sole discretion, reserves the right to update, modify or amend this Policy from time to time with or without notice. You therefore agree and undertake to review the Policy whenever you visit the Website. Save as expressly provided to the contrary in this Policy, any amended version of the Policy shall supersede and replace all previous versions thereof.
Questions, concerns or complaints related to this Policy or the Organisation’s treatment of Personal Information should be directed to the email address set out in item 1.5 of the Schedule.