The Future belongs to those who build Strategic Relationships
Last updated: June 12, 2022
We respect your privacy and Personal Information (refer to the definition of Personal Information at the end of this policy statement). Protection of your Personal Information is a Constitutional right and good business practice requirement which we take very seriously.
In line with the 8 Conditions for Lawful Procession of Personal Information as set out in the Protection of Personal Information Act no 4 of 2013 (the Act), we:
Accept joint responsibility and accountability with you to responsibly manage and protect your Personal Information when providing our services and solutions to you;
Undertake to collect and process only such Personal Information which is necessary given the purpose for which it is processed and to assist you with your required solutions, conclude the necessarily related agreements and consider the legitimate legal interests of everyone concerned, as required by the Act.
We will at all times respect your right to withdraw your consent for the processing of your Personal Information, but this may impact on our ability to support you as our client (or potential client);
Undertake to only use your Personal Information for the purpose for which the information is essential to enable us to assist you or provide solutions to you;
Undertake not to share or further process your Personal Information with anyone or for any reason if not required for assisting you with your solutions or as required in terms of legislation or regulations;
Undertake to take reasonably practicable steps to ensure that information is complete, accurate, not misleading and, where necessary, updated;
Undertake to be open and transparent on the nature, extent and reasons for processing Personal Information;
Undertake to safeguard and protect your Personal Information in our possession; and
Undertake to freely confirm what Personal Information we hold of you, to update and rectify the Personal Information upon request and to keep it for no longer than required.
By providing us with your Personal Information, you agree to this Policy and authorise us to process such information as set out in this Policy.
We will not use your Personal Information for any purpose outside of this Policy, and we will take the necessary steps to secure the integrity and confidentiality of Personal Information in our possession and/or under our control by taking appropriate and reasonable measures to prevent loss of, damage to or unauthorised destruction of Personal Information and to prevent the unlawful access to, or processing of Personal Information.
2. Reasons for Processing Personal Information
We need to collect, use and keep your Personal Information as prescribed by relevant legislation and regulations and for reasons such as:
To provide all relevant services in accordance with your mandate with us;
To respond to your queries;
To confirm and verify your identity or to verify that you are an authorised user for security purposes;
To comply with all legislative or regulatory requirements related to our services;
To satisfy any requirement by a professional body or network to which we are a member;
To fulfil our contractual obligations to you, for example to ensure that invoices are issued correctly, to communicate with you and to carry out instructions and requests, and for ensuring you are able to access our premises when required;
For any other operational purposes required to assist you with the solutions you require;
To comply with our legal obligations to you, for example health and safety obligations while you are on any of our premises, or to a third party;
In connection with possible requirements by the Information Regulator or other Government agencies allowed by law, legal proceedings, or court rulings.
3. Business Activities for which Personal Information is Processed
Providing Professional Services as per client mandate;
Administering, managing and developing our businesses and services;
Security, quality and risk management activities;
Complying with any requirement of law, regulation or a professional body of which we are a member.
4. Sharing or Transfer of Personal Information
We (and this includes our employees and/or associates) will have access to your Personal Information to administer and manage our services and internal business processes. In general, we do not share your Personal Information with third parties (other than service providers or subcontractors acting on our behalf) unless we have a lawful basis for doing so.
We may need to share Personal Information outside of South Africa (in terms of the Act) or the European Economic Area (in terms of GDPR) for purposes as set out in this Policy. This will be done in very limited circumstances and in strict adherence of all requirements of the Act and other relevant legislation.
We may need to share your Personal Information and/or utilise software or online platforms to enter and process your information for business management purposes. This will only be done in strict adherence to the requirements of the Act. Our agreements with third party providers/operators aim to ensure that they comply with the privacy requirements as required by the Act.
We may also disclose your information:
Where we have a duty or a right to disclose in terms of legislation, regulations or industry codes;
Where we believe it is necessary to protect our rights;
When explicitly requested by you;
With professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business. Personal Information may be shared with these advisers as necessary in connection with the services they have been engaged to provide.
To law enforcement, regulatory and other government agencies and to professional bodies, as required by and/or in accordance with applicable law or regulation. We may also review and use your personal information to determine whether disclosure is required or permitted.
5. Information Security
We are legally obliged to provide adequate protection for the Personal Information we hold and to stop unauthorised access and use thereof. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your Personal Information remains secure.
Generally accepted standards of technology and operational security have been implemented to protect information from loss, misuse, alteration, or destruction.
6. Retention of Personal Information
We shall only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer.
7. Your Rights: Access to Information
You have the right to request a copy of the Personal Information we hold about you. To do this, simply contact us via the contact details found on our website and specify what information you require. We will require proof of identity and/or authorisation to confirm your identity before providing details of your personal information.
Please note that any such access request may be subject to a payment of a legally allowable fee.
8. Amendments to Your Information
You have the right to ask us to update, correct or delete your personal information. We will require proof of identity and/or authority before making changes to personal information we may hold of you. We would appreciate it if you would keep your personal information accurate and up to date.
10. How to Contact Us
If you have any queries about this policy, or need further information about our privacy practices, wish to withdraw consent, exercise preferences or access or correct your personal information, please feel free to contact us, though our website “Contact Us” link or send an email to: email@example.com
* Personal Information is defined by the Protection of Personal Information Act (the Act) as:
“information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to—
information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
information relating to the education or the medical, financial, criminal or employment history of the person;
any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
the biometric information of the person;
the personal opinions, views or preferences of the person;
correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further
correspondence that would reveal the contents of the original correspondence;
the views or opinions of another individual about the person; and (h) the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person”.