This policy sets out how we may use information that you provide, or that we collect about you when you visit our website, enter (or apply to enter) into agreement(s) with us, and you agree to be bound by this policy.
“Personal information” (or simply referred to in this policy as “information”) includes any “personal information” as defined in POPI.
Any reference in this policy to “website” also refers to our mobile application (“app”).
We may amend this policy from time to time, in line with changes required by legislation or our internal business operations. The version as displayed on the website at the time when you interact with us will apply, and you should therefore review this policy whenever you visit our website.
If you have any questions about this policy or do not agree with it, please contact us directly at firstname.lastname@example.org.
We are committed to implement appropriate technical and other security measures to protect the integrity and confidentiality of your information.
We protect and manage information that we hold about you, by using electronic and computer safeguards such as firewalls, data encryption, and physical and electronic access control to our buildings.
We only authorise access to information to those employees who require it to fulfil their designated responsibilities.
When you use the website, we may give you an access number, username, password and/or personal identification number (“PIN”). You are responsible to maintain the secrecy and confidentiality of your username, access number, password and/or PIN.
3. COLLECTING YOUR INFORMATION
3.1 Methods of collection
We collect information about you as follows:
- Through your interaction with our website, including application forms;
- Through your communications with us;
- From external sources, such social media services like Facebook, Twitter, etc, where you have consented to us obtaining information from such sources; and
- Other third parties related to our operations or within our business structure.
We may also record calls as required by law, or for quality checks, staff training or for purposes of your relationship with us.
When you use our website, we automatically receive and record information on our server logs from your browser, which may from time to time include your location, IP address, cookie information, and the page you requested. This is statistical data about browsing actions and patterns and may also obtain information about your general internet usage, by using a cookie file which is stored on the hard drive of your computer. Cookies enable us to improve our service to you, estimate our audience size and usage patterns, store information about your preferences and recognise when you return to our website.
4. USE OF YOUR INFORMATION
4.1 Information we hold
We may generally store and use the following information (depending on the reason we collected the information): Your –
- first name and surname;
- age and gender;
- phone numbers, e-mail address;
- location information;
- IP address or cookie information; and
- any other information which we reasonably need to perform our duties for purposes of marketing to you, any agreement we may have with you, or to operate your account, or fulfil our regulatory or other business obligations.
Third parties, who may be responsible parties in their own right, such as payment gateways, may collect your payment details via our website in order to ensure that you transact securely with us. Those details will only be stored by such payment gateways, and not by us.
4.2 Information about children and special personal information
We will only process information about children with the consent of a competent person (someone like the parent or guardian), or if required to establish, exercise or defend a right or obligation in law or if otherwise allowed in law to process it.
We do not intend to process any “special personal information” about you, as defined in POPI, which includes e.g. political, religious or health-related information, except if we are under a legal obligation to do so, receive your consent or are otherwise allowed legally allowed to process it.
4.3 Information we share
We will keep your information confidential and only share it with others for the purposes set out in this policy, or if you have otherwise consented thereto, or if we are legally obliged or entitled to do so.
We have trusted relationships with carefully selected third parties who perform services on our behalf. All service providers are bound by contract to maintain the security of your information and to use it only as permitted by us.
Subject to this policy, we may share information about you with:
- any firm, organisation or person we use to help us to collect payments and recover debts or to provide a service on our behalf;
- any firm, organisation or person who provides us with products or services, and or delivery of those products or services, reasonably require access to your information;
- any payment gateway we may use;
- regulatory and governmental authorities, ombudsmen, or other authorities, including tax authorities, if we are requested by them to do so; and
- any other third party, if we are legally obliged or entitled to do so.
4.4 How we use your information
We undertake to only process your information insofar it is adequate, relevant and not excessive for the purposes set out below:
We will use your information to:
- perform our duties in terms of any agreement or proposed agreement we may have with you;
- operate and manage your account, any application, agreement or correspondence you may have with us;
- carry out, monitor and analyse our business;
- contact you by email, SMS, letter, telephone or in any other way about our products and services, unless you inform us that you prefer not to receive marketing communications;
- identify or prevent fraud and money laundering;
- form a view of you as an individual and to identify, develop or improve products that may be of interest to you;
- carry out market research, business and statistical analysis;
- carry out audits;
- perform other administrative and operational tasks including the testing of systems;
- trace your whereabouts, should it be required for delivery of our services to you, or it otherwise becomes reasonably necessary to do so;
- recover any debt you owe to us; and
- comply with our regulatory or other obligations.
Your information may also be used for other purposes for which you provide permission, or where we are permitted to do so, or when it is in the public interest to disclose the information.
You may on reasonable grounds object to the processing of your information, after which we undertake not to continue to process such information, except as provided for in law.
If you believe we are using your information unlawfully, you may lodge a complaint with the Information Regulator.
5. QUALITY AND ACCESS TO YOUR INFORMATION
We want to ensure that your information is accurate and up to date. You may ask us to correct or remove any information that you think is inaccurate, by sending us an e-mail to email@example.com.
You have the right to request us to provide you with information that we hold about you. You must contact us directly to do so or send an e-mail to firstname.lastname@example.org. Fees to obtain a copy of your records may be prescribed in terms of POPI, for which we will provide you with a quote before disclosing such records.
6. RETENTION OF INFORMATION
As our services may be made accessible for “trial” periods to users, we have to retain certain information indefinitely, in order to prevent “trial fraud”. We will however only retain your information for the purposes explicitly set out in this policy.
Should we keep your information longer than is strictly necessary for purposes of our agreement, we will either de-identify your information, or keep it for statistical purposes only.
Whilst we retain your information, we will continue to abide by our non-disclosure obligations and will not sell or share your information without your consent.
We will report any security breach to both the Regulator and the individuals or companies involved. If you suspect any breach regarding your information, kindly notify us immediately by sending an email to email@example.com.
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third party websites.
9. TRANSBORDER FLOW OF INFORMATION
We will only transfer your information transborder, in order for us to perform services as agreed with you, such as login functionality through social media services.
Such information shall only be transferred to recipients who are subject to laws, binding corporate rules or agreements, that provide an adequate level of protection that upholds principles for processing of information that are substantially similar to those principles as set out in POPI.