Consent to process personal information in terms of The Protection of
Information Act, 4 of 2013 (POPIA)……………………………………………………….. 2
1. Introduction ………………………………………………………………………….…………… 2
2. Application ……………………………………………………………………………..…………. 2
3. Accountability ……………………………………………………………………………………. 3
4. Agreement to be bound and consent to process ………………………………. 3
5. Receipt, use and sharing of personal information by SA Compliance…3
6. Receipt, use and sharing of SA Compliance personal information …….5
7. Information quality / openness / data subject participation ………………. 5
8. Security of personal data …………………………………………………………………… 5
9. Third party information and that belonging to minors………….…..………..6
10. Contact details ………………………………………………………………….……..….……6
11. Revision of policies ………………………………………………………….………………. 6
Consent to process personal information in terms of The Protection of Information Act, 4 of 2013 (POPIA)
Please read the document before you provide SA Compliance with the required Personal Information. By providing SA Compliance with your Personal Information, you consent to SA Compliance processing your Personal Information, which SA Compliance undertakes to process strictly in accordance with this section 18 informed consent document.
1.1 SA Compliance is a private company established and duly registered in accordance with the company laws of the Republic of South Africa.
1.2 In terms of a law known as the Protection of Personal Information 4 of 2013, (POPIA) everyone has the right to privacy, including the right to the lawful collection, retention, dissemination and use of one’s Personal Information.
1.3 In order to give effect to this right, SA Compliance is under a duty to provide any person whose personal information is processed by it, known as a data subject, with a number of details pertaining to the use of and subsequent processing of the data subject’s personal information, before such information is used or processed.
1.4 In accordance with this requirement, SA Compliance sets out below:
- The reasons why it will be required to process a data subject’s personal information.
- The conditions under which it will receive and use a data subjects’ personal information.
- How SA Compliance will use and handle this personal information, as well as,
- The conditions under which it will provide its own personal information.
- The data subjects who may make use of, or access SA Compliance social media and electronic platforms and all the processing of personal information by SA Compliance as a result of a data subject making use of, or accessing SA Compliance social media and electronic platforms except to the extent that a separate POPIA policy has been issued in respect of a specific service or product and related processing activities; and
- All the personal information which is owned by SA Compliance and which is provided to any responsible parties and / or operators because of a data subject accessing or making use of SA Compliance social media and electronic platforms.
3.1 SA Compliance will only process a data subject’s personal information in accordance with POPIA and the terms of this privacy statement.
3.2 In turn where SA Compliance provides any of its personal information to a responsible party or operator, then such person will be required as a condition of receiving such information, to process such personal information in accordance with POPIA and the terms of this privacy statement.
3.3 Accordingly, the relevant data privacy principles relating to the processing of personal information, whether that belonging to SA Compliance or that belonging to a data subject (including, but not limited to, the collection, handling, transfer, sharing, correction, storage, archiving and deletion) will apply without exception, save where POPIA provides for such an exception, to all and any personal information provided by SA Compliance to another or received by SA Compliance as a result of the use of SA Compliance email, and / or social media and electronic platforms.
4. Agreement to be bound and consent to process
4.1 By accessing or using the SA Compliance website and URL’s, any sites housed under its domain names and / or social media platforms, and / or when sending or receiving emails using SA Compliance email, the data subject:
4.1.1 Acknowledges that it has read and understood this section 18 consent notice and related provisions;
4.1.4 Gives SA Compliance consent to process and further process the required personal information in accordance with this section 18 informed consent notice.
5. Receipt, use and sharing of personal information by SA Compliance
5.1 SA Compliance will receive personal information pertaining to a data subject when the data subject submits a query or request via the SA Compliance website, or by way of email, telephone or via social media.
This personal information will include:
- your name and surname;
- your email address;
- your telephone number;
- your company name, company registration number, and VAT number;
- your postal address or street address; and
- your username and password.
We will use this personal information to fulfil your account, provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.
5.2 On receipt of the request or query, SA Compliance will thereafter use and process the data subject’s personal information for a variety of purposes, depending on the query, request, completion of an online or telephonic survey which without detracting from the generality thereof may include
- for the purposes of identifying and / or verifying the data subject’s details;
- for the purposes of providing information, products and/or services that the data subject, may have requested;
- for employment application purposes;
- for the purposes of managing any information pertaining to the data subject;
- for general administration purposes;
- for legal or contractual purposes;
- to help SA Compliance improve the quality of SA Compliance products and services;
- to help SA Compliance detect and prevent fraud and money laundering;
- for the purposes of recovering unpaid fees and / or any other amount due to SA Compliance;
- for the purpose of debt collection;
- for the purposes of research, analytical and statistical purposes;
- for the purpose of carrying out analysis of customer profiling;
- for the purposes of identify other products and services which might be of interest to the data subjects;
- for the purposes of informing a data subject about SA Compliance products and services.
5.3 To correctly handle any request or query, and in order to perform the purposes described above, SA Compliance may from time to time share a data subject’s personal information with the following parties
- SA Compliance employees, which will only be done on a need to know basis;
- SA Compliance’s carefully selected business partners who provide products and services which may be of benefit to a data subject which will only be done on a need to know basis; and
- SA Compliance operators such as service providers and agents who perform services on our behalf which will only be done on a need to know basis and in terms of an operator agreement.
5.4 SA Compliance does not share a data subject’s personal information with any third parties who have not been described above, unless
- SA Compliance is legally obliged to provide such information to another for legal or regulatory purposes;
- SA Compliance is required to do so for purposes of existing or future legal proceedings;
- the onward transmission or sharing of personal information is necessary for the pursuance or protection of SA Compliance’s legitimate interests or that of the data subject or a third party;
- SA Compliance is involved in the prevention of fraud, loss, bribery or corruption and are using another agent or service provider under a mandate to provide such service and under all of the abovementioned circumstances, SA Compliance will take reasonable measures to ensure that such personal information is only provided to the recipient if such recipient undertakes to keep the information confidential and secure.
5.5 Where SA Compliance has to transfer the data subject’s personal information across the South African borders, it will ensure that before it does so, that it will ensure that the recipient thereof agrees to be bound by POPIA under and in terms of a set of binding corporate rules or binding agreements that provide an adequate level of protection and uphold the principles for the reasonable and lawful processing of such personal information.
6. Receipt, use and sharing of SA Compliance personal information
SA Compliance on receipt and in response to a query or request received from a data subject, referred to under section 5 above, will transmit via its website, or by way of email, telephone or via social media, its own personal information, which personal information on receipt by the requesting or receiving data subject may only be used for the purpose relating to the initiating of the request or query and for no other purpose. Furthermore, the recipient undertakes that it will not share this information with any other party, save where it has been given express permission to do so by SA Compliance.
7. Information quality / openness / data subject participation
7.1 Whilst SA Compliance will make all effort to ensure the integrity and accuracy of a data subject’s personal information this may not at all times be possible. Following this, the data subject accepts that the responsibility for keeping its / her or his information up to date and undertakes to inform SA Compliance of any changes to its/ his or her personal information. This can be done by email or telephone number.
7.2 A data subject has a right of access to any personal information which SA Compliance may have and where applicable may ask SA Compliance to correct any inaccuracies in or to any such personal information. This request must be done by way of a formal PAIA process. Please refer to the Paia manual for more information.
A data subject may contact SA Compliance’s Information Officer at the following address firstname.lastname@example.org should it have any questions, complaints or objections regarding the processing of its personal information.
8. Security of personal data
8.1 SA Compliance makes all reasonable effort to keep its website secure at all times, however advise that it cannot guarantee the security of any information provided to us or by us through the SA Compliance website, e-mail, internet or social media sites. SA Compliance cannot be held responsible for any loss or unauthorised use or interception of information transmitted via these sites, such as the internet which is beyond SA Compliance’s reasonable control.
8.2 The SA Compliance website and/or communications sent by SA Compliance may contain links to other websites outside of SA Compliance’s control. SA Compliance is not responsible for the content, privacy, or security of these other third party controlled websites.
8.3 SA Compliance has placed cookies on its website which makes contact with your, the data subject’s device to help make its website better. A data subject may change these cookie settings by declining the cookie pop up on your browser. If not amended or changed SA Compliance will accept that you are happy that these cookies access and make use of your details.
8.4 SA Compliance makes use of social plug-ins of social networks such as Facebook, YouTube, LinkedIn, Google+ and Twitter. Please note that SA Compliance has no influence on or control over the extent of the data retrieved by the social networks’ interfaces and SA Compliance can accordingly not be held responsible or liable for any processing or use of personal information transmitted via these social plug-ins. For information on purpose and extent of the data retrieval by the social network concerned, and about the rights and settings possibilities for the protection of your private sphere, please refer to the data protection information provided by the social network in question.
8.5 Note that all Telephone calls may be recorded and/or monitored for security and quality assessment purposes.
8.6 Subject to the provisions above, SA Compliance has implemented the appropriate technical and organisational security measures which are required in order to protect all personal data which it holds from and / or against unauthorised access, accidental or wilful manipulation, loss or destruction.
9. Third party information and that belonging to minors
9.1 If a data subject provides SA Compliance with personal information on behalf of another, SA Compliance will not be able to process the query or request unless such query or request is accompanied with the required permission and consent from the parent or guardian to process the third party’s personal information.
9.2 If a data subject is under the age of 18, such person’s personal information will only be processed if the minor’s parent or legal guardian gives the required consent or permission to the processing.
10. Contact details
You can contact SA Compliance in relation to this Privacy Notice by emailing us at email@example.com
11. Revision of policies
We reserve the right to and may from time to time update this Privacy Notice.
Any such revision will be published as an amended version on our website.
Any change to this Notice will be posted as an updated version and readers are advised to visit and re-read this policy on a regular basis.