POPIA STATEMENT

Information Privacy Statement

We are committed to respecting and protecting the privacy rights of all clients, customers, business partners and associates of this organisation in terms of the provisions of the Protection of Personal Information Act of 2013 (‘POPIA’ or ‘the Act’).

The purpose of this privacy statement is to give an outline of our policy in respect of the processing of your personal information as a ‘data subject’ in terms of the Act. In this statement we inform you why we require personal information about you, how we will collect that information, for what purposes we will store or use the information and how we will protect your personal information. It also informs you about your rights.

  1. What personal information do we collect about you and how do we collect it?

We collect information when initially engaging with you and in the course of doing business with you, as a consequence of which you are considered to be a data subject in terms of the Act. As a general rule information is collected voluntarily and directly from a data subject, or from and authorised representative of the data subject. In some cases, personal information may be collected from our associates, from the public domain or from other sources, provided that it is collected in a lawful manner and for lawful purposes as envisaged by the Act. The information may be collected manually or electronically, telephonically, via email, online portals or via other electronic platforms.

The information that we collect includes information envisaged by the definition of ‘personal information’ in the Act, but we try to limit the amount of information we collect so that it is relevant and adequate for the purposes for which it is collected.

We do not collect ‘special personal information’ as defined in the Act in the normal course of our business, but may do so where authorisation has been obtained, or if it is required or permitted by law.

  1. Why do we need this information?

The information you provide will only be used for the purposes pertaining to the services or products provided by us and our associates, or for other lawful purposes as prescribed or permitted by the Act. We will not use your personal information for any other purpose.

  1. How do we ensure that your information remains secure?

We have measures in place to ensure the maintenance of security surrounding the storage and disclosure of personal information, as required by the Act.  Whenever any external party is appointed to operate our data storage systems, we seek a written undertaking from such an external party that the integrity and confidentiality of the personal information will be protected.

  1. Data in other locations

Given the nature of modern electronic systems, the personal information that we collect about you may be transferred to and stored electronically in locations other than the Organisation’s premises, including in other countries.  In such cases, the Organisation will take appropriate steps to ensure that there is an adequate level of data protection in the country of the recipient as required in terms of the Act and as described in this Statement.

  1. For how long is the information retained?

The personal information collected from you will only be kept for as long as it is reasonably necessary to serve the purpose for which it was collected. We shall review the need to keep particular records from time to time. However, you may contact the information officer at any time if you would want any record of your personal information to be removed.

  1. Your rights and obligations under the POPIA

We have appointed and registered an Information Officer with the Information Regulator to ensure that the provisions of the Act are complied with and to facilitate communication with subscribers, clients, business partners, associates and the Information Regulator.

You have the right to object to the processing of your personal information in certain circumstances (Section 11(3) of the Act). You also have the right to access personal information we hold about you and to request for it to be corrected, or to be destroyed or deleted in certain circumstances (Section 24 of the Act). You may address your requests to the Information Officer via the e-mail address mentioned below.

  1. Changes to this Statement

Some of the points in this statement may also be referred to or elaborated on in a service or other agreement we have with you. While we reserve the right to update this statement from time to time, it will not affect any agreement we have with you.

  1. Complaints or queries

If you have a complaint, you may contact the Information Regulator at complaints.IR@justice.gov.za. However, we would encourage you to first contact the Information Officer, admin@giraffeandco.com in order to address any concern or query that you may have.