Privacy Policy

The Private Body is a private company which provides goods that is required to comply with the Protection of Personal Information Act 4 of 2013 (herein referred to as POPI).

POPI requires the Private Body to inform their Data Subjects as to the way their personal information is used, disclosed, and destroyed.

This POPI Privacy Policy describes the way the Private Body intends to meet its legal obligations and requirements in respect of the lawful processing of personal information as set in POPI.

POPI further requires the Private Body to make the Data Subject (in this case “You”) aware of how your personal information will be processed lawfully. By signing this POPI Privacy Policy and by providing your Personal Information You are acknowledging that You have been made aware of the specific purpose/s for processing your Personal Information. You further agree with the contents contained herein and hereby authorise the Private Body to process your personal information for the specific purpose/s and in the manner as set out herein below. This Policy is subject to change, whenever it is required.

Security Safeguards

POPI requires that personal information must be adequately protected to prevent the personal information from being lost, destroyed, or illegally accessed by an unauthorised person.

The Private Body will continuously review its security controls and processes to ensure that personal information is secure.

The following procedures are in place to protect the personal information collected:

  • The Private Body has appointed an Information Officer who is responsible for the compliance with the conditions of the lawful processing of personal information and other provisions of POPI.
  • Each new employee will be required to sign an Employment Contract containing relevant Consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI.
  • Every employee currently employed by the Private Body will be required to sign an addendum to their Employment Contracts containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI.
  • The Private Body stores archived hard copy personal information for 6 years as per SARS requirements, which is also governed by POPI, access is limited to authorized employees only.
  • The Private Body’s suppliers, third party service providers, will be required to sign a Service Level Agreement confirming their commitment to the protection of personal information. This will be monitored and reviewed on a regular basis.
  • All electronic files or personal information is securely stored and backed up to prevent unauthorized access by third parties and other data breach threats.

Access and Correction of Personal Information

You have the right to access your personal information held by the Private Body. You also have the right to ask that the Private Body update, correct or delete your personal information on reasonable grounds.Once You objected to the processing of your personal information the Private Body may no longer process the said personal information.The Private Body will take all reasonable steps to confirm Your identity before providing details of Your personal information or making changes to Your personal information.