Which solution is right for your business?
In this Policy, unless the context clearly indicates a country intention, the following terms shall have the meanings assigned to them in this Policy and POPI –
1.1 “Client” – means any natural person or juristic person, who has enlisted the services rendered by SEIDOR ONE;
1.2 “Consent” – means any voluntary, specific and informed expression of will in terms of which permission is given for the Processing of Personal Information;
1.3 “Data Subject” – means the person to whom Personal Information relates;
1.4 “Personal Information” – shall have the same meaning as given in terms of section 1 of POPI;
1.6 “POPI” – means the Protection of Personal Information Act, Act 4 of 2013 (as amended from time to time);
1.7 “Processing” – means any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information, including –
1.7.1 the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
1.7.2 dissemination by means of transmission, distribution or making available in any form; or
1.7.3 merging, linking, as well as restricting, degradation, erasure or destruction of information;
and “Process” / “Processes” / “Processed” shall bear a corresponding meaning;
1.8 “Regulator” – means the Information Regulator established in terms of section 39 of
1.9 “Special Personal Information” – means Personal Information as referred to in section 26 of POPI;
1.10 “Third-Party” – means any employee, independent contractor, agent, consultant, sub- contractor, user of SEIDOR ONE’s Website or any other authorised representative of SEIDOR ONE;
1.11 “SEIDOR ONE” – means Seidor One (Pty) Ltd REG No 2009/006403/07; and
1.12 “Website” – means the Website of SEIDOR ONE with URL www.seidor.com/en-ss.
2.1 This Policy regulates the Processing of Personal Information and other confidential information by SEIDOR ONE and sets forth the requirements with which SEIDOR ONE undertakes to comply when Processing Personal Information and other confidential information in rendering services to its Clients.
2.2 SEIDOR ONE is obliged to Process Personal Information in accordance with the provisions of POPI. This Policy declares SEIDOR ONE’s commitment to comply with POPI when Processing Personal Information and Special Personal Information.
2.3 When a Data Subject or third party engages SEIDOR ONE’s, whether it be physically or via any digital, electronic interface such as the Website of SEIDOR ONE’s, the Data Subject or third party acknowledge their voluntary acceptance of this Policy. Should the Data Subject or third party express their objection to the Processing of their Personal Information, the Data Subject and / or third party should note that SEIDOR ONE requires the Data Subject or third party’s acceptance to enable it to effectively fulfil its obligations towards the Data Subject and /or third party and comply with other applicable laws.
3. COLLECTING AND PROCESSING OF PERSONAL INFORMATION
3.1 Whenever any Data Subject contacts SEIDOR ONE electronically or telephonically,
SEIDOR ONE will in effect be Processing the Data Subjects’ Personal Information.
3.2 It may be that SEIDOR ONE collects a Data Subject’s Personal Information from other sources. In such an event, SEIDOR ONE will not be responsible for any loss suffered by the Data Subject, their dependents, beneficiaries, spouse, or employees (as the case may be), since the Data Subject shared their Personal Information with such third party.
3.3 SEIDOR One Processes Personal Information in order to enable it to deliver exceptional services to its Clients, create a legally compliant environment [including, but not limited to, compliance with the Financial Intelligence Centre Act, At 38 of 2001 (“FICA”) requirements], as well as to safeguard such Personal Information.
3.4 SEIDOR ONE will Process Personal Information for the following purposes:
3.4.1 to provide or manage any information and services requested by the Data Subject;
3.4.2 to establish the Data Subject’s needs in relation to specific instructions to
3.4.3 to identify the identity of the Data Subject;
3.4.4 to facilitate the delivery of services to Clients;
3.4.5 to maintain records of the Data Subject, with specific reference to Client
3.4.6 to maintain Third-Party records;
3.4.7 to process applications for employment purposes;
3.4.8 to send newsletters;
3.4.9 to comply with FICA and Legal Practice Council requirements;
3.4.10 to detect and prevent money laundering;
3.4.11 for general administration purposes;
3.4.12 for legal and / or contractual purposes;
3.4.13 to enter into negotiations and / or transact with third parties; and
3.4.14 to carry out analysis and Client profiling, including but not limited to identifying the full names, identity number, physical and postal addresses, contact numbers and e-mail address of natural persons, and in the case of juristic persons, to identity the registration number, directors, shareholders, physical and postal addresses, contact numbers and e-mail address of such juristic person, its directors and / shareholders.
3.4.15 In the event that SEIDOR ONE collects Personal Information, SEIDOR ONE shall comply with the notification requirements set out in section 18 of POPI and shall further comply with the conditions of Processing Personal Information as set out in POPI.
3.5 SEIDOR ONE shall not Process the Personal Information of a Data Subject for any other purpose than set out in this Policy unless SEIDOR ONE is permitted or obliged to do so in terms of any applicable laws.
3.6 SEIDOR ONE shall further not share a Data Subject’s Personal Information without such
Data Subject’s Consent, provided that in certain circumstances:
3.6.1 SEIDOR ONE must share Personal Information with Third-Parties as part of its legal services rendered to its Clients;
3.6.2 SEIDOR ONE have to obtain Personal Information regarding Clients and other third parties or entities as part of its legal services rendered to its Clients;
3.6.3 to release Personal Information when it is appropriate to comply with relevant laws, to enforce SEIDOR ONE’s engagement package, and to protect the rights, property (including, but not limited to intellectual property), or safety of SEIDOR ONE and its Clients;
3.6.4 SEIDOR ONE may need to transfer Personal Information to another country for
Processing when it is required by virtue of services rendered to the Client; and
3.6.5 relevant laws allow for the disclosure of Personal Information to law enforcement or other agencies (provided that SEIDOR ONE will exercise due consideration prior to disclosing such Personal Information);
3.7 When disclosing Personal Information as contemplated in clauses 3.7.1 to 3.7.4 above,
SEIDOR ONE will in all instances provide due notice to the Data Subject of such disclosure.
4. PERSONAL INFORMATION FOR DIRECT MARKETING PURPOSES
4.1 SEIDOR ONE acknowledges that it may only use Personal Information to contact Data Subjects for purposes of direct marketing if SEIDOR ONE has complied with the provisions of POPI.
4.2 SEIDOR ONE will ensure that a reasonable opportunity exists for any and all Data Subjects to object to the use of their Personal Information for marketing purposes when collecting the Personal Information and every time a communication which has a marketing purpose is sent.
5. STORAGE AND RETENTION OF PERSONAL INFORMATION
5.1 SEIDOR ONE will retain Personal Information it has Processed in an electronic and / or hardcopy file format, either through Third-Party service providers or by itself. Should SEIDOR ONE make use of a Third-Party service provider, it is expressly recorded that SEIDOR ONE will need to disclose Personal Information to such Third-Party service provider where necessary to ensure that the purpose for which the Personal Information was collected, is achieved. It is further recorded that SEIDOR ONE will enter into written agreements with such Third-Party service provider to ensure compliance with all applicable laws, with specific reference to POPI.
5.2 Personal Information will be retained by SEIDOR ONE for as long as necessary to fulfil the purpose for which the Personal Information was collected, taking into consideration that such retention shall be for a minimum period of 3 (three) to 7 (seven) years from the date of last entry as prescribed by applicable laws.
6. SAFEGUARDING OF PERSONAL INFORMATION
6.1 SEIDOR ONE is required to take reasonable measures to adequately protect all Personal Information held by it and to avoid unauthorised access and use of such Personal Information. In order to comply with this requirement, SEIDOR ONE maintain reasonably industry-standard physical, technological and procedural safeguards to secure the integrity and confidentiality of Personal Information.
6.2 In further compliance with POPI, SEIDOR ONE will take steps to notify the Regulator and any affected Data Subject of a security breach within a reasonable time after becoming aware of such security breach.
6.3 It must be noted and should be acknowledged that the transmission of Personal Information, whether physical or through the internet (including, but not limited to e-mail) is not completely secure. Therefore, SEIDOR ONE in no way guarantee that the safeguards implemented is completely secure.
6.4 Any transmission of Personal Information will therefore be at the sole risk of the Data Subject.
6.5 The Data Subject, whether it be a Client or third party, by accepting the terms and conditions of this Policy, indemnify and hold SEIDOR ONE harmless for any security breaches which may potentially occur in relation to the Data Subject’s Personal Information.
7. ACCESS TO PERSONAL INFORMATION
7.1 Should a Data Subject want access to the Personal Information held by SEIDOR ONE, such Data Subject must make a written request to the Information Officer designated by SEIDOR ONE from time to time. Such request may be sent to [email protected]
7.2 SEIDOR ONE will, upon request of a Data Subject (and subject to all applicable laws, including but not limited to the Promotion of Access to Information Act, Act 2 of 2000) provide the Data Subject with his / her / its Personal Information.
7.3 Should a Data Subject request the amendment, correction or destruction of Personal Information, such request may also be sent [email protected], SEIDOR ONE will, in terms of all applicable laws, respond to such request within a reasonable time.
7.4 It must be noted that SEIDOR ONE may charge a prescribed fee to be paid for copies of a Data Subject’s Personal Information.
8. COMPLAINTS TO THE INFORMATION REGULATOR
8.1 In the event that any Data Subject or third party is of the view or belief that SEIDOR ONE has Processed their Personal Information in a manner or for a purpose which is contrary to the provisions of this Policy, the Data Subject should first attempt to resolve such matter directly with SEIDOR ONE Should themmatter not be resolved, the Data Subject or third party shall have the right to lodge a complaint with the Regulator under the provisions of POPI.
8.2 The contact details of the Regulator are the following: The Information Regulator (South Africa)
Physical Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg,2001 Postal Address: P.O. Box 31533, Braamfontein, Johannesburg, 2017
Complaint e-mail address: [email protected]
General Enquiry email address: [email protected]
9. AMENDMENTS TO THIS POLICY
SEIDOR ONE may amend this Policy from time to time. Amendments will appear on the Website.