Which solution is right for your business?
This policy describes how personal information is collected and handled to meet the organisation’s data protection and privacy standards and comply with the law.
SEIDOR Mauritius Pty Ltd is a controller under the Data Protection Act 2017(DPA), which means that it determines the purposes and means of the processing of personal data and has decision making power with respect to the processing.
3. Collection and processing of personal information
3.1 Whenever any Data Subject contacts SEIDOR Mauritius electronically or telephonically, we will in effect be Processing the Data Subjects’ Personal Information.
3.2 It may be that SEIDOR Mauritius collects a Data Subject’s Personal Information from other sources. In such an event, SEIDOR Mauritius will not be responsible for any loss suffered by the Data Subject, their dependents, beneficiaries, spouse, or employees (as the case may be), since the Data Subject shared their Personal Information with such third party.
3.3 SEIDOR Mauritius Processes Personal Information in order to enable it to deliver exceptional services to its Clients, create a legally compliant environment [including, but not limited to, compliance with the Financial Intelligence Centre Act, At 38 of 2001 (“FICA”) requirements], as well as to safeguard such Personal Information.
3.4 SEIDOR Mauritius will Process Personal Information for the following purposes:
3.4.1 to provide or manage any information and services requested by the Data Subject;
3.4.2 to establish the Data Subject’s needs in relation to specific instructions to SEIDOR Mauritius;
3.4.3 to identify the identity of the Data Subject;
3.4.4 to facilitate the delivery of services to Clients;
3.4.5 to maintain records of the Data Subject, with specific reference to Client records;
3.4.6 to maintain Third-Party records;
3.4.7 to process applications for employment purposes;
3.4.8 to send newsletters;
3.4.9 to comply with Legal Practice Council requirements;
3.4.10 to detect and prevent money laundering and corruption;
3.4.11 for general administration purposes;
3.4.12 for legal and / or contractual purposes;
3.4.13 to enter into negotiations and / or transact with third parties; and
3.4.14 to carry out analysis and Client profiling, including but not limited to identifying the full names, identity number, physical and postal addresses, contact numbers and e-mail address of natural persons, and in the case of juristic persons, to identity the registration number, directors, shareholders, physical and postal addresses, contact numbers and e-mail address of such juristic person, its directors and / shareholders.
3.5 In the event that SEIDOR Mauritius collects Personal Information, SEIDOR Mauritius shall comply with all notification requirements and shall further comply with the conditions of Processing Personal Information as set out in the Data Protection Act 2017.
3.6 SEIDOR Mauritius shall not Process the Personal Information of a Data Subject for any other purpose than set out in this Policy unless SEIDOR Mauritius is permitted or obliged to do so in terms of any applicable laws.
3.7 SEIDOR Mauritius shall further not share a Data Subject’s Personal Information without such Data Subject’s Consent, provided that in certain circumstances:
3.7.1 SEIDOR Mauritius must share Personal Information with Third-Parties as part of its legal services rendered to its Clients with the accompanies consent;
3.7.2 SEIDOR Mauritius have to obtain Personal Information regarding Clients and other third parties or entities as part of its legal services rendered to its Clients;
3.7.3 to release Personal Information when it is appropriate to comply with relevant laws, to enforce SEIDOR Mauritius engagement package, and to protect the rights, property (including, but not limited to intellectual property), or safety of SEIDOR Mauritius and its Clients;
3.7.4 SEIDOR Mauritius may need to transfer Personal Information to another country for processing when it is required by virtue of services rendered to the Client; and
3.7.5 relevant laws allow for the disclosure of Personal Information to law enforcement or other agencies (provided that SEIDOR Mauritius will exercise due consideration prior to disclosing such Personal Information);
3.8 When disclosing Personal Information as contemplated in clauses 3.7.1 to 3.7.4 above, SEIDOR Mauritius will in all instances provide due notice to the Data Subject of such disclosure.
Please refer to section 23 (2) of the Data Protection Act 2017 regarding information to be provided to data subjects upon collection of their personal data.
4. How do we protect your information?
1. Right to object. You may on reasonable grounds object to us using your information. If you object, we will stop using your information, except if the law allows its use.
2. Lodging a complaint. If you believe we are using your information unlawfully, you may lodge a complaint to the Data protection Officer:
- Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We are committed to implement appropriate technical and other security measures to protect the integrity and confidentiality of your information. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
- Security breach. We will report any security breach to the Information Regulator and to the individuals or companies involved. If you want to report any concerns about our privacy practices or if you suspect any breach regarding your information, kindly notify us by sending an email to [email protected].
5. Data Disclosure
5.1 The Data Protection Act 2017 allows personal data to be shared among public sector agencies without the consent of the data subject.
5.2 SEIDOR Mauritius will retain Personal Information it has Processed in an electronic and / or hardcopy file format, either through Third-Party service providers or by itself.
5.3 Should SEIDOR Mauritius make use of a Third-Party service provider, it is expressly recorded that SEIDOR Mauritius will need to disclose Personal Information to such Third-Party service provider where necessary to ensure that the purpose for which the Personal Information was collected, is achieved.
5.4 It is further recorded that SEIDOR Mauritius will enter into written agreements with such Third-Party service provider to ensure compliance with all applicable laws, with specific reference to the Data Protection Act 2017.
6. Data Security
6.1 SEIDOR Mauritius is required to take reasonable measures to adequately protect all Personal Information held by it and to avoid unauthorised access and use of such Personal Information. In order to comply with this requirement, SEIDOR Mauritius maintain reasonably industry-standard physical, technological and procedural safeguards to secure the integrity and confidentiality of Personal Information.
6.2 In further compliance with the DPA 2017, SEIDOR Mauritius will take steps to notify the Regulator and any affected Data Subject of a security breach within a reasonable time after becoming aware of such security breach.
6.3 It must be noted and should be acknowledged that the transmission of Personal Information, whether physical or through the internet (including, but not limited to e-mail) is not completely secure. Therefore, SEIDOR Mauritius in no way guarantee that the safeguards implemented is completely secure.
6.4 Any transmission of Personal Information will therefore be at the sole risk of the Data Subject.
6.5 The Data Subject, whether it be a Client or third party, by accepting the terms and conditions of this Policy, indemnify and hold SEIDOR Mauritius harmless for any security breaches which may potentially occur in relation to the Data Subject’s Personal Information.
7. What are your rights? (Data Subjects’ rights)
7.1 As per the Data Protection Act 2017, all individuals who are the subject of personal data held by SEIDOR Mauritius are entitled to
- request access to their personal data.
- request rectification or erasure of their personal data.
- request restriction of processing of their personal data.
- object to the processing of their personal data.
- request withdrawal of consent.
- ensure that individuals are aware of their rights and that they understand how to exercise such rights.
7.2 Indicate to the individuals how to make a request relating to any of the rights listed above. No administration fee must be charged for considering and/or complying with such a request unless the request is deemed to be manifestly excessive in nature.
7.3 As per section 37 (4) of the DPA, where the personal data are not or have not been collected from the data subject, the controller shall not be required to provide information where the processing is expressly prescribed by law or this proves to be impossible or involves a disproportionate effort.
You should include this subsection 37(4) as well if this is applicable in your context.
8. Usage of cookies
- Cookies enable us to improve our service to you, compile aggregate data regarding our site traffic and interactive and usage patterns, store information about your preferences and recognise when you return to our website.
- If cookies are disabled in your browser you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
9. Third-party disclosure and links
1. Disclosure. We do not sell, trade, or otherwise transfer to outside parties your personal information.
2. Links on our website. Our website may include links to other applications or third party websites which do not fall under our control. We cannot accept any responsibility for your privacy or the content of these applications, but we display these links in order to make it easier for our visitors to find information about specific subjects.
3. Social Media. Our website may connect to various social media sites or applications, including Facebook, Twitter, LinkedIn, Instagram and Google+. If you want to use our website for social media integration, including to create user profiles and login functionality, we will share your information with the relevant social media sites or applications.
10. Compliance with Data Protection Act 2017
All processing of personal data by SEIDOR Mauritius will be done in compliance with the Data Protection Act 2017.
11. Amendments to the Policy
This policy will be updated as and when required to reflect best practice in data management, security and control and to ensure compliance with any changes or amendments made to the Data Protection Act 2017. The Policy will be reviewed every year.