Privacy Notice

All personal information supplied by you, whether voluntarily or mandatory, will be recorded and
processed regardless of form or medium in which the information is supplied. We have a strong
commitment to respecting concerns regarding privacy and will process all personal information in
accordance with the provisions set out hereunder.

Collecting Personal Information:
We endeavour to collection and process information which has been collected directly from you.
We collect the following information:
1.          names;

  1. billing addresses;
  2. banking details;
  3. email addresses;
  4. contact numbers;
  5. version of web browser;
  6. IP address;
  7. cookie information;
  8. ___________

We collect personal information in order to liaise with you telephonically, via email and or our
website so that we may:

  1. respond to any query or comment received from you;
  2. inform you of new services;
  3. enable us to process, validate and verify information and requests for the supply of services;
  4. for the purposes for which you specifically provided the information; and
  5. generally to improve your experience on our website.

Minors:

We do not intentionally collect personal information from minor children. If you are the parent or
guardian and believe your minor child has provided us with personal information, please contact us
at the address below to request the deletion thereof.
Processing of Information:
We will share your personal information:

  1. in order to comply with applicable law or with legal process served on our company;
  2. in order to protect and defend the rights or property of our company; and
  3. with employees and/or third parties who assist us in providing services to you and thus
    require your personal information in order to render a proper and efficient service. We will
    ensure that all such employees and third party service providers, having access to your
    personal information, are bound by confidentiality agreements.
    In accordance with the provisions of the Protection of Personal Information Act (POPIA), we process
    personal information where:
  4. it is necessary to carry out actions for the conclusion or performance of a contract to which
    the data subject is a party;
  5. the processing complies with an obligation imposed by law on the business;
  6. the processing protects a legitimate interest of the data subject;
  7. the processing is necessary for the proper performance of a public law duty by the business;
    or
  8. the processing is necessary for pursuing the legitimate interests of the business or of a third
    party to whom the information is supplied.

Collection of Information by “Cookies”
You are aware that information and data is automatically collected through the standard operation
of the Internet servers and through the use of “cookies.” “Cookies” are small text files a website can
use to recognise repeat users, facilitate the user’s ongoing access to and use of the website and
allow a website to track usage behaviour and compile aggregate data that will allow content
improvements and targeted advertising. Cookies are not programs that come onto your system and
damage files. Generally, cookies work by assigning a unique number to you that has no meaning
outside the assigning site. If you do not want information collected through the use of cookies,
there is a simple procedure in most browsers that allows you to deny or accept the cookie feature;
however, you should note that cookies may be necessary to provide you with certain features (e.g.,
customized delivery of information) available on our Websites.
Security Measures:
We will:

  1. treat your personal information as strictly confidential;
  2. take appropriate technical and organisational measures to ensure that your personal
    information is kept secure and is protected against unauthorised or unlawful processing,
    accidental loss, destruction or damage, alteration, disclosure or access;
  3. promptly notify you if we become aware of any unauthorised use, disclosure or processing of
    your personal information; and
  4. provide you with reasonable evidence of our compliance with our obligations under this
    policy on reasonable request.
    Retention:
    We will not retain your personal information longer than the period for which it was originally
    required, unless we are required by law to do so, or you consent to us retaining such information
    for a longer period.
    Selling Personal Information:
    We do not sell the information and will only share same with service providers as set out herein.

Your rights:
You have the right at any time to:

  1. access your personal data by sending a written request to our Information Officer who’s
    contact details are set out below. We may charge you a fee for this service.
  2. request us to correct or supplement any of your personal data which we will undertake as
    soon as practicable.
  3. request the return or destruction of Personal Information. We will consider your request in
    light of any other laws or regulations prohibiting us from destroying your personal data; and
  4. lodge a complaint with the company.
    Transborder Flow of Information:
    We may transfer your information outside South African borders for retention purposes and/or if
    our service provider/s are cross border or uses cross boarder systems. We will only share your
    information with service providers who have comparable privacy policies in place.
    Changes:
    We may update this privacy notice from time to time in order to reflect, for example, changes to
    our practices or for other operational, legal, or regulatory reasons.
    Contact:

For more information about our privacy practices, if you have questions, or if you would like to
lodge a complaint, please contact the Information Officer, in writing, via e-mail at
_____ .
If you are not satisfied with our response to your complaint, you have the right to lodge your
complaint with:
THE INFORMATION REGULATOR (SOUTH AFRICA) SITUATE AT: JD HOUSE, 27 STIEMENS STREET,
BRAAMFONTEIN, JOHANNESBURG, 2001.
COMPLAINTS: POPIAComplaints.IR@justice.gov.za
GENERAL QUERIES: inforeg@justice.gov.za

PAIA Manual

6. RECORDS AUTOMATICALLY AVAILABLE TO THE PUBLIC

Category of records Types of the Record Available on
Website

Available
upon
request

7. RECORDS OF THE PRIVATE BODY
This clause serves as a reference to the records that the Private Body holds in order
to facilitate a request in terms of The Act.

The information is classified and grouped according to records relating to the following
subject and categories: It is recorded that the accessibility of the documents listed
herein below, may be subject to the grounds of refusal set out hereinafter.
Subjects on which the
body holds records

Categories of records

Human Resources – HR policies and procedures

– Advertised posts
– Employees records
– UIF Records
– PAYE Records
– SDL Records
Clients – VAT Records
– Quotations
– Invoices
– Credit Applications
Suppliers – Quotations
– Invoices
– Credit Applications

8. RECORDS REQUIRED IN TERMS OF LEGISLATION

Records are kept in accordance with legislation applicable to…… , which includes but is
not limited to, the following –

Category of Records Applicable Legislation
Memorandum of
Incorporation

Companies Act 71 of 2008
Companies Act, 61 of 1973

PAIA Manual Promotion of Access to Information Act 2 of 2000
Labour Law Labour Relations Act, 66 of 1995 –

Basic Conditions of Employment Act, 75 of 1997

Employment Equity – Employment Equity Act, 55 of 1998
ECTA – Electronic Communications and Transactions Act, 36

of 2005

BEEE Broad Based Economic Empowerment Act, 53 of 2003
OHASA Compensation for Occupational Injuries and Diseases

Act,130 of 1993

Constitution – Constitution of the Republic of South Africa, 108 of

1996

UIF Unemployment Insurance Act, 63 of 2001
VAT Value Added Tax Act, 89 of 1991
Skills Development – Skills Development Act, 9 of 1997
Skills Development Levy Act, No. 9
Income Tax – Income Tax Act, 58 of 1962
Personal Records Protection of Personal Information Act 4 of 2013
OHS Occupational Health and Safety Act 85 of 1993
FICA The Financial Intelligence Centre Act 38 of 2001 
FAIS Financial Advisory and Intermediary Services Act 37 of 2002
Estate Agency Board Property Practitioner Act No. 22 of 2019

Reference to the above-mentioned legislation shall include subsequent amendments
and secondary legislation to such legislation.

9. PROCESSING OF PERSONAL INFORMATION
9.1 Purpose of Processing Personal Information
We only process personal information for:
• Employees – Employment Contracts, Payroll, SARS, Department of Labour,
UIF/WCC
• Customers – Credit Applications, Invoicing, Delivery, Comply to SARS
• Suppliers – Credit Applications, Purchases, Collections, Comply to SARS

9.2 Description of the categories of Data Subjects and of the information or
categories of information relating thereto

Categories of Data
Subjects

Personal Information that may be processed

Customers / Clients name, address, contact details, registration numbers,
vat numbers, identity numbers and bank details
Suppliers names, registration number, vat numbers, address,
contact details, product details and bank details
Employees address, qualifications, gender and race, banking
details, tax numbers, identity numbers, contact details
9.3 The recipients or categories of recipients to whom the personal
information may be supplied

Category of personal
information

Recipients or Categories of Recipients to whom
the personal information may be supplied

Identity number and names,
for criminal checks

South African Police Services

Qualifications, for
qualification verifications

South African Qualifications Authority

Credit and payment history,
for credit information

Credit Bureaus

9.4. Planned transborder flows of personal information:
We don’t transfer information to other countries:

9.5 General description of Information Security Measures to be
implemented by the responsible party to ensure the confidentiality,
integrity and availability of the information
 Company information security policies are in place –
 Computers are controlled through security group policies –
 Anti-virus active on all computers –
 Staff been trained on physical and cyber security measures –
 Regular audits done on security status –
 Staff security refresher training done annually