{"id":3,"date":"2024-11-02T11:50:59","date_gmt":"2024-11-02T11:50:59","guid":{"rendered":"https:\/\/enonagribuild.co.za\/?page_id=3"},"modified":"2024-12-10T21:51:24","modified_gmt":"2024-12-10T21:51:24","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/enonagribuild.co.za\/?page_id=3","title":{"rendered":"Privacy Policy"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">Privacy Policy for Enon Agri Build (Pty) Ltd<\/h3>\n\n\n\n<p>Welcome to Enon Agri Build (Pty) Ltd (\u201cwe,\u201d \u201cour,\u201d or \u201cus\u201d). We are committed to protecting your privacy and ensuring that your personal data is handled responsibly. This Privacy Policy explains how we collect, use, and disclose information about you when you visit our website, use our services, or interact with us in other ways. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Information We Collect<\/h3>\n\n\n\n<p>We collect personal information that you provide to us directly when you interact with our website or use our services. This includes information such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Personal Identifiable Information<\/strong>: Name, email address, phone number, and any other details you provide when filling out forms on our website or contacting us directly.<\/li>\n\n\n\n<li><strong>Financial Information<\/strong>: Payment details, billing addresses, and other necessary information for processing transactions related to our training programs and services.<\/li>\n\n\n\n<li><strong>Demographic Information<\/strong>: Helps us understand our audience better, including your location, job title, industry, and interests.<\/li>\n\n\n\n<li><strong>Technical Information<\/strong>: Data about your device and how you access our services, such as IP address, browser type, operating system, and similar data.<\/li>\n\n\n\n<li><strong>Cookies and Similar Technologies<\/strong>: We use cookies and similar tracking technologies to collect information about your interactions with our website, including visited pages, clicked links, and duration of visits. You can manage your cookie preferences through your browser settings.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. How We Use Your Information<\/h3>\n\n\n\n<p>We use the information we collect for the following purposes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>To Provide and Improve Our Services<\/strong>: Deliver requested services, process transactions, and manage your account, including sending service-related communications such as program updates, confirmations, and billing information.<\/li>\n\n\n\n<li><strong>To Communicate with You<\/strong>: Respond to inquiries, provide customer support, and send updates, promotions, and other relevant information related to our services.<\/li>\n\n\n\n<li><strong>To Customize Your Experience<\/strong>: Personalize your experience on our website, recommend relevant content, and improve the quality of our services.<\/li>\n\n\n\n<li><strong>To Comply with Legal Requirements<\/strong>: Adhere to legal obligations, respond to regulatory inquiries, and protect our rights and interests.<\/li>\n\n\n\n<li><strong>To Analyze and Improve Our Services<\/strong>: Evaluate how visitors use our website and services to enhance offerings, develop new programs, and improve user experience.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. Agriseta Accreditation<\/h3>\n\n\n\n<p>Enon Agri Build is accredited by Agriseta, the Agricultural Sector Education and Training Authority responsible for setting standards and promoting education and training within the agricultural sector in South Africa. Agriseta accreditation ensures that our training programs meet the highest industry standards and provides assurance to learners that they are acquiring skills relevant and recognized across the agricultural industry. This accreditation allows us to issue credible and valid certificates, aiding our learners in advancing their careers.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Data Sharing and Disclosure<\/h3>\n\n\n\n<p>We do not sell or rent your personal data to third parties. We may share your information in the following circumstances:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Service Providers<\/strong>: Share information with third-party service providers who assist us in website operation, service delivery, payment processing, and communication management. These providers are contractually obligated to use your information only for services on our behalf.<\/li>\n\n\n\n<li><strong>Legal Requirements<\/strong>: Disclose your information when required by law, regulation, or legal process, such as in response to a court order, subpoena, or government request.<\/li>\n\n\n\n<li><strong>Business Transfers<\/strong>: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.<\/li>\n\n\n\n<li><strong>With Your Consent<\/strong>: Share your information with your consent or as directed.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5. Data Security<\/h3>\n\n\n\n<p>We implement reasonable technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. However, no data transmission over the internet or electronic storage system can be 100% secure. While we strive to protect your information, we cannot guarantee its absolute security.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">6. Your Choices<\/h3>\n\n\n\n<p>You have certain choices regarding your personal data:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Access and Correction<\/strong>: Request access, correction, or deletion of your personal data by contacting us at the provided email.<\/li>\n\n\n\n<li><strong>Opt-Out<\/strong>: Unsubscribe from promotional emails by following the instructions in those emails.<\/li>\n\n\n\n<li><strong>Cookies<\/strong>: Manage cookie preferences through your browser settings. Note that disabling cookies may affect certain website features.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7. Changes to This Privacy Policy<\/h3>\n\n\n\n<p>We may update this Privacy Policy periodically. The revised policy will be posted on our website, with the revised date indicated at the top of the page. We encourage you to review this policy periodically to stay informed about how we protect your information.<\/p>\n\n\n\n<p><strong>8. POPI\u00a0Website Policy<\/strong><\/p>\n\n\n\n<p><strong>Agriseta<\/strong><strong><\/strong><\/p>\n\n\n\n<p><strong>Website(s)\u00a0Privacy\u00a0Terms\u00a0&amp;\u00a0Protection\u00a0of\u00a0Personal\u00a0Information (\u201cPOPI\u201d) Policy<\/strong><\/p>\n\n\n\n<p><strong>Our <\/strong><strong>Website(s):<\/strong><strong> <\/strong>http<a href=\"http:\/\/www.agriseta.co.za\/\"><u>s:\/\/www.agriseta.co.za<\/u><\/a><\/p>\n\n\n\n<p>Our Email Address : <a href=\"mailto:info@agriseta.co.za\"><u>info@agriseta.co.za<\/u><\/a>&nbsp;<a href=\"mailto:agriseta@thecorruptionhotline.com\"><u>agriseta@thecorruptionhotline.com<\/u><\/a><\/p>\n\n\n\n<p>Our&nbsp;Telephone Number : 012 301 5600<\/p>\n\n\n\n<p>24hr Fraud Hotline Number: 0800 869 624 Postal&nbsp;Address : PO Box 23778,<\/p>\n\n\n\n<p>Gezina, 0031,<\/p>\n\n\n\n<p>Last updated:&nbsp;15 July&nbsp;2021<\/p>\n\n\n\n<p>Whereas the Company respects the privacy of all personal data and private information&nbsp;collected,&nbsp;processed&nbsp;and&nbsp;stored.&nbsp;As&nbsp;such,&nbsp;we&nbsp;undertake&nbsp;to&nbsp;handle&nbsp;all personal information received and processed with due care and provide the necessary security to safeguard all information held by us. Our internal system similarly allows us to proactively react should there be a breach of any kind, alternatively our privacy practices and POPI policy dictates that we report any material breach to the Regulator.<\/p>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>1.&nbsp;<\/strong><strong>INTRODUCTION<\/strong><strong><\/strong><\/h1>\n\n\n\n<p>The&nbsp;right&nbsp;to&nbsp;privacy&nbsp;is&nbsp;an&nbsp;integral&nbsp;human&nbsp;right&nbsp;recognised&nbsp;and&nbsp;protected&nbsp;in&nbsp;the&nbsp;South African Constitution and in the Protection of Personal Information Act 4 of 2013 (\u201cPOPI Act\u201d).<\/p>\n\n\n\n<p>The POPI Act aims to promote the protection of privacy through providing guiding principles&nbsp;that&nbsp;are&nbsp;intended&nbsp;to&nbsp;be&nbsp;applied&nbsp;to&nbsp;the&nbsp;processing&nbsp;of&nbsp;personal&nbsp;information&nbsp;in a context-sensitive manner. Through the provision of quality goods and services, the organization is necessarily involved in the collection, use and disclosure of certain aspects of the personal information of clients, customers, employees, and other stakeholders.<\/p>\n\n\n\n<p>A&nbsp;person\u2019s&nbsp;right&nbsp;to&nbsp;privacy&nbsp;entails&nbsp;having&nbsp;control&nbsp;over&nbsp;his&nbsp;or&nbsp;her&nbsp;personal&nbsp;information, being able to conduct her or her affairs relatively free from unwanted intrusions.<\/p>\n\n\n\n<p>Given&nbsp;the&nbsp;importance&nbsp;of&nbsp;privacy,&nbsp;the&nbsp;organisation&nbsp;is&nbsp;committed&nbsp;to&nbsp;effectively managing personal information in accordance with&nbsp;the POPI Act\u2019s provisions.<\/p>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>2.&nbsp;<\/strong><strong>DEFINITIONS<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Personal Information: personal information is any information that can be used to reveal a person\u2019s identity. Personal Information relates to an identifiable, living, natural\u00a0person,\u00a0and\u00a0where\u00a0applicable,\u00a0an\u00a0identifiable,\u00a0existing\u00a0juristic\u00a0person\u00a0(such\u00a0as\u00a0a company), including but not limited to information concerning:<ul><li>Race,\u00a0gender,\u00a0sex,\u00a0pregnancy,\u00a0marital\u00a0status,\u00a0national\u00a0or\u00a0ethnic\u00a0origin,\u00a0colour, sexual orientation, age, physical or mental health, disability, religion, conscience, belief, culture, language and birth of person;<\/li><\/ul><ul><li>Information\u00a0relating\u00a0to\u00a0the\u00a0education\u00a0or\u00a0medical,\u00a0financial,\u00a0criminal\u00a0or employment history of the person;<\/li><\/ul><ul><li>Any identifying number, symbol, email address, physical address, telephone number,\u00a0location\u00a0information,\u00a0online\u00a0identifier\u00a0or\u00a0another\u00a0particular\u00a0assignment\u00a0to\u00a0the person;<\/li><\/ul><ul><li>Biometric information of the person;<\/li><\/ul><ul><li>The personal opinions, views or preferences of the person;<\/li><\/ul><ul><li>Correspondence\u00a0sent\u00a0by\u00a0the\u00a0person\u00a0that\u00a0is\u00a0implicitly\u00a0or\u00a0explicitly\u00a0of\u00a0a\u00a0private\u00a0or confidential nature or further correspondence that would reveal the contents of the original correspondence;<\/li><\/ul><ul><li>The views or opinions of another individual about the person;<\/li><\/ul><ul><li>The\u00a0name\u00a0of\u00a0the\u00a0person\u00a0if\u00a0it\u00a0appears\u00a0with\u00a0other\u00a0personal\u00a0information\u00a0relating\u00a0to the person or if the disclosure of the name itself would reveal information about the person.<\/li><\/ul><ul><li>Data Subject: this refers to the natural or juristic person to whom the personal information\u00a0relates,\u00a0such\u00a0as\u00a0an\u00a0individual\u00a0client,\u00a0customer\u00a0or\u00a0company\u00a0that\u00a0suppliers the organization with products or other goods.<\/li><\/ul><ul><li>Responsible Party: the responsible party is the entity that needs the personal information for a particular reason and determines the purpose of and means for processing\u00a0the\u00a0personal\u00a0information.\u00a0In\u00a0this\u00a0case,\u00a0the\u00a0organization\u00a0is\u00a0the\u00a0responsible party.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Operator: means a person who processes personal information for a responsible party\u00a0in\u00a0terms\u00a0of\u00a0a\u00a0contract\u00a0or\u00a0mandate,\u00a0without\u00a0coming\u00a0under\u00a0the\u00a0direct\u00a0authority\u00a0of<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>that party. For example, a third-party service provider that has contracted with the organization&nbsp;to&nbsp;shred&nbsp;documents&nbsp;containing&nbsp;personal&nbsp;information.&nbsp;When&nbsp;dealing&nbsp;with an operator. It is considered good practice for a responsible party to include an indemnity clause.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Information Officer: the information officer is responsible for ensuring the organization\u2019s compliance with the POPI Act. Where no information officer is appointed, the head of the organization will be responsible for fulfilling the information officer\u2019s duties. Once appointed, the information officer must be registered\u00a0with\u00a0the\u00a0South\u00a0African\u00a0Information\u00a0Regulator\u00a0established\u00a0under\u00a0the\u00a0POPI Act prior to performing his or her duties. Deputy Information Officers can also be appointed to assist the Information Officer.<ul><li>Processing:\u00a0the\u00a0act\u00a0of\u00a0processing\u00a0information\u00a0includes\u00a0any\u00a0activity\u00a0or\u00a0any\u00a0set\u00a0of operations, whether by automatic means, concerning personal information and includes:<ul><li>The\u00a0collection,\u00a0receipt,\u00a0recording,\u00a0organization,\u00a0collation,\u00a0storage,\u00a0updating\u00a0or modification, retrieval, alteration, consultation or use;<\/li><\/ul><ul><li>Dissemination\u00a0by\u00a0means\u00a0of\u00a0transmission,\u00a0distribution\u00a0or\u00a0making\u00a0available\u00a0in\u00a0any other form; or<\/li><\/ul><ul><li>Merging,\u00a0linking,\u00a0as\u00a0well\u00a0as\u00a0any\u00a0restriction,\u00a0degradation,\u00a0erasure\u00a0or\u00a0destruction of information.<\/li><\/ul><\/li><\/ul><ul><li>Record:\u00a0means\u00a0any\u00a0recorded\u00a0information,\u00a0regardless\u00a0of\u00a0form\u00a0or\u00a0medium, including:<ul><li>Writing on any material;<\/li><\/ul><ul><li>Information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software or both, or other device, and any\u00a0material\u00a0subsequently\u00a0derived\u00a0from\u00a0information\u00a0so\u00a0produced,\u00a0recorded\u00a0or\u00a0stored;<\/li><\/ul><ul><li>Label,\u00a0marking\u00a0or\u00a0other\u00a0writing\u00a0which\u00a0identifies\u00a0or\u00a0describes\u00a0anything\u00a0of\u00a0which it forms part, or to which it is attached by any means;<\/li><\/ul><ul><li>Book, map, plan, graph or drawing;<\/li><\/ul><ul><li>Photograph,\u00a0film,\u00a0negative,\u00a0tape\u00a0or\u00a0other\u00a0device\u00a0in\u00a0which\u00a0one\u00a0or\u00a0more\u00a0visual images are embodied so as to be capable, with or without the aid of some other equipment, of being reproduced.<\/li><\/ul><\/li><\/ul><ul><li>Filing System: means any structed set of personal information, whether centralized,\u00a0decentralized\u00a0or\u00a0dispersed\u00a0on\u00a0a\u00a0functional\u00a0or\u00a0geographical\u00a0basis,\u00a0which\u00a0is accessible according to specific criteria.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Unique\u00a0Identifier:\u00a0means\u00a0any\u00a0Identifier\u00a0that\u00a0is\u00a0assigned\u00a0to\u00a0a\u00a0data\u00a0subject\u00a0and\u00a0is used by a responsible party for the purposed of the operations of the responsible party and that uniquely identifies that data subject in relation to that responsible party.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>De-Identify: means to delete any information that identifies a data subject, or which\u00a0can\u00a0be\u00a0used\u00a0by\u00a0a\u00a0reasonably\u00a0foreseeable\u00a0method\u00a0to\u00a0identify,\u00a0or\u00a0when\u00a0linked\u00a0to other information, that identifies the data subject.<ul><li>Re-Identity:\u00a0means\u00a0any\u00a0voluntary,\u00a0specific\u00a0and\u00a0informed\u00a0expression\u00a0of\u00a0will\u00a0in terms of which permission is given for the processing of personal information.<\/li><\/ul><ul><li>Direct\u00a0Marketing:\u00a0means\u00a0to\u00a0approach\u00a0a\u00a0data\u00a0subject,\u00a0either\u00a0in\u00a0person\u00a0or\u00a0by\u00a0mail or electronic communication, for the direct or indirect purpose of:<ul><li>Promoting\u00a0or\u00a0offering\u00a0to\u00a0supply,\u00a0in\u00a0the\u00a0ordinary\u00a0course\u00a0of\u00a0business,\u00a0any\u00a0goods or services to the data subject; or<\/li><\/ul><ul><li>Requesting the data subject to make a donation of any kind for any reason.<\/li><\/ul><\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Biometrics:\u00a0means\u00a0a\u00a0technique\u00a0of\u00a0personal\u00a0identification\u00a0that\u00a0is\u00a0based\u00a0on physical, physiological or behavioural characterization including blood tying, fingerprinting, DNA analysis, retinal scanning and voice recognition.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>3.&nbsp;<\/strong><strong>POLICY <\/strong><strong>PURPOSE<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The\u00a0purpose\u00a0of\u00a0this\u00a0policy\u00a0is\u00a0to\u00a0protect\u00a0the\u00a0organization\u00a0from\u00a0the\u00a0compliance\u00a0risks associated with the POPI Act which includes:<ul><li>Breaches\u00a0of\u00a0confidentiality.\u00a0For\u00a0instance,\u00a0the\u00a0organization\u00a0could\u00a0suffer\u00a0loss\u00a0in revenue where it is found that the personal information of data subjects has been shared or disclosed inappropriately.<\/li><\/ul><ul><li>Failing\u00a0to\u00a0offer\u00a0choice.\u00a0For\u00a0instance,\u00a0all\u00a0data\u00a0subjects\u00a0should\u00a0be\u00a0free\u00a0to\u00a0choose how and for what purpose the organization uses information relating to them.<\/li><\/ul><ul><li>Reputational damage. For instance, the organization could suffer a decline in shareholder\u00a0value\u00a0following\u00a0an\u00a0adverse\u00a0event\u00a0such\u00a0as\u00a0a\u00a0computer\u00a0hacker\u00a0deleting\u00a0the personal information held by an organization.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>This\u00a0policy\u00a0demonstrates\u00a0the\u00a0organization\u2019s\u00a0commitment\u00a0to\u00a0protecting\u00a0the\u00a0privacy rights of data subjects in the following manner:<ul><li>Through\u00a0stating\u00a0desired\u00a0behaviour\u00a0and\u00a0directing\u00a0compliance\u00a0with\u00a0the\u00a0provisions of the POPI Act and best practice.<\/li><\/ul><ul><li>By\u00a0cultivating\u00a0an\u00a0organizational\u00a0culture\u00a0that\u00a0recognizes\u00a0privacy\u00a0as\u00a0a\u00a0valuable human right.<\/li><\/ul><ul><li>By\u00a0developing\u00a0and\u00a0implementing\u00a0internal\u00a0controls\u00a0for\u00a0the\u00a0purpose\u00a0of\u00a0managing the compliance risk associated with the protection of personal information.<\/li><\/ul><ul><li>By creating business practices that will provide reasonable assurance that the rights\u00a0of\u00a0data\u00a0subjects\u00a0are\u00a0protected\u00a0and\u00a0balanced\u00a0with\u00a0the\u00a0legitimate\u00a0business\u00a0needs of the organization.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>By\u00a0assigning\u00a0specific\u00a0duties\u00a0and\u00a0responsibilities\u00a0to\u00a0control\u00a0owners,\u00a0including\u00a0the appointment of an Information Officer and where necessary, Deputy Information officers, to protect the interests of the organization and data subjects.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>4.&nbsp;<\/strong><strong>POLICY <\/strong><strong>APPLICATION<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>This policy and its guiding principles applies to:<ul><li>The organization\u2019s governing body;<\/li><\/ul><ul><li>All\u00a0branches, business units and divisions of the\u00a0organization;<\/li><\/ul><ul><li>All employees and volunteers;<\/li><\/ul><ul><li>All contractors, suppliers and other persons acting on behalf of the organization.<\/li><\/ul><ul><li>The\u00a0policy\u2019s\u00a0guiding\u00a0principles\u00a0find\u00a0application\u00a0in\u00a0all\u00a0situations\u00a0and\u00a0must\u00a0be\u00a0read\u00a0in conjunction with the POPI Act, as well as any other applicable documentation (PAIA Manual).<\/li><\/ul><ul><li>The\u00a0legal\u00a0duty\u00a0to\u00a0comply\u00a0with\u00a0the\u00a0POPI\u00a0Act\u00a0is\u00a0activated\u00a0in\u00a0any\u00a0situation\u00a0where there is: a processing of personal information entered into a record by or for a responsible party who is domiciled in South Africa.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The\u00a0POPI\u00a0Act\u00a0does\u00a0not\u00a0apply\u00a0in\u00a0situations\u00a0where\u00a0the\u00a0processing\u00a0of\u00a0personal information:<ul><li>Is concluded in the course of purely personal or household activities; or<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Where\u00a0the personal information has been de-identified.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>5.&nbsp;<\/strong><strong>RIGHTS OF DATA <\/strong><strong>SUBJECTS<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The right to access of personal information<ul><li>The organization recognizes that a data subject has the right to establish whether\u00a0the\u00a0organization\u00a0holds\u00a0personal\u00a0information\u00a0related\u00a0to\u00a0him\/her\u00a0or\u00a0it\u00a0including the right to request access to that personal information.<\/li><\/ul><ul><li>The Right to have Personal Information Corrected or Deleted (where appropriate),\u00a0the\u00a0organization\u00a0will\u00a0ensure\u00a0that\u00a0its\u00a0clients\u00a0and\u00a0customers\u00a0are\u00a0made aware of the rights conferred upon them as data subjects. The organization will ensure that it gives effect to the following rights:<ul><li>The Right to Object to the Processing of Personal Information<\/li><\/ul><ul><li>The\u00a0Right to Object to Direct Marketing<\/li><\/ul><ul><li>The Right to Complain to the Information Regulator<\/li><\/ul><ul><li>The Right to be Informed<\/li><\/ul><\/li><\/ul><ul><li>The\u00a0data\u00a0subject\u00a0has\u00a0the\u00a0right\u00a0to\u00a0request,\u00a0where\u00a0necessary,\u00a0that\u00a0his,\u00a0her\u00a0or\u00a0its personal information must be corrected or deleted where the organisation is no longer authorised to retain the personal information.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The\u00a0data\u00a0subject\u00a0has\u00a0the\u00a0right,\u00a0on\u00a0reasonable\u00a0grounds,\u00a0to\u00a0object\u00a0to\u00a0the\u00a0processing of his, her or its personal information. In such circumstances, the organization will give due consideration to the request and the requirements of POPIA. The<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>organization&nbsp;may&nbsp;cease&nbsp;to&nbsp;use&nbsp;or&nbsp;disclose&nbsp;the&nbsp;data&nbsp;subject\u2019s&nbsp;personal&nbsp;information&nbsp;and may, subject to any statutory and contractual record keeping requirements, also approve the destruction of the personal information.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The data subject has the right to object to the processing of his, her or its personal\u00a0information\u00a0for\u00a0purposes\u00a0of\u00a0direct\u00a0marketing\u00a0by\u00a0means\u00a0of\u00a0unsolicited electronic communications.<ul><li>The\u00a0data\u00a0subject\u00a0has\u00a0the\u00a0right\u00a0to\u00a0submit\u00a0a\u00a0complaint\u00a0to\u00a0the\u00a0Information\u00a0Regulator regarding an alleged infringement of any of the rights protected under POPIA and to institute civil proceedings regarding the alleged non-compliance with the protection of his, her or its personal information.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The data subject has the right to be notified that his, her or its personal information\u00a0is\u00a0being\u00a0collected\u00a0by\u00a0the\u00a0organisation.\u00a0The\u00a0data\u00a0subject\u00a0also\u00a0has\u00a0the\u00a0right to be notified in any situation where the organization has reasonable grounds to believe that the personal information of the data subject has been accessed or acquired by an unauthorised person.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>6.&nbsp;<\/strong><strong>GENERAL GUIDING <\/strong><strong>PRINCIPLES<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Accountability\n<ul class=\"wp-block-list\">\n<li>All\u00a0employees\u00a0and\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0will\u00a0at\u00a0all\u00a0times be subject to, and act in accordance with, the following guiding principles:<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Processing Limitation<\/li>\n\n\n\n<li>Purpose Specification<\/li>\n\n\n\n<li>Further Processing Limitation<\/li>\n\n\n\n<li>Information Quality<ul><li>Failing to comply with the POPI Act could potentially damage the organisation\u2019s reputation or expose the organisation to a civil claim for damages. The protection of personal information is therefore everybody\u2019s responsibility. The organisation will ensure\u00a0that\u00a0the\u00a0provisions\u00a0of\u00a0POPIA\u00a0and\u00a0the\u00a0guiding\u00a0principles\u00a0outlined\u00a0in\u00a0this\u00a0policy are complied with through the encouragement of desired behaviour.<\/li><\/ul><ul><li>However,\u00a0the\u00a0organisation\u00a0will\u00a0take\u00a0appropriate\u00a0sanctions,\u00a0which\u00a0may\u00a0include: disciplinary action, against those individuals who through their intentional or negligent actions and\/or omissions fail to comply with the principles and responsibilities outlined in this policy.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The\u00a0organisation\u00a0will\u00a0ensure\u00a0that\u00a0personal\u00a0information\u00a0under\u00a0its\u00a0control\u00a0is processed:<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>in&nbsp;a fair, lawful and non-excessive manner;<\/p>\n\n\n\n<p>only&nbsp;with&nbsp;the&nbsp;informed&nbsp;consent&nbsp;of&nbsp;the&nbsp;data&nbsp;subject;&nbsp;and only for a specifically defined purpose.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The organisation will inform the data subject of the reasons for collecting his, her or its personal information and obtain written consent prior to processing personal information. Alternatively, where services or transactions are concluded over the telephone\u00a0or\u00a0electronic\u00a0video\u00a0feed,\u00a0the\u00a0organisation\u00a0will\u00a0maintain\u00a0a\u00a0voice\u00a0recording\u00a0of the stated purpose for collecting the personal information followed by the data subject\u2019s subsequent consent.<ul><li>The organisation will under no circumstances distribute or share personal information between separate legal entities, associated organisations (such as subsidiary companies) or with any individuals that are not directly involved with facilitating the purpose for which the information was originally collected. Where applicable, the data subject must be informed of the possibility that their personal information\u00a0will\u00a0be\u00a0shared\u00a0with\u00a0other\u00a0aspects\u00a0of\u00a0the\u00a0organisation\u2019s\u00a0business\u00a0and\u00a0be provided with the reasons for doing so.<\/li><\/ul><ul><li>All the organisation\u2019s business units and operations must be informed by the principle\u00a0of\u00a0transparency.\u00a0The\u00a0organisation\u00a0will\u00a0process\u00a0personal\u00a0information\u00a0only\u00a0for specific, explicitly defined and legitimate reasons. The organisation will inform data subjects of these reasons prior to collecting or recording the data subject\u2019s personal information.<\/li><\/ul><ul><li>Personal information will not be processed for a secondary purpose unless that processing\u00a0is\u00a0compatible\u00a0with\u00a0the\u00a0original\u00a0purpose.\u00a0Therefore,\u00a0where\u00a0the\u00a0organisation seeks to process personal information it holds for a purpose other than the original purpose\u00a0for\u00a0which\u00a0it\u00a0was\u00a0originally\u00a0collected,\u00a0and\u00a0where\u00a0this\u00a0secondary\u00a0purpose\u00a0is\u00a0not compatible with the original purpose, the organisation will first obtain additional consent from the data subject.<\/li><\/ul><ul><li>The\u00a0organisation\u00a0will\u00a0take\u00a0reasonable\u00a0steps\u00a0to\u00a0ensure\u00a0that\u00a0all\u00a0personal\u00a0information collected is complete, accurate and not misleading. The more important it is that the personal information be accurate (for example, the beneficiary details of a life insurance policy are of the utmost importance), the greater the effort the\u00a0organisation will put into ensuring its accuracy. Where personal information is collected or received from third parties, the organisation will take reasonable steps to confirm that the information is correct by verifying the accuracy of the information directly with the data subject or by way of independent sources.<\/li><\/ul><ul><li>The\u00a0organisation\u00a0will\u00a0take\u00a0reasonable\u00a0steps\u00a0to\u00a0ensure\u00a0that\u00a0data\u00a0subjects\u00a0are notified (are at all times aware) that their personal information is being collected including the purpose for which it is being collected and processed.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The\u00a0organisation\u00a0will\u00a0ensure\u00a0that\u00a0it\u00a0establishes\u00a0and\u00a0maintains\u00a0a\u00a0\u201ccontact\u00a0us\u201d facility, for instance via its website or through an electronic helpdesk, for data subjects who want to:<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>Enquire&nbsp;whether&nbsp;the&nbsp;organisation&nbsp;holds&nbsp;related&nbsp;personal&nbsp;information; Request access to related personal information;<\/p>\n\n\n\n<p>Request&nbsp;the&nbsp;organisation&nbsp;to&nbsp;update&nbsp;or&nbsp;correct&nbsp;related&nbsp;personal&nbsp;information;&nbsp;or Make a complaint concerning the processing of personal information.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open Communication<ul><li>Security Safeguards<ul><li>The\u00a0organisation\u00a0will\u00a0manage\u00a0the\u00a0security\u00a0of\u00a0its\u00a0filing\u00a0system\u00a0to\u00a0ensure\u00a0that personal information is adequately protected.<\/li><\/ul><ul><li>To this end, security controls will be implemented to minimize the risk of loss, unauthorised access, disclosure, interference, modification or destruction. Security measures also need to be applied in a context-sensitive manner. For example,\u00a0the\u00a0more\u00a0sensitive\u00a0the\u00a0personal\u00a0information,\u00a0such\u00a0as\u00a0medical\u00a0information\u00a0or credit card details, the greater the security required.<\/li><\/ul><\/li><\/ul><ul><li>The organisation will continuously review its security controls which will include regular\u00a0testing\u00a0of\u00a0protocols\u00a0and\u00a0measures\u00a0put\u00a0in\u00a0place\u00a0to\u00a0combat\u00a0cyber-attacks\u00a0on\u00a0the organisation\u2019s IT network. The organisation will ensure that all paper and electronic records comprising personal information are securely stored and made accessible\u00a0only to authorised individuals.<\/li><\/ul><ul><li>All new employees will be required to sign employment contracts containing contractual terms for the use and storage of employee information. Confidentiality clauses will also be included to reduce the risk of unauthorised disclosures of personal\u00a0information\u00a0for\u00a0which\u00a0the\u00a0organisation\u00a0is\u00a0responsible.\u00a0All\u00a0existing\u00a0employees will,\u00a0after\u00a0the\u00a0required\u00a0consultation\u00a0process\u00a0has\u00a0been\u00a0followed,\u00a0be\u00a0required\u00a0to\u00a0sign\u00a0an addendum to their employment containing the relevant consent and confidentiality clauses.<\/li><\/ul><ul><li>The\u00a0organisation\u2019s\u00a0operators\u00a0and\u00a0third-party\u00a0service\u00a0providers\u00a0will\u00a0be\u00a0required\u00a0to enter into service level agreements with the organisation where both parties pledge their mutual commitment to POPIA and the lawful processing of any personal information pursuant to the agreement.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Data Subject Participation\n<ul class=\"wp-block-list\">\n<li>A\u00a0data\u00a0subject\u00a0may\u00a0request\u00a0the\u00a0correction\u00a0or\u00a0deletion\u00a0of\u00a0his,\u00a0her\u00a0or\u00a0its\u00a0personal information held by the organisation. The organisation will ensure that it provides a facility for data subjects who want to request the correction of deletion of their personal information. Where applicable, the organisation will include a link to unsubscribe from any of its electronic newsletters or related marketing activities.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>7.&nbsp;<\/strong><strong>COOKIES<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whereas the Company respects the privacy of all personal data and private information collected, processed and stored. As such, we undertake to handle all personal information received and processed with due care and provide the necessary security to safeguard all information held by us. Our internal system similarly allows us to proactively react should there be a breach of any kind, alternatively our privacy practices and POPI policy dictates that we report any material\u00a0breach\u00a0to\u00a0the\u00a0Regulator.\u00a0The\u00a0further\u00a0terms\u00a0of\u00a0the\u00a0Company\u2019s\u00a0cookies\u00a0policy and general terms of compliance are recorded hereunder:<\/li>\n<\/ul>\n\n\n\n<p>Cookies<\/p>\n\n\n\n<p>The&nbsp;Company&nbsp;uses&nbsp;cookies,&nbsp;pixels&nbsp;and&nbsp;other&nbsp;technologies&nbsp;(collectively&nbsp;referred&nbsp;to&nbsp;as \u201ccookies\u201d) to recognize your browser or device, learn more about your company or industry, and provide you with essential features and services, as well as for additional purposes, including:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Recognizing\u00a0you\u00a0when\u00a0you\u00a0sign-up\u00a0to\u00a0use\u00a0our\u00a0services.\u00a0This\u00a0allows\u00a0us\u00a0to\u00a0provide each user or data subject with customized features and services, if applicable.<\/li>\n\n\n\n<li>Conducting\u00a0research\u00a0and\u00a0diagnostics\u00a0to\u00a0improve\u00a0the\u00a0Company\u2019s\u00a0website\u00a0content, products, and services.<\/li>\n\n\n\n<li>Preventing fraudulent activity.<\/li>\n\n\n\n<li>Improving security.<\/li>\n\n\n\n<li>Delivering content, including ads, relevant to your interests.<\/li>\n\n\n\n<li>Reporting. This allows us to measure and\u00a0analyse the performance of our services.<\/li>\n<\/ol>\n\n\n\n<p>You can manage browser cookies through your browser setting. The \u201cHelp\u201d feature on most browsers will tell you how to prevent your browser from accepting new cookies;&nbsp;how&nbsp;to&nbsp;have&nbsp;the&nbsp;browser&nbsp;notify&nbsp;you&nbsp;when&nbsp;you&nbsp;receive&nbsp;a&nbsp;new&nbsp;cookie;&nbsp;how&nbsp;to disable cookies; and when cookies will expire. If you disable all cookies on your browser, the Company, nor any of its third parties, will transfer cookies to your browser. If you do this, however, you may have to manually adjust&nbsp;some preferences every time you visit a site, and some features and services may not work.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The Data We Collect And The Cookies We Use<\/li>\n<\/ul>\n\n\n\n<p>We&nbsp;collect&nbsp;and&nbsp;sends&nbsp;the&nbsp;following&nbsp;data&nbsp;to&nbsp;data&nbsp;processor&nbsp;partners: Analytics cookies<\/p>\n\n\n\n<p>For&nbsp;tracking&nbsp;audience&nbsp;numbers,&nbsp;what&nbsp;advertising&nbsp;is&nbsp;viewed&nbsp;and&nbsp;what&nbsp;the&nbsp;audience does on the site. Does not track what users do on other sites.<\/p>\n\n\n\n<p>Google&nbsp;Ad&nbsp;Manager:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers,&nbsp;internet&nbsp;protocol addresses and device identifiers.<\/p>\n\n\n\n<p>Google&nbsp;Analytics:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;device identifiers; client identifiers. Internet protocol addresses are anonymized.<\/p>\n\n\n\n<p>Google&nbsp;Tag&nbsp;Manager:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet protocol addresses.<\/p>\n\n\n\n<p>Find&nbsp;more information on Google as a data processor by clicking&nbsp;here.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Advertising cookies<\/li>\n<\/ul>\n\n\n\n<p>Adsense tracks users across multiple websites, and while it does not appear on all of our&nbsp;pages,&nbsp;there&nbsp;are&nbsp;some&nbsp;Google&nbsp;Ads&nbsp;delivered&nbsp;on&nbsp;some&nbsp;of&nbsp;our&nbsp;pages.&nbsp;Users&nbsp;can&nbsp;see what data Google has on their advertising interests, and can control all aspects of how Google collect information on them by clicking here.<\/p>\n\n\n\n<p>Google&nbsp;Adsense:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet&nbsp;protocol addresses.<\/p>\n\n\n\n<p>Find&nbsp;more&nbsp;information&nbsp;on&nbsp;Google&nbsp;Adsense&nbsp;as&nbsp;a&nbsp;data&nbsp;processor&nbsp;\u2013&nbsp;how&nbsp;they&nbsp;use information collected from partner websites \u2013 by clicking here<\/p>\n\n\n\n<p>Dianomi:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet&nbsp;protocol addresses.<\/p>\n\n\n\n<p>The&nbsp;Dianomi&nbsp;cookie&nbsp;is&nbsp;used&nbsp;for&nbsp;conversion&nbsp;tracking&nbsp;in&nbsp;online&nbsp;advertising.&nbsp;View their privacy policy here.<\/p>\n\n\n\n<p>Vidoomy:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet&nbsp;protocol addresses.<\/p>\n\n\n\n<p>The&nbsp;Vidoomy&nbsp;cookie&nbsp;is&nbsp;used&nbsp;for&nbsp;Ad&nbsp;Serving,&nbsp;Ad&nbsp;Targeting,&nbsp;Analytics\/Measurement. View their privacy policy here.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Embedded content cookies<\/li>\n<\/ul>\n\n\n\n<p>Twitter:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet&nbsp;protocol addresses.<\/p>\n\n\n\n<p>Twitter is a social messaging and sharing platform. On pages with Twitter widgets, Twitter&nbsp;will&nbsp;set&nbsp;a&nbsp;cookie&nbsp;on&nbsp;your&nbsp;computer.&nbsp;To&nbsp;view&nbsp;all&nbsp;the&nbsp;data&nbsp;Twitter&nbsp;has&nbsp;on&nbsp;your profile, you will have to log into your Twitter account. Your data can be found<\/p>\n\n\n\n<p>by&nbsp;clicking here.&nbsp;Twitter\u2019s privacy policy is available here.<\/p>\n\n\n\n<p>YouTube:&nbsp;Online&nbsp;identifiers,&nbsp;including&nbsp;cookie&nbsp;identifiers&nbsp;and&nbsp;internet&nbsp;protocol addresses.<\/p>\n\n\n\n<p>YouTube&nbsp;is&nbsp;a&nbsp;video&nbsp;publishing&nbsp;platform.&nbsp;On&nbsp;pages&nbsp;with&nbsp;videos&nbsp;embedded&nbsp;at&nbsp;YouTube, YouTube will set a cookie and track user actions such as play or pause. To view YouTube\u2019s privacy policy, click here.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Site cookies<\/li>\n<\/ul>\n\n\n\n<p>Our&nbsp;site&nbsp;cookies&nbsp;are&nbsp;integral&nbsp;to&nbsp;the&nbsp;functioning&nbsp;of&nbsp;our&nbsp;website(s).&nbsp;While&nbsp;you&nbsp;visit&nbsp;our site,&nbsp;we\u2019ll&nbsp;track&nbsp;location,&nbsp;IP&nbsp;address&nbsp;and&nbsp;browser&nbsp;type:&nbsp;we\u2019ll&nbsp;use&nbsp;this&nbsp;for&nbsp;purposes&nbsp;like improving marketing, verification, customer service and system improvements.<\/p>\n\n\n\n<p>They are used to allow users to log in, to order services and\/or pay for the said services.&nbsp;A&nbsp;list&nbsp;of&nbsp;cookies&nbsp;used&nbsp;can&nbsp;be&nbsp;found&nbsp;here.&nbsp;We\u2019ll&nbsp;also&nbsp;use&nbsp;cookies&nbsp;to&nbsp;keep track of orders while you\u2019re browsing our site.<\/p>\n\n\n\n<p>If&nbsp;you&nbsp;create&nbsp;an&nbsp;account,&nbsp;we&nbsp;will&nbsp;store&nbsp;your&nbsp;name,&nbsp;address,&nbsp;email,&nbsp;phone&nbsp;number, registered company details, which will be used to populate your user account.<\/p>\n\n\n\n<p>Disabling&nbsp;Cookies<\/p>\n\n\n\n<p>You can change the preferences of your browser to choose which cookies it must allow&nbsp;access&nbsp;to.&nbsp;These&nbsp;preferences&nbsp;are&nbsp;usually&nbsp;in&nbsp;the&nbsp;menu&nbsp;\u201coptions\u201d&nbsp;or&nbsp;\u201cpreferences\u201d of your browser.<\/p>\n\n\n\n<p>Microsoft&nbsp;Edge:&nbsp;https:\/\/support.microsoft.com\/en-us\/microsoft-edge\/delete- cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09<\/p>\n\n\n\n<p>Firefox:&nbsp;https:\/\/support.mozilla.org\/en-US\/kb\/block-websites-storing-cookies-site- data-firefox<\/p>\n\n\n\n<p>Google&nbsp;Chrome:&nbsp;https:\/\/support.google.com\/chrome\/answer\/95647 Safari:&nbsp;https:\/\/support.apple.com\/en-za\/guide\/safari\/sfri11471\/mac<\/p>\n\n\n\n<p>However,&nbsp;if&nbsp;you&nbsp;change&nbsp;your&nbsp;preferences&nbsp;and&nbsp;block&nbsp;these&nbsp;cookies,&nbsp;some&nbsp;functions&nbsp;of our website will be annulled and you will not be able to make the most of the features from our Website.<\/p>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>8.&nbsp;<\/strong><strong>INFORMATION<\/strong><strong>&nbsp;<\/strong><strong>OFFICER<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The\u00a0organisation\u00a0will\u00a0appoint\u00a0an\u00a0Information\u00a0Officer\u00a0and\u00a0where\u00a0necessary,\u00a0a Deputy\u00a0Information\u00a0Officer\u00a0to\u00a0assist\u00a0the\u00a0Information\u00a0Officer.\u00a0The\u00a0organisation\u2019s Information Officer is responsible for ensuring compliance with POPIA.<ul><li>Where no Information Officer is appointed, the head of the organisation will assume\u00a0the\u00a0role\u00a0of\u00a0the\u00a0Information\u00a0Officer.\u00a0Consideration\u00a0will\u00a0be\u00a0given\u00a0on\u00a0an\u00a0annual basis to the re-appointment or replacement of the Information Officer and the re- appointment or replacement of any Deputy Information Officers.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Once appointed, the organisation will register the Information Officer with the South\u00a0African\u00a0Information\u00a0Regulator\u00a0established\u00a0under\u00a0POPIA\u00a0prior\u00a0to\u00a0performing\u00a0his or her duties.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>9.&nbsp;<\/strong><strong>SPECIFIC DUTIES AND <\/strong><strong>RESPONSIBILITIES<\/strong><strong><\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Governing Body<ul><li>The\u00a0organisation\u00a0appoints\u00a0an\u00a0Information\u00a0Officer,\u00a0and\u00a0where\u00a0necessary,\u00a0a Deputy Information Officer.<\/li><\/ul><ul><li>All\u00a0persons\u00a0responsible\u00a0for\u00a0the\u00a0processing\u00a0of\u00a0personal\u00a0information\u00a0on\u00a0behalf\u00a0of the organisation:<ul><li>are\u00a0appropriately trained and supervised to do so;<\/li><\/ul><ul><li>The organisation\u2019s governing body cannot delegate its accountability and is ultimately\u00a0answerable\u00a0for\u00a0ensuring\u00a0that\u00a0the\u00a0organisation\u00a0meets\u00a0its\u00a0legal\u00a0obligations\u00a0in terms of POPIA.<\/li><\/ul><ul><li>The\u00a0governing\u00a0body\u00a0may\u00a0however\u00a0delegate\u00a0some\u00a0of\u00a0its\u00a0responsibilities\u00a0in terms of POPIA to management or other capable individuals.<\/li><\/ul><\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>The governing body is responsible for ensuring that:\n<ul class=\"wp-block-list\">\n<li>understand\u00a0that\u00a0they\u00a0are\u00a0contractually\u00a0obligated\u00a0to\u00a0protect\u00a0the\u00a0personal information they come into contact with; and<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>are\u00a0aware\u00a0that\u00a0a\u00a0wilful\u00a0or\u00a0negligent\u00a0breach\u00a0of\u00a0this\u00a0policy\u2019s\u00a0processes\u00a0and procedures may lead to disciplinary action being taken against them.<ul><li>Data\u00a0subjects\u00a0who\u00a0want\u00a0to\u00a0make\u00a0enquires\u00a0about\u00a0their\u00a0personal\u00a0information\u00a0are made aware of the procedure that needs to be followed should they wish to do so.<\/li><\/ul><ul><li>The scheduling of a periodic POPI Audit in order to accurately assess and review\u00a0the\u00a0ways\u00a0in\u00a0which\u00a0the\u00a0organisation\u00a0collects,\u00a0holds,\u00a0uses,\u00a0shares,\u00a0discloses, destroys and processes personal information.<\/li><\/ul><ul><li>Information officer<ul><li>Taking\u00a0steps\u00a0to\u00a0ensure\u00a0the\u00a0organisation\u2019s\u00a0reasonable\u00a0compliance\u00a0with\u00a0the provision of POPIA.<\/li><\/ul><ul><li>Keeping the governing body updated about the organisation\u2019s information protection\u00a0responsibilities\u00a0under\u00a0POPIA.\u00a0For\u00a0instance,\u00a0in\u00a0the\u00a0case\u00a0of\u00a0a\u00a0security\u00a0breach, the Information Officer must inform and advise the governing body of their obligations pursuant to POPIA.<\/li><\/ul><ul><li>Continually analysing privacy regulations and aligning them with the organisation\u2019s\u00a0personal\u00a0information\u00a0processing\u00a0procedures.\u00a0This\u00a0will\u00a0include\u00a0reviewing the organisation\u2019s information protection procedures and related policies.<\/li><\/ul><ul><li>Ensuring that POPI Audits are scheduled and conducted on a regular basis.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0the\u00a0organisation\u00a0makes\u00a0it\u00a0convenient\u00a0for\u00a0data\u00a0subjects\u00a0who\u00a0want to update their personal information or submit POPI related complaints to the organisation. For instance, maintaining a \u201ccontact us\u201d facility on the organisation\u2019s website.<\/li><\/ul><ul><li>Approving\u00a0any\u00a0contracts\u00a0entered\u00a0with\u00a0operators,\u00a0employees\u00a0and\u00a0other\u00a0third parties which may have an impact on the personal information held by the organisation. This will include overseeing the amendment of the organisation\u2019s employment contracts and other service level agreements.<\/li><\/ul><ul><li>Encouraging\u00a0compliance\u00a0with\u00a0the\u00a0conditions\u00a0required\u00a0for\u00a0the\u00a0lawful\u00a0processing of personal information.<\/li><\/ul><\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Information Officer responsibility<ul><li>Ensuring\u00a0that\u00a0employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation are fully aware of the risks associated with the processing of personal information and that they remain informed about the organisation\u2019s security controls.<\/li><\/ul><ul><li>Organising\u00a0and\u00a0overseeing\u00a0the\u00a0awareness\u00a0training\u00a0of\u00a0employees\u00a0and\u00a0other individuals involved in the processing of personal information on behalf of the organisation.<\/li><\/ul><ul><li>Addressing employees\u2019 POPIA related questions.<\/li><\/ul><ul><li>Addressing\u00a0all\u00a0POPIA\u00a0related\u00a0requests\u00a0and\u00a0complaints\u00a0made\u00a0by\u00a0the organisation\u2019s data subjects.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Working with the Information Regulator in relation to any ongoing investigations.\u00a0The\u00a0Information\u00a0Officers\u00a0will\u00a0therefore\u00a0act\u00a0as\u00a0the\u00a0contact\u00a0point\u00a0for\u00a0the Information Regulator authority on issues relating to the processing of personal information and will consult with the Information Regulator where appropriate, regarding any other matter.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IT Manager \/ IT Support<ul><li>Ensuring that the organisation\u2019s IT infrastructure, filing systems and any other devices\u00a0used\u00a0for\u00a0processing\u00a0personal\u00a0information\u00a0meet\u00a0acceptable\u00a0security\u00a0standards.<\/li><\/ul><ul><li>Ensuring that all electronically held personal information is kept only on designated\u00a0drives\u00a0and\u00a0servers\u00a0and\u00a0uploaded\u00a0only\u00a0to\u00a0approved\u00a0cloud\u00a0computing services.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0servers\u00a0containing\u00a0personal\u00a0information\u00a0are\u00a0sited\u00a0in\u00a0a\u00a0secure location, away from the general office space.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0all\u00a0electronically\u00a0stored\u00a0personal\u00a0information\u00a0is\u00a0backed-up\u00a0and tested on a regular basis.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0all\u00a0back-ups\u00a0containing\u00a0personal\u00a0information\u00a0are\u00a0protected\u00a0from unauthorised access, accidental deletion and malicious shacking attempts.<\/li><\/ul><ul><li>Ensuring that personal information being transferred electronically is encrypted.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0all\u00a0servers\u00a0and\u00a0computers\u00a0containing\u00a0personal\u00a0information\u00a0are protected by a firewall and the latest security software.<\/li><\/ul><ul><li>Performing\u00a0regular\u00a0IT\u00a0audits\u00a0to\u00a0ensure\u00a0that\u00a0the\u00a0security\u00a0of\u00a0the\u00a0organisation\u2019s hardware and software systems are functioning properly.<\/li><\/ul><ul><li>Performing\u00a0regular\u00a0IT\u00a0audits\u00a0to\u00a0verify\u00a0whether\u00a0electronically\u00a0stored\u00a0personal information has been accessed or acquired by any unauthorised persons.<\/li><\/ul><ul><li>Performing\u00a0a\u00a0proper\u00a0due\u00a0diligence\u00a0review\u00a0prior\u00a0to\u00a0contracting\u00a0with\u00a0operators or any other third-party service providers to process personal information on the organisation\u2019s behalf. For instance, cloud computing services.<\/li><\/ul><ul><li>Marketing\u00a0Manager \/ Team<ul><li>Approving\u00a0and\u00a0maintaining\u00a0the\u00a0protection\u00a0of\u00a0personal\u00a0information\u00a0statements and disclaimers that are displayed on the organisation\u2019s website, including those attached to communications such as emails and electronic newsletters.<\/li><\/ul><ul><li>Addressing\u00a0any\u00a0personal\u00a0information\u00a0protection\u00a0queries\u00a0from\u00a0journalists\u00a0or media outlets such as newspapers.<\/li><\/ul><ul><li>Where\u00a0necessary,\u00a0working\u00a0with\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0to ensure that any outsourced marketing initiatives comply with POPIA.<\/li><\/ul><\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Employees and other persons acting on behalf of the Organisation<ul><li>Employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0will,\u00a0during the course of the performance of their services, gain access to and become acquainted with the personal information of certain clients, suppliers and other employees.<\/li><\/ul><ul><li>Employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0are\u00a0required to treat personal information as a confidential business asset and to respect the privacy of data subjects.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Employees and other persons acting on behalf of the organisation may not directly\u00a0or\u00a0indirectly,\u00a0utilise,\u00a0disclose\u00a0or\u00a0make\u00a0public\u00a0in\u00a0any\u00a0manner\u00a0to\u00a0any\u00a0person\u00a0or third party, either within the organisation or externally, any personal information, unless such information is already publicly known, or the disclosure is necessary in order for the employee or person to perform his or her duties.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Employees and other persons acting\u00a0on behalf of the organisation must request assistance\u00a0from\u00a0their\u00a0line\u00a0manager\u00a0or\u00a0the\u00a0Information\u00a0Officer\u00a0if\u00a0they\u00a0are\u00a0unsure\u00a0about any aspect related to the protection of a data subject\u2019s personal information.<ul><li>Employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0will\u00a0only process personal information where:<ul><li>The\u00a0data\u00a0subject,\u00a0or\u00a0a\u00a0competent\u00a0person\u00a0where\u00a0the\u00a0data\u00a0subject\u00a0is\u00a0a\u00a0child, consents to the processing; or<\/li><\/ul><ul><li>The\u00a0processing\u00a0is\u00a0necessary\u00a0to\u00a0carry\u00a0out\u00a0actions\u00a0for\u00a0the\u00a0conclusion\u00a0or performance of a contract to which the data subject is a party; or<\/li><\/ul><ul><li>The\u00a0processing\u00a0complies\u00a0with\u00a0an\u00a0obligation\u00a0imposed\u00a0by\u00a0law\u00a0on\u00a0the\u00a0responsible party; or<\/li><\/ul><ul><li>The processing protects a legitimate interest of the data subject; or<\/li><\/ul><ul><li>The\u00a0processing\u00a0is\u00a0necessary\u00a0for\u00a0pursuing\u00a0the\u00a0legitimate\u00a0interests\u00a0of\u00a0the organisation or of a third party to whom the information is supplied.<\/li><\/ul><\/li><\/ul><ul><li>Furthermore,\u00a0personal\u00a0information\u00a0will\u00a0only\u00a0be\u00a0processed\u00a0where\u00a0the\u00a0data subject:<ul><li>Clearly\u00a0understands\u00a0why\u00a0and\u00a0for\u00a0what\u00a0purpose\u00a0his,\u00a0her\u00a0or\u00a0its\u00a0personal information is being collected; and<\/li><\/ul><ul><li>Has\u00a0granted\u00a0the\u00a0organisation\u00a0with\u00a0explicit\u00a0written\u00a0or\u00a0verbally\u00a0recorded consent to process his, her or its personal information.<\/li><\/ul><\/li><\/ul><ul><li>Employees and other persons acting on behalf of the organisation will consequently, prior to processing any personal information, obtain a specific and informed\u00a0expression\u00a0of\u00a0will\u00a0from\u00a0the\u00a0data\u00a0subject,\u00a0in\u00a0terms\u00a0of\u00a0which\u00a0permission\u00a0is given for the processing of personal information.<\/li><\/ul><ul><li>Informed consent is therefore when the data subject clearly understands for what\u00a0purpose\u00a0his,\u00a0her\u00a0or\u00a0its\u00a0personal\u00a0information\u00a0is\u00a0needed\u00a0and\u00a0who\u00a0it\u00a0will\u00a0be\u00a0shared with.<\/li><\/ul><ul><li>Consent can be obtained in written form which includes any appropriate electronic medium that is accurately and readily reducible to printed form. Alternatively, the organisation will keep a voice recording of the data subject\u2019s consent\u00a0in\u00a0instances\u00a0where\u00a0transactions\u00a0are\u00a0concluded\u00a0telephonically\u00a0or\u00a0via\u00a0electronic video feed.<\/li><\/ul><ul><li>Consent\u00a0to\u00a0process\u00a0a\u00a0data\u00a0subject\u2019s\u00a0personal\u00a0information\u00a0will\u00a0be\u00a0obtained directly from the data subject, except where:<ul><li>the personal information has been made public;<\/li><\/ul><ul><li>where\u00a0valid consent has been given\u00a0to a third party; or<\/li><\/ul><ul><li>the information is necessary for effective law enforcement.<\/li><\/ul><\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0will\u00a0under no circumstances:<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Process or have access to personal information where such processing or access\u00a0is\u00a0not\u00a0a\u00a0requirement\u00a0to\u00a0perform\u00a0their\u00a0respective\u00a0work-related\u00a0tasks\u00a0or\u00a0duties.<ul><li>Save\u00a0copies\u00a0of\u00a0personal\u00a0information\u00a0directly\u00a0to\u00a0their\u00a0own\u00a0private\u00a0computers, laptops\u00a0or\u00a0other\u00a0mobile\u00a0devices\u00a0like\u00a0tablets\u00a0or\u00a0smart\u00a0phones.\u00a0All\u00a0personal\u00a0information must be accessed and updated from the organisation\u2019s central database or a dedicated server.<\/li><\/ul><ul><li>Share personal information informally. In particular, personal information should never be sent by email, as this form of communication is not secure.\u00a0Where access\u00a0to\u00a0personal\u00a0information\u00a0is\u00a0required,\u00a0this\u00a0may\u00a0be\u00a0requested\u00a0from\u00a0the\u00a0relevant line manager or the Information Officer.<\/li><\/ul><ul><li>Transfer\u00a0personal\u00a0information\u00a0outside\u00a0of\u00a0South\u00a0Africa\u00a0without\u00a0the\u00a0express permission from the Information Officer.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Employees\u00a0and\u00a0other\u00a0persons\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation\u00a0are responsible for:<ul><li>Keeping\u00a0all\u00a0personal\u00a0information\u00a0that\u00a0they\u00a0come\u00a0into\u00a0contact\u00a0with\u00a0secure,\u00a0by taking sensible precautions and following the guidelines outlined within this policy.<\/li><\/ul><ul><li>Ensuring that personal information is held in as few places as is necessary. No\u00a0unnecessary\u00a0additional\u00a0records,\u00a0filing\u00a0systems\u00a0and\u00a0data\u00a0sets\u00a0should\u00a0therefore\u00a0be created.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0personal\u00a0information\u00a0is\u00a0encrypted\u00a0prior\u00a0to\u00a0sending\u00a0or\u00a0sharing the information electronically. The IT Manager will assist employees and where required, other persons acting on behalf of the organisation, with the sending or sharing of personal information to or with authorised external persons.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0all\u00a0computers,\u00a0laptops,\u00a0and\u00a0devices\u00a0such\u00a0as\u00a0tablets,\u00a0flash\u00a0drives and smartphones that store personal information are password protected and never left unattended. Passwords must be changed regularly and may not be shared with unauthorised persons.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0their\u00a0computer\u00a0screens\u00a0and\u00a0other\u00a0devices\u00a0are\u00a0switched\u00a0off\u00a0or locked when not in use or when away from their desks.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0where\u00a0personal\u00a0information\u00a0is\u00a0stored\u00a0on\u00a0removable\u00a0storage medias such as external drives, CDs or DVDs that these are kept locked away securely when not being used.<\/li><\/ul><ul><li>Ensuring\u00a0that\u00a0where\u00a0personal\u00a0information\u00a0is\u00a0stored\u00a0on\u00a0paper,\u00a0that\u00a0such\u00a0hard copy records are kept in a secure place where unauthorised people cannot access it. For instance, in a locked drawer of a filing cabinet.<\/li><\/ul><ul><li>Ensuring that where personal information has been printed out, that the paper\u00a0printouts\u00a0are\u00a0not\u00a0left\u00a0unattended\u00a0where\u00a0unauthorised\u00a0individuals\u00a0could\u00a0see\u00a0or copy them. For instance, close to the printer.<\/li><\/ul><ul><li>Taking\u00a0reasonable\u00a0steps\u00a0to\u00a0ensure\u00a0that\u00a0personal\u00a0information\u00a0is\u00a0kept\u00a0accurate and up to date. For instance, confirming a data subject\u2019s contact details when the client or customer phones or communicates via email. Where a data subject\u2019s information is found to be out of date, authorisation must first be obtained from the relevant line manager or the Information Officer to update the information accordingly.<\/li><\/ul>\n<ul class=\"wp-block-list\">\n<li>Taking\u00a0reasonable\u00a0steps\u00a0to\u00a0ensure\u00a0that\u00a0personal\u00a0information\u00a0is\u00a0stored\u00a0only for as long as it is needed or required in terms of the purpose for which it was<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>originally&nbsp;collected.&nbsp;Where&nbsp;personal&nbsp;information&nbsp;is&nbsp;no&nbsp;longer&nbsp;required,&nbsp;authorisation must first be obtained from the relevant line manager or the Information Officer to delete or dispose of the personal information in the appropriate manner.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Undergoing\u00a0POPI Awareness training from time to time.\n<ul class=\"wp-block-list\">\n<li>Where\u00a0an\u00a0employee,\u00a0or\u00a0a\u00a0person\u00a0acting\u00a0on\u00a0behalf\u00a0of\u00a0the\u00a0organisation,\u00a0becomes aware or suspicious of any security breach such as the unauthorised access, interference, modification, destruction, or the unsanctioned disclosure of personal information, he or she must immediately report this event or suspicion to the Information Officer or the Deputy Information Officer.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>10.&nbsp;<\/strong><strong>POPI <\/strong><strong>AUDIT<\/strong><strong><\/strong><\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li>The organisation\u2019s Information Officer will schedule periodic POPI Audits.\n<ol class=\"wp-block-list\">\n<li>The purpose of the POPI Audit is to:<ol><li>Identify\u00a0the\u00a0processes\u00a0used\u00a0to\u00a0collect,\u00a0record,\u00a0store,\u00a0disseminate\u00a0and\u00a0destroy personal information.<\/li><\/ol><ol><li>Determine\u00a0the\u00a0flow\u00a0of\u00a0personal\u00a0information\u00a0throughout\u00a0the\u00a0organisation.\u00a0For instance, the organisation\u2019s various business units, divisions, branches and other associated organisations.<\/li><\/ol><ol><li>Redefine the purpose for gathering and processing personal information.<\/li><\/ol><ol><li>Ensure that the processing parameters are still adequately limited.<\/li><\/ol><ol><li>Ensure\u00a0that\u00a0new\u00a0data\u00a0subjects\u00a0are\u00a0made\u00a0aware\u00a0of\u00a0the\u00a0processing\u00a0of\u00a0their personal information.<\/li><\/ol><ol><li>Re-establish\u00a0the\u00a0rationale\u00a0for\u00a0any\u00a0further\u00a0processing\u00a0where\u00a0information\u00a0is received via a third party.<\/li><\/ol><ol><li>Verify the quality and security of personal information.<\/li><\/ol><ol><li>Monitor the extend of compliance with POPIA and this policy.<\/li><\/ol><ol><li>Monitor\u00a0the\u00a0effectiveness\u00a0of\u00a0internal\u00a0controls\u00a0established\u00a0to\u00a0manage\u00a0the organisation\u2019s POPI related compliance risk.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>In performing the POPI Audit, Information Officers will liaise with line managers in order to identify areas within in the organisation\u2019s operation that are most vulnerable or susceptible to the unlawful processing of personal information. Information Officers will be permitted direct access to and have demonstrable support\u00a0from\u00a0line\u00a0managers\u00a0and\u00a0the\u00a0organisation\u2019s\u00a0governing\u00a0body\u00a0in\u00a0performing\u00a0their duties.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>11.&nbsp;<\/strong><strong>REQUEST TO ACCES PERSONAL <\/strong><strong>INFORMATION<\/strong><strong><\/strong><\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Data\u00a0subjects have the right to:<ol><li>Request\u00a0what\u00a0personal\u00a0information\u00a0the\u00a0organisation\u00a0holds\u00a0about\u00a0them\u00a0and why.<\/li><\/ol><ol><li>Request access to their personal information.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>Be informed how to keep their personal information up to date.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Access to information requests can be made by email, addressed to the Information\u00a0Officer.\u00a0The\u00a0Information\u00a0Officer\u00a0will\u00a0provide\u00a0the\u00a0data\u00a0subject\u00a0with\u00a0a \u201cPersonal Information Request Form\u201d.<ol><li>Once\u00a0the\u00a0completed\u00a0form\u00a0has\u00a0been\u00a0received,\u00a0the\u00a0Information\u00a0Officer\u00a0will\u00a0verify the identity of the data subject prior to handing over any personal information. All requests will be processed and considered against the organisation\u2019s PAIA Policy.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>The Information Officer will process all requests within a reasonable time.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>12.&nbsp;<\/strong><strong>POPI<\/strong><strong>&nbsp;<\/strong><strong>COMPLAINTS <\/strong><strong>PROCEDURE<\/strong><strong><\/strong><\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Data\u00a0subjects\u00a0have\u00a0the\u00a0right\u00a0to\u00a0complain\u00a0in\u00a0instances\u00a0where\u00a0any\u00a0of\u00a0their\u00a0rights under POPIA have been infringed upon. The organisation takes all complaints very seriously and will address all POPI related complaints in accordance with the following procedure:<ol><li>POPI\u00a0complaints\u00a0must\u00a0be\u00a0submitted\u00a0to\u00a0the\u00a0organisation\u00a0in\u00a0writing.\u00a0Where\u00a0so required, the Information Officer will provide the data subject with a \u201cPOPI Complaint Form\u201d.<\/li><\/ol><ol><li>Where the complaint has been received by any person other than the Information\u00a0Officer,\u00a0that\u00a0person\u00a0will\u00a0ensure\u00a0that\u00a0the\u00a0full\u00a0details\u00a0of\u00a0the\u00a0complaint reach the Information Officer within 1 working day.<\/li><\/ol><ol><li>The\u00a0Information\u00a0Officer\u00a0will\u00a0provide\u00a0the\u00a0complainant\u00a0with\u00a0a\u00a0written acknowledgement of receipt of the complaint within 2 working days.<\/li><\/ol><ol><li>The\u00a0Information\u00a0Officer\u00a0will\u00a0carefully\u00a0consider\u00a0the\u00a0complaint\u00a0and\u00a0address\u00a0the complainant\u2019s concerns in an amicable manner. In considering the complaint, the Information Officer will endeavour to resolve the complaint in a fair manner and in accordance with the principles outlined in POPIA.<\/li><\/ol><ol><li>The\u00a0Information\u00a0Officer\u00a0must\u00a0also\u00a0determine\u00a0whether\u00a0the\u00a0complaint\u00a0relates\u00a0to an error or breach of confidentiality that has occurred and which may have a wider impact on the organisation\u2019s data subjects.<\/li><\/ol><ol><li>Where the Information Officer has reason to believe that the personal information of data subjects has been accessed or acquired by an unauthorised person, the Information Officer will consult with the organisation\u2019s governing body where\u00a0after\u00a0the\u00a0affected\u00a0data\u00a0subjects\u00a0and\u00a0the\u00a0Information\u00a0Regulator\u00a0will\u00a0be\u00a0informed of this breach.<\/li><\/ol><ol><li>The Information Officer will revert to the complainant with a proposed solution\u00a0with\u00a0the\u00a0option\u00a0of\u00a0escalating\u00a0the\u00a0complaint\u00a0to\u00a0the\u00a0organisation\u2019s\u00a0governing body within 7 working days of receipt of the complaint. In all instances, the organisation will provide reasons for any decisions taken and communicate any anticipated deviation from the specified timelines.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>The\u00a0Information\u00a0Officer\u2019s\u00a0response\u00a0to\u00a0the\u00a0data\u00a0subject\u00a0may\u00a0comprise\u00a0any\u00a0of the following:<ol><li>A suggested remedy for the complaint,<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>A dismissal of the complaint and the reasons as to why it was dismissed, or<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<ol class=\"wp-block-list\">\n<li>An\u00a0apology\u00a0(if\u00a0applicable)\u00a0and\u00a0any\u00a0disciplinary\u00a0action\u00a0that\u00a0has\u00a0been\u00a0taken against any employees involved.<ol><li>Where\u00a0the\u00a0data\u00a0subject\u00a0is\u00a0not\u00a0satisfied\u00a0with\u00a0the\u00a0Information\u00a0Officer\u2019s\u00a0suggested remedies, the data subject has the right to complain to the Information Regulator.<\/li><\/ol><ol><li>The Information Officer will review the complaints process to assess the effectiveness\u00a0of\u00a0the\u00a0procedure\u00a0on\u00a0a\u00a0periodic\u00a0basis\u00a0and\u00a0to\u00a0improve\u00a0the\u00a0procedure where it is found wanting.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>The\u00a0reason\u00a0for\u00a0any\u00a0complaints\u00a0will\u00a0also\u00a0be\u00a0reviewed\u00a0to\u00a0ensure\u00a0the\u00a0avoidance\u00a0of occurrences giving rise to POPI related complaints.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<h1 class=\"wp-block-heading has-medium-font-size\"><strong>13.&nbsp;<\/strong><strong>DISCIPLINARY <\/strong><strong>ACTION<\/strong><strong><\/strong><\/h1>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Where a POPI complaint or a POPI infringement investigation has been finalised, the organisation may recommend any appropriate administrative, legal and\/or\u00a0disciplinary\u00a0action\u00a0to\u00a0be\u00a0taken\u00a0against\u00a0any\u00a0employee\u00a0reasonably\u00a0suspected\u00a0of being implicated in any non-compliant activity outlined within this policy.<ol><li>In\u00a0the\u00a0case\u00a0of\u00a0ignorance\u00a0or\u00a0minor\u00a0negligence,\u00a0the\u00a0organisation\u00a0will\u00a0undertake\u00a0to provide further awareness training to the employee.<\/li><\/ol><ol><li>Any gross negligence or the wilful mismanagement of personal information, will be considered a serious form of misconduct for which the organisation may summarily\u00a0dismiss\u00a0the\u00a0employee.\u00a0Disciplinary\u00a0procedures\u00a0will\u00a0commence\u00a0where\u00a0there is sufficient evidence to support an employee\u2019s gross negligence.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>Examples\u00a0of\u00a0immediate\u00a0actions\u00a0that\u00a0may\u00a0be\u00a0taken\u00a0subsequent\u00a0to\u00a0an investigation include:<ol><li>A recommendation to commence with disciplinary action.<\/li><\/ol>\n<ol class=\"wp-block-list\">\n<li>A referral to\u00a0appropriate law enforcement agencies for criminal investigation.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n\n\n\n<p>Recovery&nbsp;of&nbsp;funds&nbsp;and&nbsp;assets&nbsp;in&nbsp;order&nbsp;to&nbsp;limit&nbsp;any&nbsp;prejudice&nbsp;or&nbsp;damages caused.<\/p>\n\n\n\n<p><strong>9<\/strong>. <strong>INFORMATION\u00a0PAIA\u00a0MANUAL OF\u00a0RUBICON GROUP<\/strong><\/p>\n\n\n\n<p>(PAIA MANUAL)<\/p>\n\n\n\n<p><strong>Prepared in accordance with Section 51 of the Promotion of Access to<\/strong><strong>&nbsp;<\/strong><strong>Information<\/strong><strong>&nbsp;<\/strong><strong>Act, No.<\/strong><strong>&nbsp;<\/strong><strong>2 of 2000<\/strong><strong>&nbsp;<\/strong>(Act)<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">8. Contact Us<\/h3>\n\n\n\n<p>If you have any questions about this Privacy Policy or our data practices, please contact us:<\/p>\n\n\n\n<p>Enon Agri Build (Pty) Ltd Email: <a>info@enonagribuild.co.za<\/a><br>Website: <a href=\"https:\/\/enonagribuild.co.za\">https:\/\/enonagribuild.co.za<\/a><\/p>\n\n\n\n<p><strong>9. Agriseta Accreditation Contact Information<\/strong><\/p>\n\n\n\n<p> For more information about Agriseta and their accreditation process, you can visit their official website: <a href=\"https:\/\/www.agriseta.co.za\/\">https:\/\/www.agriseta.co.za<\/a>.<\/p>\n\n\n\n<p>At Enon Agri Build, we are committed to protecting your privacy and ensuring that your personal data is handled with care. By using our services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. We appreciate your trust in us and are dedicated to providing a secure and transparent experience for all our learners and customers.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Privacy Policy for Enon Agri Build (Pty) Ltd Welcome to Enon Agri Build (Pty) Ltd (\u201cwe,\u201d \u201cour,\u201d or \u201cus\u201d). We are committed to protecting your privacy and ensuring that your personal data is handled responsibly. This Privacy Policy explains how we collect, use, and disclose information about you when you visit our website, use our [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":56,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-3","page","type-page","status-publish","has-post-thumbnail","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Privacy Policy - Enon Agri Build<\/title>\n<meta name=\"description\" content=\"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/enonagribuild.co.za\/?page_id=3\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Privacy Policy - Enon Agri Build\" \/>\n<meta property=\"og:description\" content=\"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/enonagribuild.co.za\/?page_id=3\" \/>\n<meta property=\"og:site_name\" content=\"Enon Agri Build\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-10T21:51:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"285\" \/>\n\t<meta property=\"og:image:height\" content=\"177\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"33 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3\",\"url\":\"https:\/\/enonagribuild.co.za\/?page_id=3\",\"name\":\"Privacy Policy - Enon Agri Build\",\"isPartOf\":{\"@id\":\"https:\/\/enonagribuild.co.za\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage\"},\"image\":{\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage\"},\"thumbnailUrl\":\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg\",\"datePublished\":\"2024-11-02T11:50:59+00:00\",\"dateModified\":\"2024-12-10T21:51:24+00:00\",\"description\":\"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.\",\"breadcrumb\":{\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/enonagribuild.co.za\/?page_id=3\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage\",\"url\":\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg\",\"contentUrl\":\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg\",\"width\":285,\"height\":177},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/enonagribuild.co.za\/?page_id=3#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/enonagribuild.co.za\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Privacy Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/enonagribuild.co.za\/#website\",\"url\":\"https:\/\/enonagribuild.co.za\/\",\"name\":\"Enon Agri Build\",\"description\":\"Agricultural Facilitation\",\"publisher\":{\"@id\":\"https:\/\/enonagribuild.co.za\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/enonagribuild.co.za\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/enonagribuild.co.za\/#organization\",\"name\":\"Enon Agri Build\",\"url\":\"https:\/\/enonagribuild.co.za\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/enonagribuild.co.za\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/11\/IMG-20241016-WA0011.jpg\",\"contentUrl\":\"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/11\/IMG-20241016-WA0011.jpg\",\"width\":864,\"height\":1152,\"caption\":\"Enon Agri Build\"},\"image\":{\"@id\":\"https:\/\/enonagribuild.co.za\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Privacy Policy - Enon Agri Build","description":"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/enonagribuild.co.za\/?page_id=3","og_locale":"en_US","og_type":"article","og_title":"Privacy Policy - Enon Agri Build","og_description":"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.","og_url":"https:\/\/enonagribuild.co.za\/?page_id=3","og_site_name":"Enon Agri Build","article_modified_time":"2024-12-10T21:51:24+00:00","og_image":[{"width":285,"height":177,"url":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"33 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/enonagribuild.co.za\/?page_id=3","url":"https:\/\/enonagribuild.co.za\/?page_id=3","name":"Privacy Policy - Enon Agri Build","isPartOf":{"@id":"https:\/\/enonagribuild.co.za\/#website"},"primaryImageOfPage":{"@id":"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage"},"image":{"@id":"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage"},"thumbnailUrl":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg","datePublished":"2024-11-02T11:50:59+00:00","dateModified":"2024-12-10T21:51:24+00:00","description":"Enon Agri Build (Pty) Ltd is dedicated to privacy, offering Agriseta-accredited agricultural training programs and responsible data collection and usage for high-quality services.","breadcrumb":{"@id":"https:\/\/enonagribuild.co.za\/?page_id=3#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/enonagribuild.co.za\/?page_id=3"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/enonagribuild.co.za\/?page_id=3#primaryimage","url":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg","contentUrl":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/12\/download-1-1.jpg","width":285,"height":177},{"@type":"BreadcrumbList","@id":"https:\/\/enonagribuild.co.za\/?page_id=3#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/enonagribuild.co.za\/"},{"@type":"ListItem","position":2,"name":"Privacy Policy"}]},{"@type":"WebSite","@id":"https:\/\/enonagribuild.co.za\/#website","url":"https:\/\/enonagribuild.co.za\/","name":"Enon Agri Build","description":"Agricultural Facilitation","publisher":{"@id":"https:\/\/enonagribuild.co.za\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/enonagribuild.co.za\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/enonagribuild.co.za\/#organization","name":"Enon Agri Build","url":"https:\/\/enonagribuild.co.za\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/enonagribuild.co.za\/#\/schema\/logo\/image\/","url":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/11\/IMG-20241016-WA0011.jpg","contentUrl":"https:\/\/enonagribuild.co.za\/wp-content\/uploads\/2024\/11\/IMG-20241016-WA0011.jpg","width":864,"height":1152,"caption":"Enon Agri Build"},"image":{"@id":"https:\/\/enonagribuild.co.za\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/pages\/3","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3"}],"version-history":[{"count":2,"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/pages\/3\/revisions"}],"predecessor-version":[{"id":131,"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/pages\/3\/revisions\/131"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=\/wp\/v2\/media\/56"}],"wp:attachment":[{"href":"https:\/\/enonagribuild.co.za\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}