In this Policy, unless the context clearly indicates a country intention, the following terms shall have the meanings assigned to them in this Policy and POPI –
- “Client” – means any natural person or juristic person, who has enlisted the services rendered by AGLET;
- “Consent” – means any voluntary, specific and informed expression of will in terms of which permission is given for the Processing of Personal Information;
- “Data Subject” – means the person to whom Personal Information relates;
- “Personal Information” – shall have the same meaning as given in terms of section 1 of POPI;
- “POPI” – means the Protection of Personal Information Act, Act 4 of 2013 (as amended from time to time);
- “Processing” – means any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information, including –
- the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
- dissemination by means of transmission, distribution or making available in any form; or
- merging, linking, as well as restricting, degradation, erasure or destruction of information;
and “Process” / “Processes” / “Processed” shall bear a corresponding meaning;
- “Regulator” – means the Information Regulator established in terms of section 39 of
- “Special Personal Information” – means Personal Information as referred to in section 26 of POPI;
- “Third-Party” – means any employee, independent contractor, agent, consultant, sub- contractor, user of AGLET’s Website or any other authorised representative of AGLET;
- “AGLET” – means Aglet Interactive (Pty) Ltd registration number 2014/160289/07; and
- “Website” – means the Website of AGLET with URL www.aglet.co.za
- This Policy regulates the Processing of Personal Information and other confidential information by AGLET and sets forth the requirements with which AGLET undertakes to comply when Processing Personal Information and other confidential information in rendering services to its Clients.
- AGLET is obliged to Process Personal Information in accordance with the provisions of POPI. This Policy declares AGLET’s commitment to comply with POPI when Processing Personal Information and Special Personal Information.
- When a Data Subject or third party engages AGLET, whether it be physically or via any digital, electronic interface such as the Website of AGLET, the Data Subject or third party acknowledge their voluntary acceptance of this Policy. Should the Data Subject or third party express their objection to the Processing of their Personal Information, the Data Subject and / or third party should note that AGLET requires the Data Subject or third party’s acceptance to enable it to effectively fulfil its obligations towards the Data Subject and / or third party and comply with other applicable laws.
- COLLECTING AND PROCESSING OF PERSONAL INFORMATION
- Whenever any Data Subject contacts AGLET electronically or telephonically,
AGLET will in effect be Processing the Data Subjects’ Personal Information.
- It may be that AGLET collects a Data Subject’s Personal Information from other sources. In such an event, AGLET will not be responsible for any loss suffered by the Data Subject, their dependents, beneficiaries, spouse, or employees (as the case may be), since the Data Subject shared their Personal Information with such third party.
- AGLET Processes Personal Information in order to enable it to deliver exceptional services to its Clients, create a legally compliant environment [including, but not limited to, compliance with the Financial Intelligence Centre Act, At 38 of 2001 (“FICA”) requirements], as well as to safeguard such Personal Information.
- AGLET will Process Personal Information for the following purposes:
- to provide or manage any information and services requested by the Data Subject
- to establish the Data Subject’s needs in relation to specific instructions to AGLET;
- to identify the identity of the Data Subject;
- to facilitate the delivery of services to Clients;
- to maintain records of the Data Subject, with specific reference to Client
- to maintain Third-Party records;
- to process applications for employment purposes;
- to send newsletters;
- to comply with FICA;
- to detect and prevent money laundering;
- for general administration purposes;
- for legal and / or contractual purposes;
- to enter into negotiations and / or transact with third parties; and
- to carry out analysis and Client profiling, including but not limited to identifying the full names, identity number, physical and postal addresses, contact numbers and e-mail address of natural persons, and in the case of juristic persons, to identity the registration number, directors, shareholders, physical and postal addresses, contact numbers and e-mail address of such juristic person, its directors and / shareholders.
- In the event that AGLET collects Personal Information, AGLET shall comply with the notification requirements set out in section 18 of POPI and shall further comply with the conditions of Processing Personal Information as set out in POPI.
- AGLET shall not Process the Personal Information of a Data Subject for any other purpose than set out in this Policy unless AGLET is permitted or obliged to do so in terms of any applicable laws.
- AGLET shall further not share a Data Subject’s Personal Information without such
Data Subject’s Consent, provided that in certain circumstances:
- AGLET must share Personal Information with Third-Parties as part of its legal services rendered to its Clients;
- AGLET have to obtain Personal Information regarding Clients and other third parties or entities as part of its legal services rendered to its Clients;
- to release Personal Information when it is appropriate to comply with relevant laws, to enforce AGLET’s engagement package, and to protect the rights, property (including, but not limited to intellectual property), or safety of AGLET and its Clients;
- AGLET may need to transfer Personal Information to another country for
Processing when it is required by virtue of services rendered to the Client; and
- relevant laws allow for the disclosure of Personal Information to law enforcement or other agencies (provided that AGLET will exercise due consideration prior to disclosing such Personal Information);
- When disclosing Personal Information as contemplated in clauses 3.7.1 to 3.7.4 above, AGLET will in all instances provide due notice to the Data Subject of such disclosure.
- Whenever any Data Subject contacts AGLET electronically or telephonically,
- PERSONAL INFORMATION FOR DIRECT MARKETING PURPOSES
- AGLET acknowledges that it may only use Personal Information to contact Data Subjects for purposes of direct marketing if AGLET has complied with the provisions of POPI.
- AGLET will ensure that a reasonable opportunity exists for any and all Data Subjects to object to the use of their Personal Information for marketing purposes when collecting the Personal Information and every time a communication which has a marketing purpose is sent.
- STORAGE AND RETENTION OF PERSONAL INFORMATION
- AGLET will retain Personal Information it has Processed in an electronic and / or hardcopy file format, either through Third-Party service providers or by itself. Should AGLET make use of a Third-Party service provider, it is expressly recorded that AGLET will need to disclose Personal Information to such Third-Party service provider where necessary to ensure that the purpose for which the Personal Information was collected, is achieved. It is further recorded that AGLET will enter into written agreements with such Third-Party service provider to ensure compliance with all applicable laws, with specific reference to POPI.
- Personal Information will be retained by AGLET for as long as necessary to fulfil the purpose for which the Personal Information was collected, taking into consideration that such retention shall be for a minimum period of 3 (three) to 7 (seven) years from the date of last entry as prescribed by applicable laws.
- SAFEGUARDING OF PERSONAL INFORMATION
- AGLET is required to take reasonable measures to adequately protect all Personal Information held by it and to avoid unauthorised access and use of such Personal Information. In order to comply with this requirement, AGLET maintain reasonably industry-standard physical, technological and procedural safeguards to secure the integrity and confidentiality of Personal Information.
- In further compliance with POPI, AGLET will take steps to notify the Regulator and any affected Data Subject of a security breach within a reasonable time after becoming aware of such security breach.
- It must be noted and should be acknowledged that the transmission of Personal Information, whether physical or through the internet (including, but not limited to e-mail) is not completely secure. Therefore, AGLET in no way guarantee that the safeguards implemented is completely secure.
- Any transmission of Personal Information will therefore be at the sole risk of the Data Subject.
- The Data Subject, whether it be a Client or third party, by accepting the terms and conditions of this Policy, indemnify and hold AGLET harmless for any security breaches which may potentially occur in relation to the Data Subject’s Personal Information.
- ACCESS TO PERSONAL INFORMATION
- Should a Data Subject want access to the Personal Information held by AGLET, such Data Subject must make a written request to the Information Officer designated by AGLET from time to time. Such request may be sent to email@example.com
- AGLET will, upon request of a Data Subject (and subject to all applicable laws, including but not limited to the Promotion of Access to Information Act, Act 2 of 2000) provide the Data Subject with his / her / its Personal Information.
- Should a Data Subject request the amendment, correction or destruction of Personal Information, such request may also be sent firstname.lastname@example.org, AGLET will, in terms of all applicable laws, respond to such request within a reasonable time.
- It must be noted that AGLET may charge a prescribed fee to be paid for copies of a Data Subject’s Personal Information.
- COMPLAINTS TO THE INFORMATION REGULATOR
- In the event that any Data Subject or third party is of the view or belief that AGLET has Processed their Personal Information in a manner or for a purpose which is contrary to the provisions of this Policy, the Data Subject should first attempt to resolve such matter directly with AGLET. Should the matter not be resolved, the Data Subject or third party shall have the right to lodge a complaint with the Regulator under the provisions of POPI.
- The contact details of the Regulator are the following:The Information Regulator (South Africa)
Physical Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg,2001 Postal Address: P.O. Box 31533, Braamfontein, Johannesburg, 2017
Complaint e-mail address: complaints.IR@justice.gov.za General Enquiry e-mail address: email@example.com
- AMENDMENTS TO THIS POLICY
- AGLET may amend this Policy from time to time. Amendments will be communicated and will appear on the Website