POPI POLICY

 

Electrosonic SA is committed to comply with the Protection of Personal Information Act 4 of 2013 in relation to the processing of your personal information. Protecting your privacy and our clients is very important to us. In this policy we will describe how and why we collect, store, share or otherwise process personal information for employees and our clients. It also explains your rights in relation to your personal information and how to contact us if you have any questions or a complaint.

Definitions

“we”, “us” or “our” means ELECTROSONIC SA

“Personal information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:

• information relating to the race, gender, sex, pregnancy, marital status, national, ethnic, or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
• information relating to the education or the medical, financial, criminal or employment history of the person;
• any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier, or other particular assignment to the person;
• the biometric information of the person;
• the personal opinions, views or preferences of the person;
• correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
• the views or opinions of another individual about the person; and
• the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person;

“POPIA” means the Protection of Personal Information Act 4 of 2013, as amended from time to time;

“Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including:

• the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use
• dissemination by means of transmission, distribution or making available in any other form; or
• merging, linking, as well as restriction, degradation, erasure, or destruction of information.

1.  THE PERSONAL INFORMATION WE MAY COLLECT

1.1  We may collect and process the following personal information about you:

• Your name and contact information, including your email address, telephone number, physical address, postal address and other location information, erf number;
• Your date of birth, age, gender, race, nationality, title and language preferences;
• Your identity number, passport number and photograph;
• Your vehicle registration number, vehicle licence and driving licence;
• Your biometric information, including but not limited to, if applicable, that information obtained from your fingerprints, hands, facial recognition and/or retinal scanning;
• Your verified banking details;
• Your employment details;
• Correspondence from you of a private or confidential nature;
• such other personal information as is reasonably required by us to engage with you and/or provide services or employment to

2.   HOW YOUR PERSONAL INFORMATION IS COLLECTED

2.1  We may collect or obtain personal information about you: directly from you;

• during the course of our interactions with you;
• when you visit the company;
• when you visit and/or interact with our website or any other social media platforms or IT services;
• from publicly available sources; and
• from a third party who is authorised to share that information;

3.  HOW AND WHY, WE PROCESS YOUR PERSONAL INFORMATION                                  

3.1   The personal information we may collect and why and how we use it depends on our relationship with
3.2   POPIA requires that personal information “is collected for a specific, explicitly defined and lawful purpose related to a function or activity of the responsible ”
3.3   Further, POPIA provides that personal information may only be processed if:

• the data subject or a competent person where the data subject is a child consents to the processing;
• processing is necessary to carry out actions for the conclusion or performance of a contract to which the data subject is party;
• processing complies with an obligation imposed by law on the responsible party;
• processing protects a legitimate interest of the data subject;
• processing is necessary for the proper performance of a public law duty by a public body; or
• processing is necessary for pursuing the legitimate interests of the responsible party or of a third party to whom the information is supplied.

3.4   The table at Annexure A hereto sets out a list of the types of information we collect and explains why we collect and use it
3.5   We may collect other personal information from time to time where you provide it to us, as necessary for our business requirements, or in order to comply with applicable
3.6   Where it is lawful and practicable for us to allow it, you have the right not to identify yourself when dealing with However, if you don’t provide us with your personal information, it may impact our ability to engage with you and/or provide services to you.

4.  WHO WE SHARE YOUR PERSONAL INFORMATION WITH

4.1  Depending on the circumstances, we may disclose your personal information to the following categories of persons:

• Auditors, legal and other professional advisers and consultants of the Electrosonic SA or other third parties who help us deliver our services
• Information Technology and other service providers who help us run the company or otherwise manage or store the personal information;
• Government and law enforcement authorities;
• Financial institutions;
• Other third parties where disclosure is required by law or otherwise required for us to perform our obligations and provide our services; and
• To any other person with your consent to the disclosure.

4.2   We take reasonable steps to protect the confidentiality and security of your personal information when it is disclosed to a third party and seek to ensure the third-party deals with your information in accordance with our instructions, applicable privacy laws, and only for the purpose for which it is 

5.   DATA SECURITY                                                                                                                                .

5.1   We may hold your personal information in electronic or in hard copy We may keep this information at our own premises.
5.2   We are committed to keeping your personal information safe
5.3   We use a range of physical, electronic, and procedural safeguards to do We update these safeguards from time to time in order to address new and emerging security threats. We also train our people on privacy matters as appropriate and seek to limit access to personal information to those of our people who need to know that information.
5.4   We implement appropriate security measures to protect your personal information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable
5.5   Where there are reasonable grounds to believe that your personal information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the relevant regulator and you, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs us that notifying you will impede a criminal

 6.  HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT                                                     

6.1  We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service) or to comply with applicable legal, tax or accounting
6.2  We shall only retain and store your personal information for the period for which the information is required to serve the purpose for its collection, or a legitimate interest or the period required to comply with applicable legal requirements, whichever is

7.   INTERNATIONAL TRANSFER  OF PERSONAL INFORMATION                                                           

7.1  In some cases, the third parties to whom we may disclose your personal information may be located outside your country of residence (for example, in a cloud service, system or server), and may be subject to  different privacy
7.2  When we disclose personal information overseas, we will take appropriate safeguards to protect your personal information to ensure that the recipient will handle the information in a manner consistent with this policy and the level of protection provided for in

8.   YOUR RIGHTS

8.1  You have the right to:

• ask what personal information we hold about you;
• request access to the personal information that we hold about you;
• ask us to  update,  correct  or  delete  any  out-of-date  or  incorrect  personal information we hold about you;
• unsubscribe from any direct marketing communications we may send you; or
• object to the processing of your personal information.

8.2  If you wish to exercise any of these rights or you have any queries regarding the personal information that we hold about you, you can contact us at the details provided
8.3  To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity.
8.4  If you want us to delete all personal information, we have about you, we may need to terminate the agreements we have with We can refuse to delete your information if we are required by law to retain it or if we need it to protect our rights.

9.  HOW TO CONTACT US                                                       

9.1   If you have a question, concern, or complaint regarding the way in which we handle your personal information, or if you believe that we have failed to comply with this policy or breached any applicable laws in relation to the management of that information, you can make a complaint.
9.2   Any question, concern or complaint or if you wish to make a request to access your personal information in terms of Section 23 of POPIA, should be made in writing to Electrosonic SA’s information officer: