Respecting and protecting your privacy and Personal Information (refer to the definition of Personal Information at the end of this policy statement) is very important to Coffee Cat Digital Blends. It is also a Constitutional right and good business practice requirement which we take very seriously.
In line with the 8 Conditions for Lawful Procession of Personal Information as set out in the Protection of Personal Information Act no 4 of 2013 (the Act), we:
- Accept joint responsibility and accountability with you to responsibly manage and protect your Personal Information when providing our services to you;
- Undertake to collect and process only such Personal Information which is necessary given the purpose for which it is processed and to assist you with your required services, conclude the necessarily related agreements and consider the legitimate legal interests of everyone concerned, as required by the Act.We will at all times respect your right to withdraw your consent for the processing of your Personal Information;
- Undertake to only use your Personal Information for the purpose for which the information is essential to enable us to assist you or provide services to you;
- Undertake not to share or further process your Personal Information with anyone or for any reason if not required for assisting you with your services or as required in terms of legislation or regulations;
- Undertake to take reasonably practicable steps to ensure that information is complete, accurate, not misleading and, where necessary, is updated;
- Undertake to be open and transparent on the nature, extent, and reasons for processing Personal Information;
- Undertake to safeguard and protect your Personal Information in our possession;
- Undertake to freely confirm what Personal Information we hold of you, to update and rectify the Personal Information upon request and to keep it for no longer than required.
By providing us with your Personal Information, you agree to this Policy and authorise us to process such information as set out herein and you authorise Coffee Cat Digital Blends and associated entities or third parties (where applicable) for the purposes set out herein.
We will not use your Personal Information for any other purpose than that set out in this Policy and we will take the necessary steps to secure the integrity and confidentiality of Personal Information in our possession and under our control by taking appropriate and reasonable measures to prevent loss of, damage to or unauthorised destruction of your Personal Information and to prevent the unlawful access to or processing of Personal Information.
- REASONS FOR PROCESSING PERSONAL INFORMATION
We, or the entities who provide or assist with the services you required (if any), need to collect, use and keep your Personal Information as prescribed by relevant legislation and regulations and for reasons such as:
- To provide all relevant services in accordance with your mandate to us as set out in the engagement letter and to maintain our relationship;
- To respond to your queries;
- To confirm and verify your identity or to verify that you are an authorised user for security purposes;
- To comply with all legislative or regulatory requirements related to services provided to you by us;
- To satisfy any requirement by a professional body or network to which we are a member;
- To fulfil our contractual obligations to you, for example, to ensure that invoices are issued correctly, to communicate with you and to carry out instructions and requests, and for providing you with email newsletters and updates to which you have subscribed;
- For any other operational purposes required to assist you with the solutions you require;
- In connection with possible requirements by the Information Regulator or other Government agencies allowed by law, legal proceedings, or court rulings.
- BUSINESS ACTIVITIES FOR WHICH PERSONAL INFORMATION IS PROCESSED
- Providing Professional Services as per client mandate;
- Administering, managing, and developing our businesses and services;
- Communicating regarding newsletters, events, and reminders as agreed with the user e.g. via WhatsApp or e-mail;
- Complying with any requirement of law, regulation, or a professional body of which we are a member.
- SHARING OR TRANSFER OF PERSONAL INFORMATION
- In general, we do not share your Personal Information with third parties (other than service providers acting on our behalf) unless we have a lawful basis for doing so.
- THIRD-PARTY PROVIDERS/OPERATORS – We may need to share your Personal Information and/or utilise software or online platforms to enter and process your information for business management purposes e.g. Mail Chimp. This will only be done in strict adherence to the requirements of the Act. We also have agreements in place to ensure that they comply with the privacy requirements as required by the Act.
We may also disclose your information:
- Where we have a duty or a right to disclose in terms of legislation, regulations, or industry codes;
- Where we believe it is necessary to protect our rights; when explicitly requested by you;
- With professional advisers, for example, law firms, as necessary to establish, exercise, or defend our legal rights and obtain advice in connection with the running of our business.
- Personal Information may be shared with these advisers as necessary in connection with the services they have been engaged to provide.
- To law enforcement, regulatory and other government agencies, and to professional bodies, as required by and/or in accordance with applicable law or regulation. Coffee Cat Digital Blends may also review and use your personal information to determine whether disclosure is required or permitted.
- INFORMATION SECURITY
We are legally obliged to provide adequate protection for the Personal Information we hold and to stop unauthorised access and use thereof. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your Personal Information remains secure. Generally accepted standards of technology and operational security have been implemented to protect information from loss, misuse, alteration, or destruction. When we contract with third parties, we impose appropriate security, privacy, and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.
- RETENTION OF PERSONAL INFORMATION
We shall only retain and store Personal Information for the period for which the data is required to serve its primary purpose or legitimate interest or for the period required to comply with any applicable legal requirement, whichever is longer.
- YOUR RIGHTS: ACCESS TO INFORMATION
You have the right to request a copy of the Personal Information we hold about you. To do this, simply contact us via the numbers/addresses provided below or on our website and specify what information you require. We might need proof of authorisation or a copy of your ID document to confirm your identity before providing details of your personal information. Please note that any such access request may be subject to a payment of a legally allowable fee e.g. in the case of archived files.
- AMENDMENTS TO YOUR INFORMATION
You have the right to ask us to update, correct or delete your personal information. We may require proof of identity and/or authority before making changes to personal information we may hold of you. We would appreciate it if you would keep your personal information accurate and up to date.
- HOW TO CONTACT US
If you have any queries about this notice, you need further information about our privacy practices, wish to withdraw consent, exercise preferences, or access or correct your personal information, please contact us at email@example.com or the numbers/addresses listed on our website. Any additional information or concerns can be found and raised with the Information Regulator, who can be contacted as shared below, but please feel free to contact us first to discuss any questions or concerns you may have: Website: https://www.justice.gov.za/inforeg/ Tel: 012 406 4818 Email: firstname.lastname@example.org
Personal Information is defined by the Protection of Personal Information Act (the Act) as:
“information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to—
- information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
- information relating to the education or the medical, financial, criminal or employment history of the person;
- any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
- the biometric information of the person;
- the personal opinions, views or preferences of the person;
- correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
- the views or opinions of another individual about the person; and (h) the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person”.