3.1 “Biometrics” means the measurement and statistical analysis of people’s unique physical and behavioural characteristics. The technology is mainly used for identification and access control;
3.2 “Consent”, means the voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information.
3.3 “Data Subject” shall have the meaning ascribed to it in Chapter 1 of POPI;
3.5 “Personal Information” shall have the meaning ascribed to it in Chapter 1 of POPI;
3.6 “Privacy and Data Protection Conditions” shall mean the statutory prescribed conditions for the lawful Processing of Personal Information which is entered into a Record and such conditions are listed in Section 4(1) of POPI and are dealt with in detail in Part A of Chapter 3 of POPI;
3.7 “Processing” shall have the meaning ascribed to it in Chapter 1 of POPI;
3.8 “POPI” means the Protection of Personal Information Act, No 4 of 2013, as amended from time to time, including any regulations and/or code of conduct made under the Act;
3.9 “Record” shall have the meaning ascribed to it in Chapter 1 of POPI;
3.10 “Special Personal Information” means personal information concerning the religious or philosophical beliefs, race or ethic origin, trade union membership, political persuasion, health or sex life or biometric information of a data subject; or the criminal behaviour of a data subject to the extent that such information relates to- the alleged commission by a data subject of any offence, or any proceedings in respect of any offence allegedly committed by the data subject or the disposal of such proceedings. Special Personal Information may only be processed subject to certain exceptions as set out in POPIA;
3.11 “us”, “our” and/or “we” means ODEK Alliance who renders the Services and/or delivers the Products and/or Software;
3.12 “you” and/or “your” means you the user who applies for and receives Service and/or Products and/or Software from ODEK Alliance;
3.14 Words importing any gender include the other genders, the singular includes the plural (and vice versa) and natural persons include artificial or juristic persons (corporate and unincorporated) (and vice versa).
3.15 The rule of construction that if general words or terms are used in association with specific words or terms which are a species of a particular genus or class, the meaning of the general words or terms shall be restricted to that same class shall not apply, and whenever the word “including” is used followed by specific examples, such examples shall not be interpreted so as to limit the meaning of any word or term to the same genus or class as the examples given.
4.1 Your consent (voluntary, specific and informed) is required to collect and process personal information. An accepted written agreement or online acceptance of terms and conditions together with receipt of the relevant compliance documents constitutes consent. By using our online services, our products and services and/or communicating electronically and/or using non-electronic means of communication, you agree to this policy and consent to the collection, processing and transfer of their information as set out in this policy. We process personal information to provide access to products and/or services and/or software in the ordinary course of business. Examples of personal information collected by us includes, but is not limited to:
4.2 We will further collect, device and browser Information, such as network and connection information (including Internet Service Provider (ISP) and Internet Protocol (IP) addresses), device and browser identifiers and information (including device, application, or browser type, version, plug-in type and version, operating system, user agent, language and time zone settings, and other technical information), advertising identifiers, cookie identifiers and information, and similar data, which are required to perform contractual matters and/or in order to provide you with access to services or attend to queries or to ensure that security safeguards are in place;
4.3 Further, we will collect information and browsing history, such as usage metrics (including usage rates, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs), content interactions (including searches, views, downloads, prints, shares, streams, and display or playback details), and user journey history (including clickstreams and page navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information (such as scrolling, clicks, and mouse-overs, and download errors), advertising interactions (including when and how you interact with marketing and advertising materials, click rates, purchases or next steps you may make after seeing an advertisement, and marketing preferences), and similar data which are required to perform contractual matters and/or in order to provide you with access to services or attend to queries or to ensure that security safeguards are in place.
4.4 Records of consent given by you in the form of written consent, online consent and voice recordings will be kept with the date and time, means of consent and any related information.
4.5 Records of your contact with us and vice versa including notes or recordings of a calls you make to our help desk, emails or letters you send to us or other records of any contact you have with us.
4.7 We will only use personal information for the purpose for which it was collected, for example:
4.8 If required by law, we may disclose information about you to comply with any applicable law, subpoena, order of court or legal process served on us, or to protect and defend our rights or property. Such disclosure may be required to protect you or us from illegal activity or liability or to protect our property or the safety of our employees or others and we may do this without your consent and for any other reason as required from time to time.
4.9 We will not collect or process any unnecessary information.
5.1 If you wish for us to stop processing your Personal Information and/or Special Personal Information, you must expressly inform us. If we cannot process your Personal Information, we may be unable to provide certain services and software to you;
5.2 We shall fully comply with the statutory obligations contained in POPIA, without limiting the generality of the aforesaid, we shall ensure that the privacy and data protection conditions are strictly adhered to when processing your Personal Information;
5.3 We will ensure that all our employees, third party service providers, divisions, affiliates and partners which have access to your Personal Information are bound by confidentiality and non-disclosure obligations in relation to your Personal Information.
5.4 Processing personal information of a minor (under the age of 18 years) is prohibited in terms of POPIA unless one of the following justifications are met –
6.1 We are required to process and make available your personal information to third parties should the law require us to or should it be required to be able to fulfil our obligations to you;
6.2 We will under no circumstances sell or commercialise personal information or data unless consent is obtained. Whereafter the data will be sold or commercialised in the format agreed to by you;
6.3 Upon consent received, we may provide third party service providers and processors access to your personal information. These services providers may include, without limitation: credit card verification providers and banks to process transactions. This is detailed more specifically in our POPIA Compliance Policy;
6.4 We will only be responsible for the privacy of data transmitted over the Internet using our approved applications and transfer protocols and stored in approved data centres and storage devices. We adhere to globally recognised best security practices with regards to protecting a data subjects personal information, despite these preventative measures, we can’t guarantee absolute security. However, if we are aware of any breach, we will notify you within 24 (twenty-four) hours of any breach of security that may have occurred.
7.1 When Personal Information is obtained and processed by us, such personal information is entered into a record;
7.2 We use standard industry practices to safeguard the confidentiality of your personal information. We treat this data as an asset that must be protected against loss and unauthorised access. We employ many different security techniques to protect such data from unauthorised access. We store our electronic and paper documents at our head office in Johannesburg, South Africa or at other secure site/s;
7.3 We may from time to time disclose data to other parties, including holding companies or subsidiaries, third party service providers and processors, cyber service providers, trading partners, agents, auditors, organs of state, regulatory bodies and/or national governmental, provincial, or local government municipal officials, or overseas trading parties or agents, but such disclosure will always be subject to an agreement which will be concluded between us and the party to whom the data is disclosed, which contractually obliges the recipient of the data to comply with strict confidentiality and data security conditions in line with POPIA;
7.4 Where data must be transferred to a country situated outside the borders of South Africa, the data will only be transferred to countries which have similar data privacy laws in place or where the recipient of the data concludes an agreement which contractually obliges the recipient to comply with strict confidentiality and data security conditions and which in particular will be to a no lesser set of standards than those imposed by POPIA;
7.5 In addition to the data stored in point 7.2 above, we may store data in Sharepoint, Outlook, SQL Servers and DropBox which keeps its data primarily in Western Europe, it is understanding that the aforementioned entities store their data in a compliant data centre and each entity is subject to binding laws which provide an adequate level of protection that is in line with POPIA;
7.6 We will keep back-ups of your personal information and data if you consent to the collection and storage of such data.
8.1 You can access and review your personal information held by us. You may contact our Deputy Information Officer on email@example.com. We will try to provide the information you require within a reasonable time.
8.2 We recommend that should your personal information change, provide us with updates as soon as reasonably possible to ensure that you enjoy all the benefits of our applications;
8.3 Upon your request, we will, promptly return or destroy any and all of your personal information in our possession or control, save for personal information that we are legally obliged to retain;
8.4 Should you be required to provide personal information to us, you will provide accurate information;
8.5 You hereby confirm that you won’t impersonate or misrepresent any person or entity.
9.1 The right of access-: You may request that we confirm that we store your information and may request details of how the information is processed. The following procedure is set out in our PAIA Manual which can be requested via email to firstname.lastname@example.org;
9.2 The right to rectification: You may request that we rectify or update incorrect personal information, by requesting same via email to email@example.com;
9.3 The right to removal: Where there is no longer any legal basis or legitimate reason to process your personal information and the FICA retention period has expired, you may request that we return or destroy any and all of your personal information in our possession or control, by requesting same via email to firstname.lastname@example.org;
9.4 The right to object to, restrict further processing and withdraw consent: You may at any point object, restrict or withdraw to the further processing of personal information by requesting same via email to email@example.com.
10.1 An accepted written agreement or online acceptance of terms and conditions together with receipt of the relevant compliance documents constitutes consent. By using our online services, our products and services and/or communicating electronically and/or using non-electronic means of communication:
11.1 The principles of our POPIA Compliance Policy are:
11.3 All complaints will be treated in a confidential manner;
11.4 Information Officers:
Information Officer: Karien Greeff
Date of appointment: 11 June 2021
Email Address: firstname.lastname@example.org
**This person has the required authority to manage and attend to all information related matters**
Information Officer: Leopold Johann Malan
Date of appointment: 11 June 2021
Email Address: email@example.com
**This person has the required authority to manage and attend to all information related matters**
These persons take full responsibility for the implementation of the POPIA Compliance Policy within the ODEK Alliance.
Should you feel unsatisfied with the handling of their data, or about any complaint already made to ODEK, the complaint may then be escalated to the Information
Regulator as follows:
Information Regulator of South Africa
Physical Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
P.O Box 31533 Braamfontein, Johannesburg