- Softmet Technology Solutions (Pty) Ltd (t/a SendEasy) (2009/006439/07)
This policy details how we collect, store, protect and use personal information – that is information that can be used to identify an individual or a company (juristic person).
Personal information includes:
- certain information that is collected automatically when you visit our website,
- certain information collected on registration;
- certain information collected on submission; and
- optional information that you provide to us voluntarily.
Additional information captured on the website that does not classify as personal information may also be collected and processed, including but not limited to:
- anonymised information,
- de-identified information that cannot be associated with an individual,
- statistical information,
- information that is public knowledge, which has been publicly and voluntarily disclosed.
1. Lawful Processing of Personal Information
The conditions for the lawful processing of personal information by or for a responsible party are the following, as per the Protection of Personal Information Act of 2013 (POPIA):
b. Processing Limitation
c. Purpose Specification
d. Further Processing Limitation
e. Information Quality
g. Security Safeguards
h. Data Subject Participation
Similarly, the General Data Protection Regulation 2016/679 (GDPR) stipulates the following principles of data protection:
a. Lawfulness, Fairness and Transparency
b. Purpose Limitation
c. Data Minimisation
e. Storage Limitation
f. Integrity and Confidentiality
2. General Provisions
a. This policy applies to all personal information processed by the company and its related entities.
b. The Information Officer / Data Protection Officer shall take responsibility for compliance with this policy.
c. The policy will be reviewed annually.
3. Lawful, fair and transparent processing
a. To ensure its processing of data is lawful, fair and transparent, a Register of Systems and Activities will be maintained.
b. The Register shall be reviewed at least annually.
c. Individuals have the right to access their personal data and any such requests made to us shall be dealt with in a timely manner.
4. Lawful Purposes
a. All data processed must be done on one of the following lawful bases: consent, contract, legal obligation, public task or legitimate interests.
b. We shall note the appropriate lawful basis in the Register of Systems.
c. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
d. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent will be clearly available and systems should be in place to ensure such revocation is reflected accurately.
5. Data minimisation
a. We shall ensure that personal information collected is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
a. We shall take reasonable steps to ensure personal information is accurate.
b. Please update us via online forms, registrations, email or phone should your information need to be corrected or updated.
c. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal information is kept up to date.
7. Archiving / Removal
a. To ensure that personal data is kept for no longer than necessary, archiving policies are in place for each area in which personal data is processed.
b. Archiving policies are reviewed annually.
c. The archiving policy shall consider what data should/must be retained, for how long, and why.
a. We shall ensure that personal information is stored securely using modern software and systems that are kept up-to-date.
b. Access to personal information shall be limited to personnel who need access and appropriate security is in place to avoid unauthorised sharing of information.
c. When personal information is deleted this will be done safely such that the data is irrecoverable.
d. Appropriate back-up and disaster recovery solutions are in place.
e. Vulnerability assessments and hardening are performed on systems where personal information is stored.
a. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the appropriate authorities and subjects as required by law.
b. You may decline the installation of cookies; however, this may degrade your website experience or prevent login.
c. Third party cookies may be in use in order to deliver a service via our website by means of a third-party online service – such as YouTube, JetPack or Google Analytics.
11. Collection of Information
a. We will obtain your consent when collecting personal information for marketing purposes.
b. On completing our contact form, you will no longer be anonymous to us and may provide us with the following information:
i. Name and surname
ii. Contact numbers
iii. Email address
c. On registration as a client, in order for us to provide the services you wish to receive you may provide us with the following information:
i. Names and surnames of representatives
ii. Contact numbers
iv. Email address
v. Company name (Trading and Registered)
vi. Company size
vii. Company registration number
viii. Nature of business
ix. VAT registration number
x. Physical address
xi. Postal address
d. On application for employment, we require that you provide us with the below information:
i. Name and surname
ii. Contact number
v. Email address
vi. Your curriculum vitae, including:
1. Employment history
2. Academic history
3. Hobbies and other volunteered personal information relevant to the employment application process.
vii. Your ID or passport
viii. The position you would like to apply for
ix. Your salary expectation
e. By using our website, we receive and may record details such as:
i. Your IP address
ii. Bounce rate
iii. Page time
iv. Cost per Click
v. Most Visited Pages
vi. Device Information
f. From time to time, we may run promotional campaigns in which additional details are collected. This information would be provided voluntarily by you in order to participate or receive a prize delivery.
12. Purpose of Collection
a. We may process your information for provision of services that you agreed to when providing it to us.
b. We may process your information for billing purposes.
c. We may process your information for ongoing communication during the course of regular business.
d. We may process your information for lawful marketing purposes.
13. Marketing and Targeted Content
14. Sharing of Information
a. We will not sell personal information. No personal information will be disclosed to anyone except as provisioned in this Policy.
b. We may disclose personal information if required by court order or to comply with the law.
c. Information may be shared with approved and contractually appointed third-party service providers. Our contracts dictate that third-party services providers may not use your information for their own benefit or for any services other than those requested by us.
15. Cross Border Transfers
a. Netgen (Pty) Ltd operates internationally, which means your information may be stored and processed outside of the country or region where it was originally collected. In some of these countries, you may have fewer rights in respect of your information than you do in your country of residence.
b. You consent to us processing your personal information in a foreign country where required for completion of our obligations.
c. We take appropriate steps to protect information about you that is collected, processed, and stored as part of our engagement.
a. For any queries relating to our policy, privacy or data handling, please contact us at email@example.com