POPIA Privacy Notice
ISP Solutions respects and protects your privacy.
Our Privacy Notice applies to all persons (both natural and juristic, like companies and close corporations) whose personal information we collect, regardless of form and medium.
This includes our employees, consultants, agents, service providers and delegates.
The Privacy Notice applies to all our services and related websites.
You must read this notice together with any other notices and policies that may apply to you.
This is a general notice that explains:
Who we collect personal information from;
What personal information we collect;
Why we collect your personal information;
How we use your personal information;
What rights you have in relation to your personal information.
This notice also explains:
You can access the information we hold about you and ask for that information to be corrected;
You can make a complaint about the way we have handled your personal information.
The Protection of Personal Information Act, 2013 (POPIA) protects personal information of natural and juristic persons and requires Provincial Treasury to comply with the eight minimum conditions set out in the Act.
Personal information is information or an opinion about an identified person, or an individual who is reasonably identifiable.
Personal information includes special personal information, which is a particular category of personal information. While we recognise that protecting all personal information is important in gaining and maintaining your trust, special personal information is often afforded a higher level of protection.
ISP Solutions may collect personal information from you using state-of-the-art technologies, websites, various digital platforms, manual processes and even physical documentation. Exactly what data we collect will depend on the business function being performed or the services being rendered. Some information may simply be required to enable or enhance general communications whilst other information types may be more sensitive. As a general principle, we do not collect personal information other than what is needed for legitimate business purposes. This may include some or all of the following:
- First and Last Name
- E-Mail Address
- Telephone Numbers
- Driver’s License Details
- Identity Numbers
- Employment details
- Account Numbers
- Date of Birth
- Health Status
- Biometric Data
- Geolocation Data
- Company Registration Records
- Occupational Details
- Security and background references
- Financial and Accounting Records
- Banking Details
ISP Solutions may, at any given time, maintain one or more public facing websites that clients, suppliers and members of the public can access and, in some cases, you can formally register to obtain user credentials to log in during subsequent visits.
We may place small text files called ‘cookies’ on your device when you visit our websites. They do not contain personal information, but they do contain certain identifiers that allow us to associate your personal information with a particular device. Cookies are useful to manage a variety of things like access to content, website functionality and performance, preferences and links to third party content. ISP Solutions website may contain electronic image requests, called web beacons. We use them to access cookies and to count page views. They do not collect any of your personal information and are mostly used to compile anonymous information about our website. Please note that ISP Solutions has no control over other third-party websites, and we cannot control what information they may gather from your online activities.
The use of social media platforms and messaging Applications, commonly used on smartphones and mobile devices, have become commonplace. ISP Solutions do not own or manage these platforms and do not take any responsibility for the information you share during their use. You must carefully consider the privacy policies of each social media platform you, and any minors in your care use. There may be specific rules and acceptable usage guidelines for online behaviour that is specific to each social media platform or for the custom groups you voluntarily subscribe to. Note that you may be held personally accountable for any defamatory, vulgar, racist or abusive posts and for wilfully spreading misinformation.
ISP Solutions staff members, agents and associates may store the contact details of prospects, customers/clients, service providers, suppliers and other relevant individuals to facilitate effective communications. Our staff is trained to handle your personal information with utmost care to make sure it is safe and we endeavor not to share your personal information with any third party. We endeavor to always ask you for your approval to collect the necessary information for the purposes of the call and if any, any additional products or services you may require in order for us to fulfill your requirements.
Whenever we collect personal information directly from you, we strive to obtain explicit consent, however, we also collect information where consent is clearly implied or where we may have obtained your personal information from open, public forums.
Regardless of the manner of collection, we have put mechanisms in place for you to withdraw your consent at any time or find out exactly what personal information we have on record concerning you.
You must accept all the terms of this policy and agree to be bound by all of its terms before you engage with ISP Solutions or access our services.
If you are younger than eighteen (18) years old, you do not have legal capacity to accept these terms or access our services without the formal consent a parent or legal guardian.
In keeping with the principles of lawfulness, fairness and transparency we have listed some of the business activities where you can expect us to collect, store and process personal information. If there are any significant changes to our legitimate use of personal information, this list will be updated:
- To deliver world-class solutions
- To administrate our financial affairs
- To support our clients and customers
- To engage with suppliers and service providers
- To inform you of important service offerings
- To streamline and enhance services
- To comply with legal obligations and regulations
- To pursue good governance
- To engage in lawful marketing activities
Your personal data is stored and processed as physical and/or digital records at our data centres located in South Africa. Where we make use of so-called Cloud Service Providers, your data may be located on systems hosted in a secure off-site data centre.
These data centres may be located within South Africa or in jurisdictions where equal or stricter privacy laws apply. We will keep your personal information only for as long as there is a legal or legitimate business reason to do so. This is called the “retention period” and it may differ significantly, based on the type of data and reason of retention.
Once the formal retention period, as defined in our internal policies and applicable legislation expire, your personal data will be destroyed, using generally accepted industry technologies, norms and standards of good practice. We may retain personal data for service notification purposes until such time that you notify us that you no longer wish to receive this information.
We may share your information with third parties such as service providers, affiliates and subsidiaries should we require specialist services or expertise to fulfil our obligations to you. Subject to due process, and if specifically required to do so by law, we may share your information with authorities.
Circumstances may also arise where ISP Solutions shares your personal information in order to enforce contractual arrangements or where we need to protect the rights, property and safety of others. This includes the exchange of information with organisations for the purpose of fraud protection, security and credit risk reduction.
No organization is immune to the ongoing and increasingly sophisticated cyber-attacks on private and public sector organizations.
ISP Solutions does not provide any specific or implied guarantee that it will never experience a security breach.
However, as a responsible party, ISP Solutions endeavors to implement and maintain a comprehensive portfolio of security controls that are internationally considered to be important and effective in protecting sensitive information. We also have measures in place to inform you, should we believe that a security breach occurred.
You have specific rights under the Protection of Personal Information Act in relation to the data we collect, store and process about you. To act on these rights please contact our Information Privacy Office. Following due process, you can:
- Request access to your personal information
- Request correction of your information
- Request destruction of your personal information
- Object to the processing of your personal information
- Request restrictions on processing your personal information
- Request a transfer of your personal information; or
- Withdraw consent
In the event that you wish to complain about how we have handled your personal data, please contact our Information Privacy Officer at email@example.com. Our information privacy officer will then look into your complaint and work with you to resolve the matter.
If you still feel that your personal data has not been handled appropriately according to the law, you can contact the South African Information Privacy Regulator and file a complaint with them.
Any changes we may make to our Policy will be posted in a prominent place on the ISP Solutions website. If requested to do so, you will be notified by e-mail.
If you do not agree with all the changes, you must stop using the ISP Solutions website as well as any other related goods or services. Continued use of our websites or services, following a formal change notification to this policy, will be deemed as your acceptance of the updated terms and conditions. The Policy will therefore apply to you.