SECTION 21 – OPERATOR AGREEMENT
2.3.2 For the purposes connected with the provision of the services or as specifically otherwise instructed or authorised by the Responsible Party in writing.
3.1.2 Unlawful access to or processing of the Personal Information.
3.2.2 establish and maintain appropriate safeguards against the risks identified;
3.2.3 regularly verify that the safeguards are effectively implemented;
3.2.4 ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards and shall notify the Responsible party of the risks identified and the safeguards established and implemented from time to time.
3.2.5 Reasonable measures include:
3.2.5.1 encryption of all disks, USB or flash memory data storage devices, laptops, tablet or removable device capable of storing Personal Information.
3.2.5.2 taking immediate steps to address identified risks and deficiencies.
3.4 Within five (5) Business Days of a request from the Responsible Party, the Service Provider shall provide to the Responsible Party a written explanation and full details of the appropriate technical and organisational measures taken by or on behalf of the Service Provider to demonstrate and ensure compliance with this clause.
4.1.1 take responsible steps to ensure the reliability of any if its Staff who have access to the Personal Information;
6.1 Upon termination of this Agreement or upon request by the Responsible Party, the Services Provider shall return any material containing, pertaining or relating to the Personal Information disclosed pursuant to this Agreement to the Responsible Party. Alternatively, the Services Provider shall, at the instance of the Responsible Party, destroy or return such material and shall certify to the Responsible Party that it has done so, unless the law prohibits the Service Provider from doing so. In that case, the Service Provider warrants that it will guarantee the confidentially of the Personal Information and will not actively process the Personal Information any further.
POPI (PROTECTION OF PERSONAL INFORMATION)
What is the POPI Act
We respect your right to privacy and therefore aim to ensure that we comply with the legal requirement of the POPI Act which regulates the manner in which we collect, process, store, share and destroy any personal information which you have provided to us.
What information will we collect
- The types of personal information we request of data subjects;
- Employees:
ID numbers
Copy of ID’s
Mobile number
Residential address
Private e-mail addresses
CV’s
Medical Aid details / Investments / RA’sBank details - Clients:
Client Name, Key contacts names, Contact Details
Client Name, Key contacts names, Contract Details, VAT #
Prof1t Servers / VPN Access Details
Client’s Staff Data / Name / E-mail / Contact Details / ID’s / Addresses / Position
Prof1t Login Details - Suppliers:
Name of Supplier
Bank Details
- Employees:
We collect information directly from you where you provide us with your personal details. Where possible, we will inform you what information you are required to provide to us and what information is optional.
Minors
If you are under 18 years of age (minor), we will require the consent of your parent/guardian/competent person before we process such personal information.
Processing of Information
We will share your personal information:
- in order to comply with applicable law or with legal process served on our company;
- in order to protect and defend the rights or property of our company; and
- with employees and/or third parties who assist us in providing services to you and thus require your personal information in order to render a proper and efficient service. We will ensure that all such employees and third party service providers, having access to your personal information, are bound by confidentiality agreements.
Collection of Information by “Cookies”
You are aware that information and data is automatically collected through the standard operation of the Internet servers and through the use of “cookies.” “Cookies” are small text files a website can use to recognise repeat users, facilitate the user’s ongoing access to and use of the website and allow a website to track usage behaviour and compile aggregate data that will allow content improvements and targeted advertising. Cookies are not programs that come onto your system and damage files. Generally, cookies work by assigning a unique number to you that has no meaning outside the assigning site. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature; however, you should note that cookies may be necessary to provide you with certain features (e.g., customized delivery of information) available on our Websites.
Your rights
You have the right at any time to:
- rectify the Personal Information collected by us;
- object to the processing of Personal Information (subject to legislation);
- request the return or destruction of Personal Information (subject to legislation);
- lodge a complaint with the company.
Personal Information processed by us will be routed/transferred to a third country or International organization. The following security measures will apply Company information security policies are in place:
- Computers are controlled through security group policies
- Password protection on all company devices
- Anti-virus active on all computers
- Staff been trained on physical and cyber security measures
- Regular audits done on security status
- POPI Training done with staff
All enquiries must be addressed to the information officer: Mark van Rensburg who can be contacted via email at mark@prof1t.net or via telephone on (083) 4844300.
You can also complain to the Information Regulator if you are unhappy with how we have used your Information.
The Information Regulator (South Africa)
JD House
27 Stiemens Street
Braamfontein
Johannesburg, 2001
Complaints email for POPIA: POPIAComplaints.IR@justice.gov.za
Complaints email for PAIA: PAIAComplaints.IR@justice.gov.za