CUSTOMER PRIVACY NOTICE This Notice explains how we obtain, use and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”). At COR Concepts (and including this website, POPI Act-Compliance) we are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently. About the Company COR Concepts Information Management Consulting cc The information we collect We collect and process your personal information mainly to contact you for the purposes of understanding your requirements, and delivering services accordingly. For this purpose we will collect contact details including your name and organisation. We collect information directly from you where you provide us with your personal details. Where possible, we will inform you what information you are required to provide to us and what information is optional. Website usage information may be collected using “cookies” which allows us to collect standard internet visitor usage information. How we use your information We will use your personal information only for the purposes for which it was collected and agreed with you. In addition, where necessary your information may be retained for legal or research purposes. For example:
Disclosure of information We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act. We may also disclose your information:
Information Security We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure. Our security policies and procedures cover:
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure. We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to. Your Rights: Access to information You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require. We will need a copy of your ID document to confirm your identity before providing details of your personal information. Please note that any such access request may be subject to a payment of a legally allowable fee. Correction of your information You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate. Definition of personal information According to the Act ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person. Further to the POPI Act, COR Concepts also includes the following items as personal information:
How to contact us If you have any queries about this notice; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact us at the numbers/addresses listed on our website. Compliance to the Protection of Personal Information Act (POPIA), also known as the POPI Act, will be mandatory for most organisations in South Africa. As the Information Regulator develops the POPI Regulations further, so the dates and requirements will become clearer. See the latest status from the Information Regulator. This doesn’t mean that organisations should wait until then. The European Union has developed the General Data Protection Regulations (GDPR) and are in the process of implementation. The Information Regulator is likely to follow similar principles and regulations. Until the POPI Act and Regulations are fully in place, following the GDPR will get you moving in the right direction. Whilst the focus of the POPI Act is on compliance, our approach is to implement compliance in such a way that it delivers business value, so that it doesn’t become a cost centre, or overhead, but rather allows for improvements in efficiencies and effectiveness, done in such a way as to meet the compliance requirements. The site contains useful guidance and implementation tools to equip you to be POPI Act compliant. It will evolve over time as the Regulations are published. It will contain information about:
This site is proudly sponsored by COR Concepts, an Information Management company. If you need any further information regarding the POPI Act, and simple steps to compliance, sign-up to our e-mail newsletter. The information published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is up to date and accurate. Please consult with a lawyer for legal advice. During our implementation we can engage with privacy lawyers on your behalf. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages. Join our mailing list to keep up to date with latest POPIA developments.