PRIVACY NOTICE AND INFORMED CONSENT NOTICE
CONSENT TO PROCESS PERSONAL INFORMATION IN TERMS OF THE PROTECTION OF INFORMATION ACT, 4 OF 2013 (POPIA)
The Protection of Personal Information Act, 4 of 2013 (POPIA) gives effect to the constitutional right to data privacy in terms of Section 14 of the Bill of Rights of the Constitution.
The responsible use of the TDMC website and related resources in respect of data privacy is important to TDMC.
Whilst TDMC is committed to protecting all person’s rights to privacy and who in consequence will ensure that all person’s Personal Information is used appropriately, transparently and according to applicable law, TDMC has to ensure that these rights to privacy are balanced with other rights such as the right to use and have access to TDMC Information and Services including its online and social media platforms and applications.
This Policy sets out the responsibilities and obligations of all persons who make use of, or access or receive TDMC Information and Communications via its electronic communication facilities and resources including its website, email and social media platforms and how all users of these facilities and resources are to ensure that when using these resources that they respect and process another’s Personal Information lawfully and in accordance with the provisions of POPIA and the Personal Information Processing Principles.
- TDMC in order to carry out its aims and objectives, of offering custom e-commerce development and paid performance marketing, will on an ongoing basis receive, provide and process Personal Information.
- In terms of a law known as the Protection of Personal Information Act, 4 of 2013 (POPIA) everyone has the right to privacy, including the right to the lawful collection, retention, dissemination and use of one’s Personal Information.
- In order to give effect to this right, TDMC is under a duty to provide any person whose Personal Information is processed by it, (known as a “Data Subject”) with a number of details pertaining to the use of and subsequent processing of the Data Subject’s Personal Information, before such Personal Information may be used or processed by TDMC.
- In accordance with this requirement, TDMC sets out below
- the reasons why it will have to process a Data Subject’s Personal Information,
- the conditions under which it will receive and use a Data Subjects Personal Information,
- how TDMC will use and handle this Personal Information, as well as
- the conditions under which it will provide its own Personal Information.
- all TDMC’s electronic platforms and facilities, including social media, websites and / or email, whether owned by, established by, used by, hosted by and / or accessed by TDMC, and
- all and any Data Subject(s), who may access and make use of the aforementioned TDMC’s electronic platforms and facilities, including, without detracting from the generality thereof, TDMC employees and staff, consumers and customers, vendors, contractors, service providers and / or other third parties.
- all the Personal Information, which is owned by TDMC, and which is provided to any responsible parties and / or operators as a result of such person accessing or making use of TDMC’s social media and electronic platforms.
- this policy extends to all Personal Information received in any way or form by TDMC
- Accordingly, the relevant data privacy principles relating to the processing of Personal Information, whether that belonging to TDMC or that belonging to a data subject (including, but not limited to, the collection, handling, transfer, sharing, correction, storage, archiving and deletion) will apply without exception, save where POPIA provides for such an exception, to all and any Personal Information provided by TDMC to another or received by TDMC as a result of the use of TDMC’s electronic platforms and or facilities.
- AGREEMENT TO BE BOUND AND CONSENT TO PROCESS
- By accessing or using the TDMC electronic platforms and or facilities including all websites and URL’s, any sites housed under its domain names and / or social media platforms, and / or when sending or receiving emails using TDMC’s email, the Data Subject:
- RECEIPT, USE AND SHARING OF PERSONAL INFORMATION BY TDMC
- TDMC will receive Personal Information pertaining to a Data Subject when the Data Subject submits a query or request via the TDMC electronic platforms or facilities, including via its website, or by way of email, telephone or via social media.
- On receipt of the request or query, TDMC will thereafter use and process the Data Subject’s Personal Information for the purpose of the query and for a variety of related purposes, which will all depend on the query or request, and which without detracting from the generality thereof may include for the purposes of identifying and / or verifying the Data Subject’s details;
- for the purposes of providing information, products and / or services or details in connection therewith or pertaining thereto, that the Data Subject, may have requested.
- for trade application and / or purchasing purposes.
- to enrol the Data Subject as a vendor.
- for employment application purposes.
- for the purpose of concluding an employment relationship with an applicant.
- for the purposes of managing any information pertaining to the Data Subject.
- for further processing or general administration purposes.
- for legal or contractual purposes.
- to help TDMC improve the quality of TDMC products and services.
- to help TDMC detect and prevent fraud and money laundering.
- for the purposes of recovering unpaid monies and / or any other amount due to TDMC
- for the purpose of debt collection.
- for the purposes of research, analytical and statistical purposes.
- for the purpose of carrying out analysis and consumer / customer profiling.
- for the purposes of identifying other products and services which might be of interest to the Data Subjects.
- for the purposes of informing a Data Subject about TDMC products and services.
- In order to correctly handle any request or query, and in order to perform the purposes described above, TDMC may from time to time share a Data Subject’s Personal Information with the following parties:
- TDMC employees, which will only be done on a need-to-know basis.
- TDMC suppliers, which will only be done on a need-to-know basis.
- TDMC’s carefully selected business partners who provide products and services which may be of benefit to a Data Subject which will only be done on a need-to-know basis; and
- TDMC operators such as service providers and agents who perform services on behalf of TDMC which will only be done on a need to know basis and in terms of a TDMC operator agreement.
- TDMC does not share a Data Subject’s Personal Information with any third parties who have not been described above, unless:
- TDMC is legally obliged to provide such information to another for legal or regulatory purposes.
- TDMC is required to do so for purposes of existing or future legal proceedings.
- the onward transmission or sharing of Personal Information is necessary for the pursuance or protection of TDMC’s legitimate interests or that of the Data Subject or a third party.
- TDMC are involved in the prevention of fraud, loss, bribery or corruption and are using another agent or service provider under a mandate to provide such service, and the agent or service provider needs to process the Data Subject’s Personal Information for the purpose of investigating and or preventing any act of fraud, loss, bribery or corruption,
- and under all of the abovementioned circumstances, TDMC will take reasonable measures to ensure that such Personal Information is only provided to the recipient, if such recipient undertakes to keep the Personal Information confidential and secure.
- Where TDMC has to transfer the Data Subject’s Personal Information across the South African borders, it will before it does so, ensure that the recipient thereof agrees to be bound by POPIA under and in terms of a set of binding corporate rules or binding agreements that provide an adequate level of protection and uphold the principles for the reasonable and lawful processing of such Personal Information.
- TDMC on receipt and in response to a query or request received from a Data Subject, referred to under section 5 above, may transmit via its website, or by way of email, telephone or via social media, its own Personal Information, which Personal Information on receipt by the requesting or receiving party, may only be used for the purpose relating to the initiating of the request or query and for no other purpose. Furthermore, the recipient undertakes that it will not use this Personal Information for any other purpose or share this information with any other party, save where it has been given express permission to do so by TDMC.
- Whilst TDMC will make all effort to ensure the integrity and accuracy of a Data Subject’s Personal Information, this may not at all times be possible. Following this, the Data Subject accepts the responsibility for keeping his / her or its Personal Information up to date and undertakes to inform TDMC of any changes to his / her and its Personal Information.
- A Data Subject has a right of access to any Personal Information which TDMC may have and where applicable may ask TDMC to correct any inaccuracies in or to any such Personal Information. Any access request must be done by way of a formal TDMC process, which is accessible on www.tdmc.co.za
- TDMC makes all reasonable effort to keep its social media and electronic platforms including its website secure at all times, however TDMC advises that it cannot guarantee the security of any information provided to TDMC or by TDMC through the TDMC website, e-mail, internet or social media sites. Following this TDMC cannot be held responsible for any loss or unauthorised use or interception of information transmitted via these social media and electronic platforms or sites, including the Internet, which is beyond TDMC’s reasonable control.
- The TDMC website may contain links to other websites outside of TDMC’s control. TDMC is not responsible for the content, privacy or security of these other third party-controlled websites.
- TDMC has placed cookies on its website which makes contact with your / a Data Subject’s device to help make TDMC’s social media and electronic platforms more efficient.
- TDMC makes use of social plugins of social networks such as Facebook, YouTube, LinkedIn, Google+ and Twitter. Please note that TDMC has no influence on or control over the extent of the data retrieved by the social networks’ interfaces and TDMC can accordingly not be held responsible or liable for any processing or use of Personal Information transmitted via these social plugins. For information on purpose and extent of the data retrieval by the social network concerned, and about the rights and settings which are available for you to access for the protection of your private information, please refer to the data protection information provided by the social network in question.
- Note that all TDMC’s social media and electronic platforms including its website and telephone facilities and your use of them will be monitored on a regular basis including the recordal and interception of content placed on or stored on said facilities which is done for security, integrity and quality assessment purposes and by using such electronic platforms and facilities you expressly acknowledge notice of such monitoring and interception and give consent thereto in accordance with the Regulation of Interception of Communications and Provision of Communication-Related Information Act 70 of 2002 (“RICA”),
- Subject to the provisions above, TDMC has implemented the appropriate technical and organisational security measures which are required in order to protect all Personal Information and related data which it holds from and / or against unauthorised access, accidental or wilful manipulation, loss or destruction.
- If a Data Subject provides TDMC with Personal Information on behalf of another, TDMC will not be able to process the query or request unless such query or request is accompanied with the required permission and consent from the owner of that Personal Information.
- If a Data Subject is under the age of 18, such person’s Personal Information will only be processed if the minor’s parent or legal guardian gives the required consent or permission to the processing of the provided Personal Information.
- TDMC reserve the right to and may from time to time update this Privacy Notice. Any such revision will be published as an amended version on the TDMC website.
- Following this, any change to this Policy will be posted as an updated version and readers are advised to visit and re-read this policy on a regular basis.