1. POPI Act
For the POPI Act, the Company is deemed to be an organization that engages in all aspects of business. It follows that personal information could be processed in some of the following categories:
- Stakeholders, i.e. shareholders
- Governing bodies, i.e. directors
- Statutory bodies, i.e. SARS
- Public viewers, i.e. websites
- Hostile invaders i.e. hackers
- Newsletter subscribers
A list of the processors, persons privy to the processing is:
- Company owners
- Company administrators
The following general information is collected from the parties above:
- Contact Details
- All labor related information
- All client information relating to accounting, products, services in common
- All vendor information relating to accounting, products, services in common
- Information stakeholders could be interested in
- Information governing bodies could be interested in
- All Statutory information on which the Company is to report / act upon
- Information destined for marketing and sales in future
- Purpose for holding information
The Company vows to protect the information as prescribed by the POPI Act. As far as the Company understands, all personal information is private and attended to according to the POPI Act.
The Company will at all times measure the risk of breach of the POPI Act and actively manage same on a daily basis.
2. What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, phone number and company name on our website. For specifics please refer to point 2.
3. When do we collect which information?
a. When requesting information from Agilocity via the website (Name, Surname, Email id, Company Name, Telephone number, City);
b. When purchasing a product or service on our website (Name, Surname, Email id, Company Name, Telephone number, City, Address);
c. When subscribing to a newsletter (Name, Surname, Email id).
4. How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
-To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested;
-To allow us to better service you in responding to your customer service requests;
-To administer a contest, promotion, survey or other site feature;
-To process your transactions with us;
-To send periodic emails regarding your order or other products and services purchased on our site;
-To send you a monthly newsletter (when you subscribed to the newsletter) regarding our latest thought leadership, current promotions etc.
5. How do we protect visitor information?
We have a valid SSL certificate at all times which safeguards the details being entered on our site from third party attacks. Once entered on our site your data is stored on our web server in South Africa which is protected by password.
We collect cookies in order to compile aggregate data about site traffic and site interactions in order to offer better site experiences. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If you disable cookies, some features will be disabled.
8. Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.
9. Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
10. How does our site handle ‘do not track signals’?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
11. Data Breach
In order to comply with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via email
-Within 7 business days
-We will notify the users via in-site notification
-Within 7 business days
The Company commits to continually uphold that the person responsible for instructing the Information Technology contractors to the Company, is the person responsible for the processing of the information.
The Company addressed all security on all personal information. Personal information is at least secure, but not limited to, in the following areas:
- On end-points;
- Data in transit;
- Data stored in cloud;
- In terms of antivirus, malware, Trojans, worms, phishing employed etc.
All Company officials, employees, vendors and clients are appropriately informed of measures taken to protect personal information and the processing of personal information. Unauthorized persons have no access to personal information and all persons who do have access, have minimum appropriate access to personal information.
Those who hold or process information consent to full surveillance of processing of personal information and consented to personal accountability for such processing. All operators and processors committed to protect personal information and to procure instruction from the responsible party on deemed processing.
The Company procured the commitment of all operators and processors of personal information to employ maximum security and secrecy on all personal information, and to personally assume the responsibility to employ measures to protect personal information on all electronic equipment.
Mobile devices are to be treated like firearms. Devices are always kept on the processor’s person. Neither the device nor any information on the device is ever given to third parties who do not hold the written consent of the data subject. Business data will always be kept separate from personal data – i.e., personal information.
Data is encrypted in order to safeguard data against unauthorized exposure to third parties. Data pertains to non-electronic files, end-point data, data in transit and hosted or cloud data. Least number of security codes are kept by least number of employees. The data specialist appointed by the Company will take into account all risk factors and address same to the satisfaction of the POPI Act. Where possible, the number of data storages is maximized.
The Company has done a risk and impact assessment on all cloud computing and is satisfied that its cloud computing adheres to the requirements of the POPI Act.
All non-electronic personal information is kept safe and rules and regulations are applicable to access of filing facilities and office spaces. Risk is reduced to the minimum on all aspects of processing personal information in that information is held behind the maximum practical guarded physical barriers as the environment allows.
All handlers of physical security acknowledged that they are responsible for compliance and undertake to ensure full compliance to the POPI Act. All personal information will always be kept and attended to in a secure manner. Personal information is only used for the purpose obtained as instructed by the data subject.
To contact us please use the Contact form, or alternatively email us at firstname.lastname@example.org.
Last updated on 29 June 2021.