Definitions:
“We” and “Us” shall mean:
Security Response Group (Pty) Ltd
Registration Number: 2019/552518/07
of 205 Soho on Strand, 128 Strand Street,
De Waterkant, 8001
‘’POPIA’’ shall mean:
Protection of Personal Information Act 4 of 2013
‘’You’’ and “Your” shall mean:
The person to whom personal information relates
‘’Personal’’ Information shall mean:
Personal information as defined in POPIA
Purpose:
We are committed to respecting concerns regarding privacy and will process all personal information in alignment with the prescripts of POPIA and any further prevailing privacy legislation.
All personal information furnished collected and processed by Us regardless of form or medium shall be processed in accordance with the provisions set out hereunder.
Collecting Personal Information:
We endeavour to collect and process information, which has been collected directly from data subjects.
Generally, the processing of Your personal information is necessary for purposes set out below and We will therefore only request information that is relevant and necessary for such processing. Failure to provide this personal information could prevent or cause a delay in the fulfillment of these obligations.
We collect and process the following information:
Data Subject | Types of Information Collected |
Client | Names, identity number, company registration number, VAT registration number, address, contact details. |
Service Providers | Name, company registration number, VAT registration number, contact details, address and bank details. |
Visitors to Website | Name, contact details, email address and information collected via cookies. |
*This policy excludes personal information collected from employees, which shall be subject to a separate agreement.
Legal basis for the processing
We, and service providers We engage, process data subjects’ personal information exclusively for the following purposes:
Consent:
We will process Your personal information where You have expressly consented to the processing thereof. For example:
- in the form of specific consent; or
- if You contact Us using our contact form.
To Comply with Contractual Obligations:
We will carry out administrative activities which includes but is not limited to liaising with data subjects (telephonically or via email) for invoicing, collecting payments and delivery of services or for any other purposes related to the our contractual obligations to the data subject.
To Comply with Legal Obligations:
Personal information is also collected and processed in order to comply with any legal obligation imposed on Us, which includes but is not limited to our duty to monitor and provide notification.
In Pursuit of our legitimate interests or that of any third parties:
We may process Your data where necessary to pursue our legitimate interests or the legitimate interests of third parties. This includes but is not limited to:
- Enforcement of legal claims and defence in legal disputes;
- Prevention and investigation of criminal acts;
- Preservation of IT security and IT operations.
Access to Records
We may disclose Your Personal Information to employees, service providers, business partners and third parties or our business partners who assist Us in delivery of services You and/or where required in the public interest that we do so. Where required, we have agreements in place to ensure that they comply with these privacy terms.
You consent to Us disclosing Your personal information obtained from You with:
- third parties for the purposes listed above;
- other companies or entities requiring access for public safety purposes, but only where You have not objected to such sharing;
- where We have a duty or a right to disclose in terms of law or industry codes;
- where We believe it is necessary to protect Our rights;
- We are legally obliged to provide adequate protection for the personal information We hold and to stop unauthorised access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that Your personal information is secure;
- acceptable usage of personal information;
When We contract third parties, We impose appropriate security, privacy and confidentiality obligations on them to ensure that Personal Information that We remain responsible for, is kept secure.
We will ensure that anyone to whom We pass Your Personal Information agrees to treat Your information with the same level of protection as We are obliged to.
Collection of Information by “Cookies”:
You are aware that information and data is automatically collected through the standard operation of the Internet servers and through the use of “cookies.” “Cookies” are small text files a Website can use to recognise repeat users, facilitate the user’s ongoing access to and use of the Website and allow a Website to track usage behaviour and compile aggregate data that will allow content improvements and targeted advertising. Cookies are not programs that come onto your system and damage files. Generally, cookies work by assigning a unique number to You that has no meaning outside the assigning site. If You do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows You to deny or accept the cookie feature; however, You should note that cookies may be necessary to provide You with certain features (e.g., customized delivery of information) available on our Websites.
Security Safeguards:
We will:
1. treat Your personal information as strictly confidential;
2. take appropriate technical and organisational measures to ensure that Your personal information is kept secure and is protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access;
3. promptly notify You if We become aware of any unauthorised use, disclosure or processing of Your personal information;
4. provide You with reasonable evidence of our compliance with our obligations under this policy on reasonable request; and
5. We will not retain Your personal information longer than the period for which it was originally required, unless We are required by law to do so, or You consent to Us retaining such information for a longer period.
ALTHOUGH WE TAKE THE AFOREMENTIONED PRECAUTIONS IN PROTECTING YOUR PERSONAL INFORMATION, WE SHALL HOWEVER NOT BE LIABLE FOR ANY LOSS OR DAMAGE, HOWSOEVER ARISING, SUFFERED AS A RESULT OF THE DISCLOSURE OF SUCH INFORMATION IF OUTSIDE OUR REASONABLE CONTROL.
Minors:
We do not intentionally collect personal information from minor children. If You are the parent or guardian and believe We are processing said information please contact Us at the address set out below and request the deletion thereof.
Retention of Records
The criteria used to determine the period of storage of personal information is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract.
Transborder Flow of Information:
Personal Information is stored and secured via Microsoft One Drive and as such is routed/transferred to a third country. The aforementioned service provider’s security and privacy policy can be viewed and accessed by via the link below:
https://www.microsoft.com/en-za/trust-center/privacy/data-location#office-KeyMessages-g9awst4
Your rights:
You have the right at any time to:
- access Your personal data by sending a written request to Our Information Officer who’s contact details are set out below.
- request Us to correct or supplement any of Your personal data which We will undertake as soon as practicable.
- request the return or destruction of personal information. We will consider Your request in light of any other laws or regulations prohibiting Us from destroying Your personal data; and
- lodge a complaint with Us.
In order to comply with any request received, We may require proof of identity.
Promotion of Access to Information Act:
In compliance with the provisions of the Promotion of Access to Information 2 of 2000 (PAIA), all requests for access to information must comply with the prescribed procedure set out in our PAIA manual, available via Our website or upon written request to Carla at hr@srgsecurity.co.za
Contact Us:
All enquiries must be addressed to the information officer: Michael Bracale, who can be contacted via email at michael@srgsecurity.co.za or via on (021) 434 4400.
If You are not satisfied with Our response to Your query, You may approach the following regulatory body for further assistance:
THE INFORMATION REGULATOR (SOUTH AFRICA) SITUATE AT: JD HOUSE, 27 STIEMENS STREET, BRAAMFONTEIN, JOHANNESBURG, 2001.
COMPLAINTS: POPIAComplaints@inforegulator.org.za PAIAComplaints@inforegulator.org.za
GENERAL QUERIES: enquiries@inforegulator.org.za