JUMPCO CONSULTING (PTY) LTD PRIVACY NOTICE
During your interactions with JumpCo Consulting (Pty) Ltd (“us”), it may happen that we need to gather some information from you which may constitute personal information for purposes of the Protection of Personal Information Act 4 of 2013 (“POPIA”) and that we need to process such information, which may include accessing it, storing it and possibly sharing it with third parties.
In terms of s18 of POPIA we are required to bring to your attention certain matters relating your personal information, which we set out in this notice document. By engaging our services, you acknowledge that you have read and understood this notice and have agreed to the contents hereof. You furthermore authorize us to take any of the actions described herein insofar as your personal information is concerned.
“Information Officer” means the person designated as our information officer, as required in terms of POPIA.
“Information Regulator” means the office of the Information Regulator, as established in terms of POPIA.
“Operator” means any person or organization that processes Personal Information on our behalf.
“Personal Information” means information relating to a specific juristic or natural person which is classified as personal information in the Protection of Personal Information Act 4 of 2013 (“POPIA”). This may include a wide variety of information types, such as your name, address, telephone number, credit card information, and any other information that is connected with you and may identify you personally.
“POPIA” means the Protection of Personal Information Act 4 of 2013 of the Republic of South Africa. You may access a copy of POPIA on the Information Regulator’s website, which, at the time of publication of this Privacy Notice, is at http://www.justice.gov.za/inforeg/.
“Processing” of Personal Information means any operation or set of operations which is performed in respect of such information, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.
In order to provide you with our services, we need to obtain and process certain types of information, which will differ depending on your specific matter but, in general, would include the following:
The provision of our services to you requires us to process some of your Personal Information. If requested Personal Information is not provided, we may not be able to complete such services. If the information is not provided initially, we may choose not to perform the services at all. Where information is not provided during the course of an ongoing matter, we may terminate our appointment and in such cases you will be liable to settle any of our fees (which will include any costs or expenses incurred by us) in respect of work done up to the date of termination.
Additionally, in order to improve our services and to notify you of our other services in future, we may process some of your personal information for marketing purposes, if you authorise us to do so in writing. You may withdraw such authorization at any time by way of written notice, either by automated means provided by us or by sending an e-mail to email@example.com. We may also retain some of your personal information for statistical purposes, but in such instances, the information will be anonymised.
In most cases, we will request your Personal Information directly from you. However, in some cases, we may need to obtain it from third parties. This will be the case if you have authorized us to do so, or where the nature of our instructions requires us to do so in order to comply with them in rendering our services to you. We may also be legally required to independently verify some of the information provided to us in terms of applicable anti-terrorism and anti-money laundering legislation (including, but not limited to, the Financial Intelligence Centre Act 38 of 2001, as amended), which may include our accessing government or public directories in order to obtain certain personal information relating to you.
In some cases, especially if you are an organization, we may need to obtain Personal Information relating to third parties (such as your office bearers) from you. You hereby warrant that you have the express and informed consent of such third parties to provide us with any such information and indemnify us against any liability to such third parties, or any other party, as a result of a lack of such authorization.
We may need to share your personal information with third parties. In general, this is limited to transmitting or storing such information through, or on, electronic communication and storage infrastructure administered by third-party service providers. However, depending on the nature of your particular matter, we may need to share some of your personal information with other third parties, which may include, but are not limited to, other parties involved with your matter; our sub-contractors, agents, employees, correspondents or other service providers; public forums such as courts or other tribunals; or law enforcement agencies or regulatory bodies (only if legally required or on your instructions). Where we have appointed third parties to process your Personal Information on our behalf, we only do so if we have an express written agreement with them in which they warrant that they will treat your Personal Information subject to the same reasonable and appropriate security measures as we are required to adhere to, including breach notification provisions.
We may need to transmit your Personal Information to a location outside of the country, where it may be processed by third parties. This may happen while we are communicating with you, or any other party in your matter where you or such party are not in the country. It may also happen where our digital infrastructure is located in, or administered from another country. In such cases, the transmission and processing of such information is subject to the provisions of s72 of POPIA, meaning that the third party to which we may transmit your information will either be subject to laws, or a contract with us, or corporate binding rules, which requires them to employ the same reasonable safeguards in respect of your personal information that we are required to comply with in terms of POPIA.
In general, we only retain your personal information for the duration of our services to you.
However, we may be subject to regulatory and legislative provisions, which require us to retain such information for prescribed periods. This usually means that we need to retain your Personal Information for periods of up to 5 years, although in some instances it may be longer.
Information that we retain for marketing or statistical purposes may be retained indefinitely, provided that you have authorised us to use the information for marketing purposes or, in the case of use for statistical purposes, that the information has been anonymised.
As required by s19 of POPIA, the confidentiality and integrity of any Personal Information processed by us is subject to reasonable technical and organizational safeguards to prevent loss, damage, destruction or unauthorized access, having due regard to generally accepted information security practices and procedures. However, we are not liable to you, or any other person, for any such loss, damage, destruction or unauthorized access that occurs despite our implementation of such reasonable safeguards.
If we become aware of any breach of security which may potentially lead to unauthorized access, loss, destruction or processing of your Personal Information, we will, as soon as is reasonably possible, investigate the matter and notify you and other affected parties, as well as the Information Regulator of such breach, in the prescribed manner and form, and will take reasonable steps to mitigate against any risks resulting from such breach.
Please note that no data breach notification made by us will constitute an admission of any liability in respect of any matter referred to in such notice.
In terms of ss23 and 24 of POPIA, you have the right to access, and to request us to correct, any personal information retained by us, subject to the provisions of those sections. You can do so by sending us a written request to firstname.lastname@example.org.
You furthermore have the right, in terms of s11(3) of POPIA, to object to our holding of your personal information and to withdraw your authorization for us to hold it.
Should you wish to lodge a complaint, you may contact the office of the Information Regulator, whose contact details may be found on their website (currently at http://www.justice.gov.za/inforeg/ )
Should you have any questions regarding our information collection, handling or storage processes, please contact us at the following address and mark your query for the attention of the Information Officer:
JumpCO Consulting (Pty) Ltd
Tel: +27 11 431 1666
Suite 106, Block B
Cnr Judges and Beyers Naudé Drive