Policy Statement and Guidance manual to Protect Personal Information (POPI policy)
1.1. Gran and Gramps 4 Hire (Pty) Ltd (“the Company”) acknowledges that it obtains personal information from candidates and clients in the performance of its services.
1.2. The Company confirms its commitment to protecting its clients’ and candidates’ privacy and ensuring that their personal information is used appropriately, transparently, securely and in accordance with applicable laws.
1.3. This Policy sets out the manner in which the Company deals with personal information as well as stipulates the general purpose for which such information is used.
2. COLLECTION OF PERSONAL INFORMATION
2.1. The Company collects and processes various information pertaining to its candidates and clients. The type of information will depend on the need for which it is collected and will be processed for that process only. Whenever possible, the Company will inform the client or employee of the information required and which of that information is deemed optional.
2.2. The Company must indicate to the data subject (whomever the information relates) what the consequence are of failing to provide such personal information as this could have negative consequences.
2.3. Examples of the personal information the Company collects includes, but is not limited to: -
• Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-
• Information relating to the education or the medical, financial, criminal or employment history;
• Banking and account information;
• Contact information;
• Any identifying number, symbol, email address, telephone number, location information, online identifier or other particular assignment to the data subject;
• The biometric information;
• The personal opinions, views or preferences and the views or opinions of another individual about the data subject.
3. COLLECTION OF CANDIDATE INFORMATION
3.1. For the purposes of this Policy, employees include potential, past and existing employees of the Company.
3.2. The Company will, when interviewing candidates, require information, including, but not limited to that listed above, from the prospective candidate in order to process the information on the Company’s system. Such information is reasonably necessary for the Company’s record purposes as well as to ascertain if the prospective candidate meets the requirements, for the services which he/she is being required.
3.3. The Company will use and process such information, as set out below, for including, but not limited to, its records and to make lawful decisions in respect of that candidate and its business.
4. USE OF CANDIDATE INFORMATION
4.1. Candidates’ personal information will only be used for the purpose for which it was collected and intended. This would include, but is not limited to:
• for audit and recordkeeping purposes;
• in connection with legal proceedings;
• in connection with and to comply with legal and regulatory requirements;
• assessing suitability for services;
• determining qualifications and experience of candidate;
• in connection with any administrative functions of the Company;
• to publish information on its website pertaining to that candidate;
• to transfer information to its clients about that candidate;
• pre and post-
4.2. Should information be processed for any other reason, the Company will inform the candidate accordingly.
4.3. Candidates are made aware that their information may be transferred to third parties in accordance with the Company’s business requirements. Third parties include, but are not limited to, clients (includes potential clients).
4.4. Candidates are further made aware that certain candidate information is to be published on the Company website.
5. COLLECTION OF CLIENT INFORMATION
5.1. For purposes of this Policy, clients include potential, past and existing clients.
5.2. The Company collects and processes its client’s personal information, such as that mentioned in clause 2 above. The type of information will depend on the need for which it is collected and will be processed for that purpose only. Further examples of personal information collected from clients include, but is not limited to:
5.2.1. The client’s Identity number, name, surname, address, postal code, marital status, and number of dependants;
5.2.2. Client’s residential and postal address;
5.2.3. Contact information;
5.2.4. Details of the person responsible for the client’s account;
5.2.5. Company registration number;
5.2.6. Full name of legal entity;
5.2.7. Tax and/or VAT number.
6. USE OF CLIENT INFORMATION
6.1. The client’s Personal Information will only be used for the purpose for which it was collected and as agreed. This may include, but not be limited to: -
6.1.1. Providing products or services to clients;
6.1.2. In connection with sending accounts and communication to client in respect of services rendered;
6.1.3. Referral to other service providers;
6.1.4. Confirming, verifying and updating client details;
6.1.5. Conducting market or customer satisfaction research;
6.1.6. For audit and record keeping purposes;
6.1.7. In connection with legal proceedings;
6.1.8. In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law.
6.2. The Company also collects and processes client’s personal information for marketing purposes in order to ensure that our products and services remain relevant to our clients and potential clients.
7. DISCLOSURE OF PERSONAL INFORMATION
7.1. The Company may share personal information with third parties as well as obtain information from such third parties for reasons set out above.
7.2. The Company may also disclose employees’ or clients’ information where there is a duty or a right to disclose in terms of applicable legislation, the law or where it may be necessary to protect the Company’s rights.
8. SAFEGUARDING PERSONAL INFORMATION AND CONSENT
8.1. The Company shall appoint an Information Officer who is responsible for the encouragement of compliance with the conditions of the lawful processing of personal information in accordance with law:
INFORMATION OFFICER DETAILS
8.1.1. NAME: Lynne Bendrau
8.1.2. TELEPHONE NUMBER: 071-
8.1.3. FAX NUMBER:
8.1.4. POSTAL ADDRESS: Postnet Suite 25, Private Bag X0002, Sunridge Park, Port Elizabeth, 6008
8.1.5. PHYSICAL ADDRESS:
8.1.6. EMAIL ADDRESS: email@example.com
8.2. Each new employee will be required to sign an employment contract containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI.
8.3. Consent to process information is obtained from clients (or a person who has been given authorisation from the client to provide the client’s personal information) during the introductory, appointment and needs analysis stage of the relationship.
8.4. Consent to process candidate information will pe obtained during recruitment / interview stage.
9. ACCESS AND CORRECTION OF PERSONAL INFORMATION
9.1. Candidates and clients have the right to request access to any personal information that the Company holds about them.
9.2. Candidates and clients have the right to request the Company to update, correct or delete their personal information on reasonable grounds. Such requests must be made to the Company’s Information Officer (see details above) or to the Company’s head office (see details below).
9.3. Where an employee or client objects to the processing of their personal information, the Company may no longer process said personal information. The consequences of the failure to give consent to process the personal information must be set out before the candidate or client objects.
HEAD OFFICE DETAILS
9.3.1. NAME: Lynne Bendrau
9.3.2. TELEPHONE NUMBER: 071-
9.3.3. FAX NUMBER:
9.3.4. POSTAL ADDRESS: PostNet Suite 25, Private Bag X0002, Sunridge Park, Port Elizabeth, 6008
9.3.5. PHYSICAL ADDRESS:
9.3.6. EMAIL ADDRESS: firstname.lastname@example.org
10. RENTION OF RECORDS
11. The Company shall ensure the safeguarding and protection of all personal information on data. The Company is obligated to retain certain information as prescribed by law as follows:
12. With regard to the Companies Act, No 71 of 2008 and the Companies Amendment Act No 3 of 2011, hardcopies of the documents mentioned below must be retained for 7 years:
12.1. Any documents, accounts, books, writing, records or other information that a company is required to keep in terms of the Act;
12.2. Notice and minutes of all shareholders meeting, including resolutions adopted and documents made available to holders of securities;
12.3. Copies of reports presented at the annual general meeting of the company;
12.4. Copies of annual financial statements required by the Act; -
13. AMENDMENTS TO THIS POLICY
13.1. Amendments to this Policy will take place from time to time subject to the discretion of the Company and pursuant to any changes in law. Such changes will be brought to the attention of employee’s clients where it affects them.