POPI Compliance Manual & Privacy Policy

PREPARED IN ACCORDANCE WITH THE PROMOTION OF ACCESS TO INFORMATION ACT, 2000 TO ADDRESS REQUIREMENTS OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013

Introduction and Purpose of the Manual

The Protection of Personal Information Act (“POPI”) aims to give effect to the constitutional right to privacy by balancing it against that of access to information. POPI requires that personal information pertaining to individuals be processed lawfully and in a reasonable manner which does not infringe on the right to privacy.

This document therefore relates to and explains how we obtain, process, use, store, disclose, and destroy personal information in accordance with the requirements of POPI.

Company Details

COMPANY NAME AND REGISTRATION NUMBER: 123mds Pty Ltd 2005/000171/07
COMPANY HEAD: Wayne van de Werken
INFORMATION OFFICER: Jason van Wyngaard
EMAIL ADDRESS: popi@123mds.co.za
PHYSICAL ADDRESS: 54 Kingfisher Drive, Fourways, 2055, JHB, Gauteng
POSTAL ADDRESS: P. O. Box 924, Rivonia, Sandton, 2128
TELEPHONE NUMBER: 086 123 7746
WEBSITE ADDRESS: www.123mds.co.za
DATE: 1st July 2021

Personal Information Collected

Personal Information may only be processed if the purpose for which it is processed is adequate, relevant and not excessive. The type of information collected and processed is usually for the purpose of understanding a related parties’ requirements in order for us to perform our services and can largely be summarized as follows:

Entity Type	Personal Information Processed
Clients: Natural Persons	Names; contact details; physical and postal addresses; date of birth; ID number; Tax related information; nationality; gender; confidential correspondence.
Clients – Juristic Persons / Entities	Names of contact persons; Name of Legal Entity; Physical and Postal address and contact details; Financial information; Registration Number; Tax related information; authorised signatories, beneficiaries, ultimate beneficial owners.
Clients – Foreign Persons / Entities	Names; contact details; physical and postal addresses; date of birth; Passport number Tax related information; nationality; gender; confidential correspondence.
Intermediary / Advisor	Names of contact persons; Name of Legal Entity; Physical and Postal address and contact details; Financial information; Registration Number; Founding documents; Tax related information; authorised signatories, beneficiaries, ultimate beneficial owners.
Contracted Service Providers	Names of contact persons; Name of Legal Entity; Physical and Postal address and contact details; Financial information; Registration Number; Founding documents; Tax related information; authorised signatories, beneficiaries, ultimate beneficial owners.
Employees / Directors	Gender, Marital Status, Colour, Age, Language, Education information; Financial Information; Employment History; ID number; Physical and Postal address; Contact details; Opinions, Criminal behaviour; Well-being.
Website end-users / Application end-users	Electronic identification data: IP address, log-in data, cookies, Electronic localization data: cell phone, GPS.

Use and Disclosure of Personal Information

We will only use personal information for the purpose in which it was generated and as agreed by you in order for us to conduct our daily operational activities. In addition, where necessary some personal information may be retained for legal purposes in order for us to comply with the relevant laws, such as FICA requirements.

For example:

To gather contact information.
To confirm and verify your identity or verify that you are an authorized user for security purposes.
For the detection and prevention of fraud, crime, money laundering or other malpractice.
To conduct market or customer satisfaction research or for statistical analysis.
For audit and record keeping purposes.
In connection with legal proceedings.

We may disclose personal information to various stakeholders, including our service providers who are associated with our business activities. We have taken various measures in this regard to ensure that agreements are in place with such stakeholders and service providers to ensure compliance with the requirements of POPI.

Should we be required to transfer Personal Information to third parties outside of South Africa, we will ensure that the recipient of the information is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection.

Access and Correction of Personal Information

You have the right to request a copy of the personal information we hold about you. Should you wish to update, correct, or delete your personal information you may do so by contacting us using the information contained in clause 2 of this document and specifying what information you require and/or would like to update.

Information Security

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.

Our security policies and procedures cover:

Computer and network security.
Access to personal information.
Secure communications.
Security in contracting out activities or functions.
Retention and disposal of information.
Acceptable usage of personal information.
Governance and regulatory issues.
Monitoring access and usage of private information.
Investigating and reacting to security incidents.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that the personal information, which we remain responsible for, is kept secure. We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

Requesting Access and Lodging of Complaints

If, for whatever reason, you are unhappy with the way in which personal information is collected, processed, used or stored and you believe that we are not complying with the provisions set out in POPI, you may lodge a complaint with the office of the Information Regulator using the official Form 5 complaint form.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.