We guarantee that personal information provided by the user will be employed solely for the purpose of providing any service that the user has requested. We guarantee that no user data, personal or otherwise, will ever be passed to external agencies or third parties for any reason unless required by law.
POPIA PRIVACY NOTICE
We understand that your personal information is important to you and that you may be apprehensive about disclosing it. Your privacy is just as important to us and we are committed to safeguarding and processing your information in a lawful manner.
We also want to make sure that you understand how and for what purpose we process your information. If for any reason you think that your information is not processed in a correct manner, or that your information is being used for a purpose other than that for what it was originally intended, you can contact our Information Officer.
You can request access to the information we hold about you at any time and if you think that we have outdated information, please request us to update or correct it.
Our Information Officer’s Contact Details
Name: Luis Levy
Contact Number: +27 21 401 8940
Email Address: firstname.lastname@example.org
The Organisation: StrategiQ Capital (Pty) Ltd
Physical Address: Office 201, 2nd Floor, Cape Quarter Square, 27 Somerset Road, Green Point, Cape Town, 8000
Telephone: +27 21 401 8940
E-mail address: email@example.com
The source of collection of your personal information:
We collect personal information both directly and indirectly from the following data subjects:
- Prospective clients who enquire about our services
- Prospective and current employees
Personal information is collected both directly and indirectly from you through the completion of an application form, online forms and/or during consultation. These forms are completed either electronically or in hard copy.
We may also collect information about you from other sources such as external third parties and from cookies on our website.
Law authorising or requiring collecting of the personal information:
As an authorised financial services provider, we are obligated in terms of the following legislation to collect your personal information insofar as it relates to the rendering of the relevant financial services to you:
Protection of Personal Information Act 4 of 2013
To promote the protection of personal information processed by public and private bodies; to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the ﬂow of personal information across the borders of the Republic; and to provide for matters connected therewith.
Purpose for Processing your Information:
We collect, hold, use and disclose your personal information mainly to provide you with access to the services and products that we provide. We will only process your information for a purpose you would reasonably expect, including:
- Complying with the obligations contained in the contract concluded between yourself and the organisation.
- To verify your identity.
- To notify you of new products or developments that may be of interest to you.
- To confirm, verify and update your details.
- To comply with any legal and regulatory requirements.
Some of your information that we hold may include, your first and last name, email address, a home, postal or other physical address, other contact information, your title, birth date, gender, occupation, qualifications, past employment, residency status, your investments, assets, liabilities, insurance, income, expenditure, family history, and your banking details.
Third parties and your personal information
We may need to share your information to third parties provide advice, reports, analyses, products or services that you have requested. Where we share your information, we will take all precautions to ensure that the third party will treat your information with the same level of protection as required by us.
These third parties may include:
- Your employer (where applicable);
- Analytics and search engine providers assisting in the enhancement of our websites;
- Information Technology specialists assisting us with data storage, security, processing, analytics, etc;
- Auditors of the StrategiQ Capital;
- Regulatory or governmental authorities;
- Custodians, Platform providers, Stockbrokers (where applicable)
The Transfer of your personal information outside of the Republic of South Africa
Your information may be hosted on servers managed by a third-party service provider, which may be located outside of South Africa. The third-party service providers are located in:
- Isle of Man
- United Kingdom
We confirm that the level of protection afforded to your personal information by that third country or international organisation is equal to the protection afforded by the POPI Act.
Complaints and objections
As a data subject, you have the right to –
- Request that we confirm, free of charge, whether or not we hold personal information about you; (please complete Annexure A)
- Request that we provide you with a description of the personal information we hold about you, and to explain why and how it is being processed (please complete Annexure A);
- Lodge a complaint with the company (please complete Annexure B).
- Request that we consider your objections to the processing of your personal information
- Lodge a complaint with the Information Regulator
The Information Regulator
In the event that your personal information has not been processed in accordance with the POPI Act and the principles set out above, you have the right to lodge a complaint with the Information Regulator.
For further information regarding the complaints process, please visit the website of the Information Regulator, as indicated below.
Alternatively, you may contact the Information Regulator for further assistance:
The Information Regulator: Adv Pansy Tlakula
Physical Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
EIGHT PRINCIPLES OF THE POPI ACT
Principle 1: Accountability
The organisation must appoint a party (Information Officer) who will be responsible for ensuring that the information protection principles within POPIA and the controls that are in place to enforce them are complied with.
Principle 2: Processing Limitation
The second principle deals with the lawfulness of processing, minimality of information collected, consent, justification and objection, and the collection of personal information directly from the data subject.
Principle 3: Purpose Specification
The third principle provides that personal information must be collected for a specific purpose and the data subject from whom the personal information is collected must be made aware of the purpose for which the personal information was collected.
Principle 4: Further processing limitation
The fourth principle regulates the further processing of personal information. If a responsible party further processes personal information, such processing must be compatible with the purpose for which the information was collected in principle 3.
Principle 5: Information quality
The fifth principle provides that the responsible party must take reasonable steps to ensure that the personal information that has been collected is complete, accurate, not misleading and up to date. In so doing, the responsible party must take into consideration the purpose for which the personal information was collected.
Principle 6: Openness
The sixth principle provides that the responsible party must be open about the collection of personal information by notifying the Regulator if it is going to process personal information and, if personal information is going to be collected, the responsible party must take “reasonably practicable steps to ensure that the data subject has been made aware that his or her personal information is going to be collected. The responsible party should for example, take reasonable steps to make the data subject aware of its name and address, and the purpose for which the personal information being collected.
Principle 7: Security Safeguards
The seventh principle provides that the responsible party must ensure that the integrity of the personal information in its control is secured through technical and organisational measures.
Principle 8: Data Subject Participation
The eighth principle provides that data subjects have the right to request that a responsible party confirm (free of charge) whether it holds personal information about the data subject, and he or she may also request a description of such information.