Privacy Policy of Itec SA

INTRODUCTION

The Itec group of companies (“Itec”) recognise the importance of protecting your privacy and are committed to protecting and preserving your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (“POPI Act”).

This Privacy Policy explains why and how we collect, protect and use personal information provided to us, both by you or by others, and provides information about your rights in relation to personal information.

We refer to information about you, or information from which you would be directly or indirectly identifiable, as “personal information”. We may also collectively refer to collecting, receiving, recording, organising, sorting, updating or modifying, handling, or using your personal information as “processing” such personal information.

By providing us with your personal information, you (i) agree to this Privacy Policy and authorise us to process such information as set out herein; and (ii) authorise Itec, its directors, consultants, employees, affiliates, agents, financiers, subcontractors, service providers, and/or other third parties to process your personal information for the purposes stated in this Privacy Policy.

We will not use your personal information for any purposes not mentioned in this Privacy Policy without your consent.

This privacy statement was last updated on 30 June 2021.

We may amend or update this Privacy Policy from time to time by posting a new privacy policy on this website. We encourage you to review this Privacy Policy periodically to be informed about how we are protecting your information.

COLLECTION OF PERSONAL INFORMATION

Itec only processes personal information that is adequate, necessary, relevant, and is not excessive. We may collect personal information from you:

  1. by receiving the information directly from you;
  2. when you visit and/or interact with our website at www.itecgroup.co.za and any other Itec sites or social media platforms (collectively, the “Websites”);
  3. in the course of our relationship with you;
  4. in the course of rendering our services to you or your organisation;
  5. in the course of receiving services from you or your organisation;
  6. from records of your communication and interactions with us, including but not limited to receipt of any electronic communication from you or even your attendance at any of our events or functions;
  7. when you subscribe for any of our newsletters, our mailings, our digital marketing campaigns and/or any other marketing activities;
  8. by engaging with any of our recruitment activities;
  9. when you visit our offices; and
  10. from third parties, including but not limited to any law enforcement authorities.

LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

We will only process your personal information in the ordinary course of the business of providing business solutions and related services.

We may use your personal information that you provide to us to:

  1. perform our obligations under a contractual arrangement with you;
  2. present proposals, quotations, feasibility studies, needs analysis, or conduct due diligence investigations;
  3. send newsletters, mailings, digital marketing campaigns and/or any other marketing material to you which you have subscribed to receive;
  4. provide important notices and updates, including but not limited to amendments to any of our terms and conditions, updates to our policies, security alerts and any other administrative or technical communications;
  5. send recruitment opportunities to you;
  6. process your job application;
  7. ensure the safety and security of Itec, by screening you through CCTV footage or requiring you to complete the visitors attendance register upon arrival at Itec;
  8. improve Itec’s business, offerings, services and communications to you, including but not limited to conducting internal audits and investigations, implementing internal business controls, insurance purposes, data analysing and research (such as monitoring trends, usage and activities), accounts management and maintain and/or improve our relationship with you; and
  9. comply with any applicable laws, regulations, demands or requests made by regulators, governments, courts and law enforcement authorities.

We will not retain your personal information for longer than is necessary to achieve the purpose for which we collected it, unless there is a lawful basis or legal requirement for us to retain your personal information for a longer period.

OUR PROCESSING ACTIVITIES

Website

For a better and personalised experience while using our Websites, we may collect information about you and your use of the relevant site, including but not limited to through cookies and analytics tools. Cookies are files with small amounts of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive.

Please see our Cookie Policy for more information. You may refuse to accept cookies by activating the setting on your browser.

We may even collect your personal information, including but not limited to your name, phone number, email address, your company name and position within your company. We do not intend to collect sensitive information through the Websites unless we are legally required to do so. If you choose to provide sensitive information to us for any reason, the act of doing so constitutes your explicit consent.

We also collect information that does not identify you personally through our internet log files, which record data such as IP addresses, browser types, pages of the Websites that you visit, the time and date of your visit, the time spent on those pages, and other anonymous statistical data. This information may be used to analyse trends and to gather general demographic information. We do not link this information to personally identifiable information.

If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the privacy policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

The Websites are not intentionally designed for or directed at children, and we require all users to be above the age of majority in their local country. We do not knowingly collect or maintain personal information about persons under the age of 18.

Our Clients

Where we collect personal information necessary for providing business solutions and related services, we ask that you only provide personal information which is necessary and relevant for such purposes. We may require personal information relating to you, or your organisation, including but not limited to personal details (such as your name and identity number), contact details (such as your email address, postal address, physical address and contact number), corporate information (such as registration number, memorandum of incorporation, rules or resolutions) and financial information (such as bank statements, tax numbers, vat numbers or financial year end reports).

We use this information to provide our business solutions and related services to you, to administer, manage and develop such services and our business generally, for security purposes, to confirm, verify and update your details from time to time, to provide marketing material to you, to conduct market or customer satisfaction research for statistical analysis, to conduct credit reference searches or verifications, for audit and record keeping purposes, in connection with legal proceedings, to provide communication in respect of any business, legal or regulatory matters that may affect you, and complying with any applicable laws.

We may also incidentally collect other personal information from your use of our business solutions and related services. You are responsible for obtaining the explicit consent of any users who make use of, or other persons whose personal information we process as a result of the use of, such business solutions and related services. If we have no use for the information collected in terms of this Privacy Policy, we endeavour to remove and destroy such information when practically possible in accordance with Itec’s business practices.

Our Suppliers

We may need to collect personal information necessary to manage the relationship, contract, and to receive services from you. We may require personal information relating to you, or your organisation, including but not limited to personal details and contact details (such as your name, your email address, postal address, physical address and contact number) and any other information that may be relevant for such purposes.

Marketing Activities

We will only provide marketing materials to you if (i) you are an existing client already on our mailing list; or (ii) you are a new or potential client of Itec and have provided consent for us to do so. If you opt in to any subscriptions, newsletter, lead form or contact form, you will receive automated emails when content is updated. In all instances, we retain your contact information (such as your name, email address and contact number) on our mailing list until you unsubscribe.

Should you wish to unsubscribe from our mailing list, you should look for and follow the instructions we have provided in the relevant communications to you. If you unsubscribe from our mailing list, we may retain limited information sufficient to identify you so that we can honour your

opt out request. If you wish to no longer receive only certain communications, please identify such communications in your request.

We may from time to time send you a mailer requiring you to update your personal information for the purposes set out in this Privacy Policy to ensure we have your correct contact details. This mailer will also allow you the option to unsubscribe from our mailing list.

We will not sell your personal information to non-Itec parties for consumer marketing purposes.

Recruitment Activities

Where we collect personal information in connection with our recruitment activities, we ask that you only provide personal information which is necessary and relevant for such purposes. The personal information we collect as part of our recruitment process is provided to by you and may include your personal details (such as your name and identity number), contact details (such as your email address, postal address, physical address and contact number), your CV, your existing job description, salary and any other information provided to us as part of the recruitment process.

If your application is successful, we perform pre-employment screening checks as part of our onboarding process, which may include educational and criminal records checks. We may also require further personal information about you (such as your bank account details, family details, marital status and information relating to diversity and equal opportunities).

If your application is unsuccessful, we may retain your personal information as we may consider you for future employment opportunities.

We may also obtain your personal information from third party sources (such as references, verification of information provided, information from social media platforms).

Visitors to our Offices

We require visitors to our offices to complete an attendance register upon arrival. The personal information we collect may include your personal details (such as your name and identity number), contact details (such as your contact number), signature and vehicle details. Our attendance registers are securely stored and only accessible on a need to know basis.

We also use the CCTV images and vehicle number plate recognition for the legitimate purpose of promoting security and safety, preventing and detecting crime, and establishing, exercising and defending legal claims. CCTV and vehicle number plate images captured are securely stored and only accessed on a need to know basis. We may disclose such CCTV and vehicle number plate images to law enforcement bodies as requested and permitted by law.

We may monitor traffic on our guest WIFI networks using industry standard intrusion detection systems. We cannot inspect encrypted web pages and therefore do not have access to the web pages used whilst you are on our WIFI network.

SENSITIVE PERSONAL INFORMATION

Should a need arise where we process your sensitive personal information, we will do so in the ordinary course of our business, for a legitimate purpose, and in accordance with any applicable laws.

SHARING OF PERSONAL INFORMATION

We may disclose your personal information to our third party service providers. These third parties support Itec in providing business solutions and related services as well as IT infrastructure. It may include our financiers who require your personal information for financial risk assessment purposes, or our IT service providers who assist by providing identity management, website hosting and management, data analysis, data backup, security and cloud storage services. We require that our service providers take appropriate, reasonable, technical and organisational measures to keep your personal information secure and not use or disclose the personal information for any purpose other than providing the services on our behalf.

Our third party service providers may be based outside of the country which you are located. In such event, or should we require to transfer or store your personal information at a destination outside of the country at which you are located, we will take reasonable organisational and/or contractual measures to ensure that your personal information is processed by such third party service providers for the purposes for which it has been provided to us and that adequate levels of protection substantially similar to the requirements of the POPI Act have been implemented by such third party service providers to safeguard your personal information.

We may also disclose your personal information:

    1. when explicitly requested by you;
    2. to our professional advisors and consultants;
    3. to legal and regulatory authorities, upon request or if we are under any duty or obligation to disclose, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
    4. if required by law;
    5. to any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and in the interest of public safety;
    6. to any potential third party acquirer, should we sell, transfer, reorganise, liquidate or dissolve all or part of our business or assets; and
    7. any other relevant and necessary third party provider.

Once any of your personal information that you have provided to us has been de-identified, such de-identified information may be shared (i) to any of our advisors, consultants, agents or service providers; (ii) for purposes of web data analysis; and (iii) for statistical purposes.

YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

The personal information you provide to Itec should be accurate, complete and up-to-date. Should any of your personal information change, please notify Itec of such change and provide the correct personal information.

You are entitled to –

  1. request access to your personal information held by Itec in accordance with our Information Access Request Policy;
  2. object to the processing of your personal information;
  3. withdraw your consent to the processing of your personal information;
  4. withdraw your consent to receive any marketing material;
  5. request the correction or amendment of incorrect personal information held by Itec;
  6. request deletion of your personal information held by Itec if (i) the personal information is no longer necessary for the purpose for which it was processed; (ii) you withdraw your consent; (iii) you object to the processing of the personal information; (iv) your personal information has been unlawfully processed; and (v) your personal information must be erased to comply with a legal obligation to which we are subject;

7.restrict the processing of your personal information held by Itec if (i) we are required toverify the accuracy of your personal information; (ii) your personal information has beenunlawfully processed and you request restriction of processing instead of deletion; (iii) thepersonal information is no longer necessary for the purpose for which it was processed butit is still required to establish, exercise or defend legal claims; (iv) establish whether wehavelegitimategroundstodefend anyobjectionraisedbyyou;

  • request receipt by Itec, or transfer from Itec, of your personal information from or to another organisation; and
  • seek relief to your local data protection authority should any of your privacy rights be violated.

Itec will restrict its processing of your personal information to information which is sufficient for the purpose for which it was collected.

RETENTION OF PERSONAL INFORMATION

Records of your personal information will not be retained or stored for any longer than is necessary for achieving the purpose for which such information was collected or subsequently processed in accordance with Data Retention Storage and Disposal Policy and any applicable laws.

SECURITY AND NOTIFICATION

We will take all appropriate, reasonable, technical and organisational security measures to protect your personal information that is in our possession to prevent loss of, damage to or unauthorised alteration or destruction of your personal information or unlawful access to or processing of your personal information in accordance with the applicable law. Only authorised persons are provided access to your personal information and such individuals have agreed to maintain the confidentiality of this information.

Should we reasonably believe that your personal information has been unlawfully accessed or acquired by any unauthorised persons, we will notify the relevant regulator and you, unless we are made aware that notifying you will impede a criminal investigation.

CONTACT INFORMATION

Information Officer Alan Chapman

Email: legal@itecgroup.co.za Tel: +27 11 236 2000