Your privacy is a priority.
Privacy Notice Summary
- Personal Information
- Collection and Use of Data
- Sharing of Your Information
- Access Your Information
Information we may collect from you
We only collect Personal Information that is reasonably necessary for us to provide you with the best possible financial advice and administration.
There are three ways we collect information
- Information you give to us
- Information we request on your behalf
- Information we receive from providers
All of this information is collected with your consent
This information includes:
- your title, full name, your contact details, including for instance your email address, home and mobile telephone numbers
- your home address, correspondence address (where different from your home address) and address history.
- financial information, including your bank account information, payslips, debit order information
- proof of identification in the form of copies of your passport, driving licence or other identity documents like utility bills
- information relating to your use of our services
- to comply with our legal and regulatory requirements, your tax residency and/or nationality
Why do we collect information?
We collect information from you for various reasons
- To ensure compliance with legislation
- record-keeping, administration
- to provide the correct advice and services for your needs
- We may send emails to you about changes to services and products that have a direct impact on you
- All data we process is done on the lawful basis of POPI
- We only collect information for specific, explicit and legitimate purposes.
Use of Data
We will only use your data in accordance with South African law as well as other applicable laws (for example GDPR and CCPA where applicable). We make use of software providers that assist with cloud storage,
We use a combination of technical, procedural and operational measures to keep your information secure.
We may share your information
- to comply with our legal obligations
- to provide you with services you consent to
- with authorised service providers with the information required to action a request
- with authorised service providers across borders to countries with different levels of protection.
- with any third party after receiving your explicit consent
- if we are under a duty to disclose or share your personal information in order to comply with any legal obligation
Our Responsibility to Security
As a responsible FSP authorised and regulated by the FSCA, we ensure our business practices and data processing activities are in compliance with the regulations. This includes training our staff on numerous security procedures and protocols.
Furthermore, we have adopted sound technical and compliance procedures to avoid loss, destruction, unauthorised access or omission to your data. Our partners and third-party processors are all bound by strict data protection obligations.
We make use of well known and respected providers in their fields of speciality.
These are some of the measures we apply to ensure the security of your Personal Information:
- we take all reasonable precautions to protect Information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
- we will not share any of your to unaffiliated parties, except for approved agents, providers and contractors, or as otherwise specifically provided for, as agreed with you or as required in terms of any Law.
- we use encrypted cloud servers
- we take appropriate steps to ensure that information stored on these servers is protected as required under relevant Data Protection/Privacy laws.
- When personal data is deleted this is done safely such that the data is irrecoverable.
- Appropriate backup and disaster recovery solutions are in place.
- Your access to some of our resources, applications and content may be password protected and non-disclosure of such usernames and passwords are required to ensure the safekeeping of your Information. The safeguarding of your login details is your responsibility. It is important that you sign out and close the browser of the account or service at the end of each session
Access to information
You have a right to see/access your personal information that we keep about you. You may instruct us to provide you with any personal information we hold about you upon receipt of a written request.
You may log into the 'Moneymatter' dashboard application to view your information or send us a request on https://www.growmatter.co.za/contact/
Depending on the nature and volume of your personal information there may be a charge depending on how you wish to have your personal information presented. We would discuss these fees prior to any arrangement.
Privacy Compliance Statement
The right to privacy is an integral human right recognised and protected in the South African Constitution and the Protection of Personal Information Act 4 of 2013 (“POPIA”).
POPIA aims to promote the protection of privacy by providing guiding principles that are intended to be applied to the processing of personal information in a context-sensitive manner.
Through the provision of quality goods and services, the organisation is necessarily involved in the collection, use and disclosure of certain aspects of the personal information of clients, customers, employees and other stakeholders.
A person’s right to privacy entails having control over his or her personal information and being able to conduct his or her affairs relatively free from unwanted intrusions.
2. COMMITMENT TO COMPLIANCE WITH POPI
Given the importance of privacy, Growmatter (Pty) Ltd is committed to effectively managing personal information in accordance with POPIA’s provisions. To meet the requirements of POPI, Growmatter (Pty) Ltd has drafted a POPI Risk Framework which includes:
- Development and implementation of Information processing plan and procedures, including the safeguards of personal information required under POPI
- Development and implementation of a compliance monitoring plan
- Appointment of Information Officer
- Delegation of duties to staff and training on their duties
- Development of disclosures and client POPI engagement processes
- Documentation of relationships with third parties on the sharing of personal information and/or service agreements for the outsourcing of certain POPI obligations
3. INFORMATION OFFICER
Growmatter (Pty) Ltd has appointed Michelle Taljaardt as its Information Officer. All correspondence to the Information Officer may be submitted via e-mail to email@example.com
4. PRIVACY STATEMENT
Growmatter (Pty) Ltd is committed to processing personal information in accordance with the below principles when collecting, recording, storing, disseminating, and destroying personal information, and responding to government requests for our users’ data:
- We shall not contact/solicit you unless you have given us your consent to do so or unless required as part of an existing relationship with you.
- We shall process your personal information for a specific, lawful reason and only adequate, relevant information which is limited to the purposes for which they are processed and which relates to the functions or the activity of the organisation.
- If you cancel your services with Growmatter (Pty) Ltd, we will delete or otherwise de-identify your personal information after the minimum storage periods required under our risk and statutory record-keeping periods have expired.
- We take measures to ensure data is kept safe and prevent loss of, damage to, or unauthorized destruction of personal information, and unlawful access to or processing of personal information.
Growmatter (Pty) Ltd collects information directly from you where you provide us with your details. In addition to the aforementioned, we shall, subject to your consent, or to execute our service agreement with you, obtain further information required from third parties and other sources where necessary. Growmatter (Pty) Ltd does not collect and process special personal information unless it is a requirement by law to process such information as part of our service delivery, in which case we shall obtain consent from you before collection thereof. We do not knowingly collect personal information from children (under 18 years of age) without the permission of their parent/s or guardian.
Growmatter (Pty) Ltd and its employees may disclose personal information: to other services providers involved in the rendering of services or the provision of products to the clients; to services providers, it is in engaged with such as accountants, compliance officers, administration etc.; if Growmatter (Pty) Ltd has a duty or a right to disclose same in terms of law or certain industry codes; or if it is necessary to protect Growmatter (Pty) Ltd’s legal rights and interests. We undertake to review and update our security measures in accordance with future legislation and technological advances. Access to client data from within our organisation is limited to essential staff or specialist contractors that are required to access our systems for client service or maintenance purposes, who are bound by the requirements of the legislation and are required to maintain safety and security measures. Growmatter (Pty) Ltd will not transfer personal information to a third party in a foreign country without ensuring that it complies with the provisions of POPI.
5. REQUEST TO ACCESS PERSONAL INFORMATION PROCEDURE
In terms of POPI, data subjects have the right to:
- Request what personal information the organisation holds about them and why.
- Request access to their personal information.
- Be informed on how to keep their personal information up to date.
Access to information requests can be made by email, addressed to the Information Officer. The Information Officer will provide the data subject with a “Personal Information Request Form”.
Once the completed form has been received, the Information Officer will verify the identity of the data subject before handing over any personal information. All requests will be processed and considered against the organisation’s PAIA Policy.
The Information Officer will process all requests within a reasonable time.
6. POPI COMPLAINTS AND OBJECTIONS PROCEDURE
A client has a right to object to the use of personal information, however in certain instances failure to provide us with personal information may result in the inability to deliver said services or products to you, or you shall receive limited services.
Data subjects have the right to complain in instances where any of their rights under POPIA have been infringed upon. The organisation takes all complaints very seriously and will address all POPI related complaints in accordance with the following procedure:
- POPI complaints must be submitted to the organisation in writing. Where so required, the Information Officer will provide the data subject with a “POPI Complaint Form”.
- The Information Officer will provide the complainant with a written acknowledgement of receipt of the complaint.
- The Information Officer will carefully consider the complaint and amicably address the complainant’s concerns. In considering the complaint, the Information Officer will endeavour to resolve the complaint in a fair manner and in accordance with the principles outlined in POPIA.
- Where the data subject is not satisfied with the Information Officer’s suggested remedies, the data subject has the right to complain to the Information Regulator.
The Information Regulator’s contact details are as follows:
Complaints email: complaints.IR@justice.gov.za
General enquiries email: firstname.lastname@example.org
Found something interesting?
LET US KNOW We are here to help!