Your privacy is a priority.

1. INTRODUCTION

The right to privacy is an integral human right recognised and protected in the South African Constitution and the Protection of Personal Information Act 4 of 2013 (“POPIA”).

POPIA aims to promote the protection of privacy by providing guiding principles that are intended to be applied to the processing of personal information in a context-sensitive manner.

Through the provision of quality goods and services, the organisation is necessarily involved in the collection, use and disclosure of certain aspects of the personal information of clients, customers, employees and other stakeholders.

A person’s right to privacy entails having control over his or her personal information and being able to conduct his or her affairs relatively free from unwanted intrusions.

2. ACCEPTANCE

You must accept all the terms of this Privacy Statement when engaging with Growmatter (Pty) Ltd. If there is anything in this Privacy Statement that you do not agree with, then you may not engage with us. By accepting this Privacy Statement, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.

3. COMMITMENT TO COMPLIANCE WITH POPI

Given the importance of privacy, Growmatter (Pty) Ltd is committed to effectively managing personal information in accordance with POPIA’s provisions. To meet the requirements of POPI, Growmatter (Pty) Ltd has drafted a POPI Risk Framework which includes:

• Development and implementation of Information processing plan and procedures, including the safeguards of personal information required under POPI
• Development and implementation of a compliance monitoring plan
• Appointment of Information Officer
• Delegation of duties to staff and training on their duties
• Development of disclosures and client POPI engagement processes
• Documentation of relationships with third parties on the sharing of personal information and/or service agreements for the outsourcing of certain POPI obligations

4. INFORMATION OFFICER

Growmatter (Pty) Ltd has appointed  Michelle Taljaardt as its Information Officer. All correspondence to the Information Officer may be submitted via e-mail to michelle@growmatter.co.za

5. PRIVACY STATEMENT

Growmatter (Pty) Ltd is committed to processing personal information in accordance with the below principles when collecting, recording, storing, disseminating, and destroying personal information, and responding to government requests for our users’ data:

1. We shall not contact/solicit you unless you have given us your consent to do so or unless required as part of an existing relationship with you.
2. We shall process your personal information for a specific, lawful reason and only adequate, relevant information which is limited to the purposes for which they are processed and which relates to the functions or the activity of the organisation.
3. If you cancel your services with Growmatter (Pty) Ltd, we will delete or otherwise de-identify your personal information after the minimum storage periods required under our risk and statutory record-keeping periods have expired.
4. We take measures to ensure data is kept safe and prevent loss of, damage to, or unauthorized destruction of personal information, and unlawful access to or processing of personal information.

Growmatter (Pty) Ltd collects information directly from you where you provide us with your details. In addition to the aforementioned, we shall, subject to your consent, or to execute our service agreement with you, obtain further information required from third parties and other sources where necessary. Growmatter (Pty) Ltd does not collect and process special personal information unless it is a requirement by law to process such information as part of our service delivery, in which case we shall obtain consent from you before collection thereof. We do not knowingly collect personal information from children (under 18 years of age) without the permission of their parent/s or guardian. 

Growmatter (Pty) Ltd and its employees may disclose personal information: to other services providers involved in the rendering of services or the provision of products to the clients; to services providers, it is in engaged with such as accountants, compliance officers, administration etc.; if Growmatter (Pty) Ltd has a duty or a right to disclose same in terms of law or certain industry codes; or if it is necessary to protect Growmatter (Pty) Ltd’s legal rights and interests. We undertake to review and update our security measures in accordance with future legislation and technological advances. Access to client data from within our organisation is limited to essential staff or specialist contractors that are required to access our systems for client service or maintenance purposes, who are bound by the requirements of the legislation and are required to maintain safety and security measures. Growmatter (Pty) Ltd may transfer personal information to a third party in a foreign country provided they comply with the provisions of the General Data Protection Regulation (GDPR). The GDPR is the EU-wide privacy and data protection that regulates how data is protected. Where personal information is transferred and processed outside of the EEA, the safeguards that we will use to protect your personal information include contractual protections imposed on the recipients of your personal information to maintain South African and EEA standards of data protection.

 6. REQUEST TO ACCESS PERSONAL INFORMATION PROCEDURE

 In terms of POPI, data subjects have the right to:

• Request what personal information the organisation holds about them and why.
• Request access to their personal information.
• Be informed on how to keep their personal information up to date.

Access to information requests can be made by email, addressed to the Information Officer. The Information Officer will provide the data subject with a “Personal Information Request Form”.

Once the completed form has been received, the Information Officer will verify the identity of the data subject before handing over any personal information. All requests will be processed and considered against the organisation’s PAIA Policy.

The Information Officer will process all requests within a reasonable time.

7. POPI COMPLAINTS AND OBJECTIONS PROCEDURE

 A client has a right to object to the use of personal information, however in certain instances failure to provide us with personal information may result in the inability to deliver said services or products to you, or you shall receive limited services.

Data subjects have the right to complain in instances where any of their rights under POPIA have been infringed upon. The organisation takes all complaints very seriously and will address all POPI related complaints in accordance with the following procedure:

• POPI complaints must be submitted to the organisation in writing. Where so required, the Information Officer will provide the data subject with a “POPI Complaint Form”.
• The Information Officer will provide the complainant with a written acknowledgement of receipt of the complaint.
• The Information Officer will carefully consider the complaint and amicably address the complainant’s concerns. In considering the complaint, the Information Officer will endeavour to resolve the complaint in a fair manner and in accordance with the principles outlined in POPIA.
• Where the data subject is not satisfied with the Information Officer’s suggested remedies, the data subject has the right to complain to the Information Regulator.

The Information Regulator’s contact details are as follows:

Complaints email: complaints.IR@justice.gov.za

General enquiries email: inforeg@justice.gov.za