Protecting You & Our Estate
Protection of Personal Information Act, 2013
Some of the key terms that we use in this policy are defined below:
“Estate” means Seaward Estates;
“we”, “us” or “our” means SEMHOA;
“personal information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:
information relating to the race, gender, sex, pregnancy, marital status, national, ethnic, or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
information relating to the education or the medical, financial, criminal or employment history of the person;
any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier, or other particular assignment to the person;
- the biometric information of the person;
- the personal opinions, views or preferences of the person;
- correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
- the views or opinions of another individual about the person; and
- the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person;
“POPIA” means the Protection of Personal Information Act 4 of 2013, as amended from time to time;
“processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including:
- the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
- dissemination by means of transmission, distribution or making available in any other form; or
- merging, linking, as well as restriction, degradation, erasure, or destruction of information.
1 PURPOSE OF THIS POLICY
1.1 Protecting your privacy is especially important to us.
1.2 Seaward Master Homeowners Association (SEMHOA) is committed to complying with the Protection of Personal Information Act 4 of 2013 in relation to the processing of your personal information.
1.3 The purpose of this policy is to describe how and why we collect, store, use, share or otherwise process your personal information. It also explains your rights in relation to your personal information and how to contact us if you have a question or complaint.
1.4 Please note that we may update this policy from time to time. The latest version of this policy is available on request.
2 THE PERSONAL INFORMATION WE MAY COLLECT
2.1 We may collect and process the following personal information about you:
- Your name and contact information, including your email address, telephone number, physical address, postal address and other location information, erf number;
- Your date of birth, age, gender, race, nationality, title and language preferences;
- Your identity number, passport number and photograph;
- Your vehicle registration number, vehicle licence and driving licence
- Your biometric information, including but not limited to, if applicable, that information obtained from your fingerprints, hands, facial recognition and/or retinal scanning
- Your verified banking details
- Your employment details
- Correspondence from you of a private or confidential nature
- The personal information listed in section C of the Association’s PAIA Manual; an
- such other personal information as is reasonably required by us to engage with you and/or provide services to you.
3 HOW YOUR PERSONAL INFORMATION IS COLLECTED
3.1 We may collect or obtain personal information about you
- directly from you;
- during the course of our interactions with you;
- when you visit the Estate;
- when you visit and/or interact with our website or any other social media platforms or IT services;
- from publicly available sources; and
- from a third party who is authorised to share that information;
- via a mobile or other software app developed for the Estate.
4 HOW AND WHY, WE PROCESS YOUR PERSONAL INFORMATION
4.1 The personal information we may collect and why and how we use it depends on our relationship with you.
4.2 POPIA requires that personal information “is collected for a specific, explicitly defined and lawful purpose related to a function or activity of the responsible party.”
4.3 Further, POPIA provides that personal information may only be processed if:
- the data subject or a competent person where the data subject is a child consents to the processing;
- processing is necessary to carry out actions for the conclusion or performance of a contract to which the data subject is party;
- processing complies with an obligation imposed by law on the responsible party;
- processing protects a legitimate interest of the data subject;
- processing is necessary for the proper performance of a public law duty by a public body; or
- processing is necessary for pursuing the legitimate interests of the responsible party or of a third party to whom the information is supplied.
4.4 The table at Annexure A hereto sets out a list of the types of information we collect and explains why we collect and use it.
4.5 We may collect other personal information from time to time where you provide it to us, as necessary for our business requirements, or in order to comply with applicable laws.
4.6 Where it is lawful and practicable for us to allow it, you have the right not to identify yourself when dealing with us. However, if you don’t provide us with your personal information, it may impact our ability to engage with you and/or provide services to you.
5 WHO WE SHARE YOUR PERSONAL INFORMATION WITH
5.1 Depending on the circumstances, we may disclose your personal information to the following categories of persons:
- Auditors, legal and other professional advisers and consultants of the Estate or other third parties who help us deliver our services, including the Estate’s managing agents and all committees of the Association;
- Information Technology and other service providers who help us run the Estate or otherwise manage or store the personal information;
- Government and law enforcement authorities;
- Financial institutions;
- Other third parties where disclosure is required by law or otherwise required for us to perform our obligations and provide our services; and
- To any other person with your consent to the disclosure.
5.2 We take reasonable steps to protect the confidentiality and security of your personal information when it is disclosed to a third party and seek to ensure the third-party deals with your information in accordance with our instructions, applicable privacy laws, and only for the purpose for which it is disclosed.
6 DATA SECURITY
6.1 We may hold your personal information in electronic or in hard copy form. We may keep this information at our own premises, or at sites managed by our services providers.
6.2 We are committed to keeping your personal information safe.
6.3 We use a range of physical, electronic, and procedural safeguards to do this. We update these safeguards from time to time in order to address new and emerging security threats. We also train our people on privacy matters as appropriate and seek to limit access to personal information to those of our people who need to know that information.
6.4 We implement appropriate security measures to protect your personal information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.
6.5 Where there are reasonable grounds to believe that your personal information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the relevant regulator and you, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs us that notifying you will impede a criminal investigation.
7 HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT
7.1 We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service) or to comply with applicable legal, tax or accounting requirements.
7.2 We shall only retain and store your personal information for the period for which the information is required to serve the purpose for its collection, or a legitimate interest or the period required to comply with applicable legal requirements, whichever is longer.
8 INTERNATIONAL TRANSFER OF PERSONAL INFORMATION
8.1 In some cases, the third parties to whom we may disclose your personal information may be located outside your country of residence (for example, in a cloud service, system or server), and may be subject to different privacy regimes.
8.2 When we disclose personal information overseas, we will take appropriate safeguards to protect your personal information to ensure that the recipient will handle the information in a manner consistent with this policy and the level of protection provided for in POPIA.
9 YOUR RIGHTS
9.1 You have the right to:
- ask what personal information we hold about you;
- request access to the personal information that we hold about you;
- ask us to update, correct or delete any out-of-date or incorrect personal information we hold about you;
- unsubscribe from any direct marketing communications we may send you; or
- object to the processing of your personal information.
9.2 If you wish to exercise any of these rights or you have any queries regarding the personal information that we hold about you, you can contact us at the details provided below.
9.3 To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity.
9.4 If you want us to delete all personal information, we have about you, we may need to terminate the agreements we have with you. We can refuse to delete your information if we are required by law to retain it or if we need it to protect our rights.
10 HOW TO CONTACT US
10.1 If you have a question, concern, or complaint regarding the way in which we handle your personal information, or if you believe that we have failed to comply with this policy or breached any applicable laws in relation to the management of that information, you can make a complaint.
10.2 Any question, concern or complaint should be made in writing to: firstname.lastname@example.org
10.3 If you wish to make a request to access your personal information in terms of Section 23 of POPIA, please follow the procedure described in Section C (2) of the Association’s PAIA Manual which is available from the Estate Offices or at our website.
11.1 This Policy was published on [12 March 2021] and last updated on [12 March 2021].
11.2 We may change this privacy notice from time to time—when we do, we will inform you via email and a Seaward Estates phone App notification for informing the data subject of changes to the notice.
|Information Type||Reasons why we may use this information|
|Table Identification information: such as your name, photograph, passport, national identification, biometric information, gender, date of birth, vehicle registration number, vehicle license and driving license, information regarding your employer.||To verify your identity to, inter alia, enable you to enter the Estate, to provide services to you, undertake adequate security and monitoring measures, comply with our legal and contractual obligations, and otherwise for our legitimate interests or those of a third party. Contact information: such as, email address; telephone number; physical address; erf number|
|Contact information: such as, email address; telephone number; physical address; erf number||To contact you with information relevant to you as a resident / supplier of the Estate and/or its residents; to keep you informed about our activities and updates, to respond to any queries and requests, to manage and resolve any commercial or legal complaints or issues, to carry out planning and forecasting activities, to comply with our legal and contractual obligations, and otherwise for our legitimate interests or those of a third party.|
|Contact and payment information and other information of suppliers / contractors / service providers: such as, name; email; telephone number; address, payment and bank details||To enable us to procure products and services from you, to keep you informed about our activities and updates, to respond to any queries and requests, to carry out market analysis and research, to carry out planning and forecasting activities, for other internal business processes, to comply with our legal and contractual obligations, and otherwise for our legitimate interests or those of a third party.|
|Contact and other information of our directors, trustees, staff (past / present) / prospective employees: contact details, employment history, references, vetting information, financial information including banking details, IT information and other information relating to employment (e.g.: leave; appraisals etc.)||To enable you to carry out your role / duties, to carry out our contract with you, monitor your performance and compliance with our policies / standards / procedures, provide you with training and benefits and provide remuneration, to comply with our legal and contractual obligations, and otherwise for our legitimate interests or those of a third party|
|Information obtained during your visit: such as, CCTV images; car registration information; access records and registration details.||To allow you access to our Estate in line with our security policies and procedures and to manage and resolve any legal or commercial complaints or issues, including security practices.|