Privacy Notice
This POPIA Act Policy and PAIA Manual describes the manner in which the company will meet its legal obligations and requirements concerning confidentiality, information security standards and access to information. The requirements within this policy are based upon the Protection of Personal Information Act, No 4 of 2013 and the Promotion of Access to Information Act, No 2 of 2000.
Application
The company needs personal information relating to both individual and juristic persons in order to carry out its business and organisational functions. The manner in which this information is processed and the purpose for which it is processed is determined by this manual. The company is, accordingly, the “responsible party” as defined in the POPIA and the company herewith further ensures that:
2.1 the data is processed lawfully, fairly and transparently;
2.2 the data is processed for the purpose for which it is collected;
2.3 the data will not be processed for a secondary purpose unless that processing is compatible with the original purpose;
2.4 the data is adequate, relevant and not excessive for the purpose for which it is collected;
2.5 the data is accurate and kept up to date;
2.6 the data will not be kept for longer than is necessary;
2.7 the data is processed in accordance with integrity and confidentiality principles, including physical and organisational measures to ensure that the personal information is both in physical and electronic form and are subject to appropriate levels and are subject to appropriate levels of security when stored, used and communicated by the company;
2.8 is processed in accordance with the rights of the customers, where applicable;
2.9 the customers have the right to be:
notified that their personal information has been collected;
notified that the data has been breached;
know whether the company holds personal information about them and to access that information;
request the correction or deletion of information which may be out of date, incomplete, misleading or unlawfully obtained;
object to the company’s use of their personal information;
object to the processing of personal information for purposes of direct marketing;
complain to the Information Regulator regarding infringements of any right protected under the POPIA Act and institute civil proceedings regarding the non-compliance with the protection of their personal information.
PURPOSE OF PROCESSING OF PERSONAL INFORMATION
Our customer’s personal information may only be processed for specific purposes as set out herein.
Consumers
Operate and manage consumers’ accounts and manage any application, agreement or correspondence consumers may have with the company.
Communicating (including direct marketing) with consumers by email, SMS, letter, telephone or any other way in which the company wishes to inform clients of their products and services.
Make or assist in making any credit decisions about consumers.
Performing duties in terms of any agreement with consumers.
To form a view of consumers as individuals and to identify, develop or improve product that may be of interest to consumers.
Carry out market research, business and statistical analysis.
Recovering any debt consumers may owe to the company complying with the company’s regulatory and other obligations, performing any administrative and operational purposes including the testing of systems.
Any other reasonably required purpose relating to the company’s business.
Employees
Contact details
Employment history
References
Vetting information
Financial information including banking details
IT information
General matters relating to employees; pension and medical aid
Any other reasonably required purpose relating to the employment or possible employment relationship
Suppliers
Verifying information and performing checks
Purposes related to the agreement or business relationship or possible agreement or business relationship between the parties.
Payment of invoices
Complying with the company’s regulatory and other obligations.
Any other reasonably required purpose relating to the company’s business.
CATEGORIES OF CUSTOMERS (DATA SUBJECTS AND PERSONAL INFORMATION)
Employees
Name & contact details
Identity documents, including passports, employment history and references
Banking and financial details
Details of payment to third parties (deductions from salary)
Employment contracts, employment equity plans
Medical Aid Records
Pension Fund Records
Remuneration Salary Records
Performance Appraisals
Disciplinary Records
Leave Records
Training Records
CONSUMERS OR PROSPECTIVE CONSUMERS
Postal and/or street address
Title and name
Contact numbers and email addresses
Ethnic group
Emp history
Age
Gender
Marital status
Nationality
Language
Financial information
Identity or passport number
Suppliers
Name and contact details
Identity and/or company information and directors’ information
Banking and financial information
Information about their products or services
Other information not specified and reasonably required to be processed for the company’s business operations.
RECIPIENTS OF PERSONAL INFORMATION
The company herewith confirms that personal information will be shared as follows:
any firm, organisation or person that the company uses to collect payments and recover debts or to provide a service on its behalf;
any firm, organisation or person that provides the company with products or services;
any payment system the company uses;
regulatory governmental authorities or ombudsmen, or other authorities, including taxes authorities, where the company has a duty to share information;
third parties to whom payments are made on behalf of employees;
financial institutions from whom payments are received on behalf of customers;
any other operator not specified; and
employees, contractors and temporary staff and agents.
CROSS BORDER TRANSFER OF PERSONAL INFORMATION
Personal information may be transmitted transborder to the company’s suppliers in other countries, and personal information may be stored in data services hosted outside South Africa, which may not have adequate data protection laws.
The company will endeavour to ensure that its dealers and suppliers have adequate protection of personal information and that the consent of the clients or customers are obtained at all times except where it is for the benefit of the customer and there is no reasonable possibility to obtain such consent.
CROSS BORDER FLOW OF PERSONAL INFORMATION
The POPIA Act provides that personal information may only be transferred out of the Republic of South Africa if:
the recipient country can offer such data and adequate level of protection, i.e. its data privacy laws must be substantially similar to that contained within the POPIA Act; or
the consumer consents to the transfer of their personal data; or
the transfer is necessary for the performance of a contractual obligation between the customers and the company; or
the transfer is necessary for the performance of a contractual obligation between the company and a third party, in the interest of the client or customer; or
the transfer is for the benefit of the customer and it is not reasonably possible to obtain consent from the customer who would in all likelihood provide such consent;
the company may retain personal information collected from their customers for the period in which there is an ongoing legitimate business to maintain such personal information or to comply with applicable, legal, tax or accounting requirements.
SECURITY SAFEGUARDS
The POPIA Act provides that personal information may only be transferred out of the Republic of South Africa if:
The company shall ensure the integrity and confidentiality of all personal information in its possession by taking responsible steps to identify all reasonably foreseeable risks to information security and to establish and maintain appropriate safeguards against such risks.
The company uses a range of physical, electronic and procedural safeguards to do so. The company updates these safeguards from time to time in order to address new and emerging security threats.
The company trains people on privacy matters as appropriate and seeks to limit access to personal information to those employees who need to know that information.
The company implements appropriate security measures to protect all personal information that is in the company’s possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access.
Where there are reasonable grounds to believe that personal information in the company’s possession has been accessed or required by any unauthorised person, the company will notify the relevant regulator and the customer, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs the company that notifying the customer would impede a criminal investigation.
OBJECTION TO THE PROCESSING OF PERSONAL INFORMATION
The POPIA Act provides that personal information may only be transferred out of the Republic of South Africa if:
enquire what personal information the company has on record;
request access to the personal information that is held by the company;
ask the company to update, correct or delete any out of date or incorrect personal information on record;
unsubscribe from any direct marketing communications that may be sent to the customers;
object to the processing of any personal information in the company’s possession;
the prescribed form attached to this manual annexed as annexure “X” may be submitted to the company at any time for correction or deletion of customers’ personal information on the company’s system.
DIRECT MARKETING
All direct marketing communication shall contain the company and/or the company’s details and an address or method for the customer to opt out of receiving further marketing communication.
Direct marketing – Direct marketing by electronic means to existing customers is only permitted if the customer’s details were obtained in the context of a sale and service and for the purpose of marketing the same or similar product. The customer must be given the opportunity to opt out of receiving direct marketing on each occasion of their direct marketing;
Consent – the company may send electronic direct marketing communication to the customers who have consented to receiving it. The company may only approach the customer for consent once;
Record keeping – the company shall keep records of dates of consent, wording of the consent, who obtained the consent, proof of opportunity to opt out on each marketing contact and record of opt-outs.
DESTRUCTION OF DOCUMENTS
The documents may be destroyed. Personal information documents may be destroyed after the termination of the retention periods specified herein or as determined by the company from time to time.
Each Department is responsible for attending to the destruction of its documents and electronic records, which must be done on a regular basis.
Files must be checked in order to make sure that they may be destroyed and also to ascertain if there are important original documents in the file.
Original documents must be returned to the holder thereof, failing which, they should be retained by the company pending such return.
Deletion of electronic records must be done in consultation with the ID Department to ensure that the deletion information is incapable of being reconstructed and/or removed.
STATUTORY RETENTION PERIODS
Legislation: Companies Act
Document Types – Period: 7 Years
Any documents, accounts, books, writing, records or other info that a company is required to keep in terms of the Act;
Notice and minutes of all shareholders meeting, including resolutions adopted and documents made available to holders of securities;
Copies of reports presented at the annual general meeting of the company;
Copies of annual financial statements required by the Act;
Record of directors and past directors, after the director has retired from the company;
Written comms to holders of securities and minutes and resolutions of directors’ meetings, audit committee and directors’ committees.
Document Types – Period: Indefinitely
Registration certificate;
Memorandum of Incorporation and alterations and amendments;
Rules;
Securities register and uncertified securities register
Register of company secretary and auditors and
Regulated companies (companies to which chapter 5, part B, C and Takeover Regulations apply) – Register of disclosure of person who holds beneficial interest equal to or in excess of 5% of the securities of that class issued
Consumer Protection Act
Documents Types – Period: 3 Years
Full names, physical address, postal address and contact details;
ID number and registration number;
Contact details of public officer in case of a justice person;
Service rendered;
Cost to be recovered from the consumer;
Frequency of accounting to the consumer;
Amounts, sums, values, charges, fees, remuneration specified in monetary terms;
Conducting a promotional competition refer to Section 36(11)(b) and Regulation 11 of Promotional Competitions.
Financial Intelligence Centre Act
Document Types – Period: 5 Years
Whenever a reportable transaction is concluded with a customer, the institution must keep record of the identity of the customer;
If the customer is acting on behalf of another person, the identity of the person on whose behalf the customer is acting and the customer’s authority to act on behalf of that other person
If another person is acting on behalf of the customer, the identity of that person and that other person’s authority to act on behalf of the customer;
The manner in which the identity of the persons referred to above was established;
The nature of that business relationship or transaction;
In the case of a transaction, the amount involved and the parties to that transaction;
All accounts that are involved in the transactions concluded by that accountable institution in the course of that business relationship and that single transaction;
The name of the person who obtained the identity of that person transaction on behalf of the accountable institution;
Any document or copy of a document obtained by the accountable institution.
Compensation for Occupational Injuries and Diseases Act
Document Types – Period: 4 Years
Register, record or reproduction of the earnings, time worked, payment for piece work and overtime and other prescribed particulars of all the employees
Document Types – Period: 3 Years
Section 20(2) documents
Health and safety committee recommendations made to an employer in terms of issues affecting the health of employees and of any report made to an inspector in terms of the recommendation;
Records of incidents reported at work.
Document Types – Period: 40 Years
Asbestos Regulations 2001, Regulation 16(1):
Records of assessment and air monitoring, and the asbestos inventory;
Medical surveillance records
Hazardous Biological agents Regulations 2001, Regulations 9(1) and (2):
Records of risk assessments and air monitoring;
Medical surveillance records
Lead Regulations 2001, Regulation 10:
Records of assessments and air monitoring;
Medical surveillance records
Noise-induced Hearing Loss Regulations 2003, Regulation 11:
All records of assessment and noise monitoring
All medical surveillance records, including the baseline audiogram of every employee
Document Types – Period: 30 Years
Hazardous Chemical Substance Regulations 1995 Regulation 9:
Records of assessments and air monitoring;
Medical surveillance records
Basic Conditions of Employment Act
Document Types – Period: 3 Years
Section 29(4):
Written particulars of an employee after termination of employment;
Section 31:
-Employee’s name and occupation
Time worked by each employee;
Remuneration paid to each employee;
Date of birth of any employee under the age of 18 years
Employment Equity Act
Document Types – Period: 3 Years
Records in respect of the company’s workforce, employment equity plan and other records relevant to compliance with the Act;
Section 21 report which is sent to the Director General
Labour Relations Act
Document Types – Period: 3 Years
Records to be retained by the employer are the collective agreements and arbitration awards.
Document Types – Period: Indefinite
An employee must retain prescribed details of any strike, lock-out or protest action involving its employees.
Unemployment Insurance Act
Document Types – Period: 5 Years
Employers must retain personal records of each of their current employees in terms of their names, identification number, monthly remuneration and address where the employee is employed
Tax Administration Act
Document Types – Period 5 Years
Section 29 documents which:
Enable a person to observe the requirements of the Act;
Are specifically required under a Tax Act by the Commissioner by the public notice;
Will enable SARS to be satisfied that the person has observed these requirements.
Income Tax Act
Document Types – Period: 5 Years
Amount of remuneration paid or due by him to the employee;
The amount of employee’s tax deducted or withheld from the remuneration paid or due;
The income tax reference number of that employee
Any further prescribed information;
Employer Reconciliation return.
Value Added Tax Act
Document Types – Period: 5 Years
Where a vendor’s basis of accounting is changed, the vendor shall prepare lists of debtors and creditors showing the amounts owing to the creditors at the end of the tax period immediately preceding the changeover period;
Importation of goods, bill of entry, other documents prescribed by the Custom and Excise Act and proof that the VAT charge has been paid to SARS;
Vendors are obliged to retain records of all goods and services, rate of tax applicable to the supply, list of suppliers or agents, invoices and tax invoices, credit and debit notes, bank statements, deposit slips, stock lists and paid cheques;
Documentary proof substantiating the zero rating of supplies;
Where a tax invoice, credit or debit note, has been issued in relation to a supply by an agent or a bill of entry as descried in the Customs and Excise Act, the agent shall maintain sufficient records to enable the name, address and VAT registration number of the principal to be ascertained.
THE PROMOTION TO ACCESS OF INFORMATION MANUAL
INTRODUCTION
The PAIA or the Promotion of Access to Information Act gives third parties the right to approach private bodies and the government to request information held by them, which is required in the exercise and/or the protection of any rights.
On request, the private body or government is obliged to release such information unless the Act expressly states that the records containing such information may or must not be released. This manual conforms requesters of procedural and other requirements which request must be met as prescribed by the Act.
1. NATURE OF THE BUSINESS
The company is educational
CONTACT DETAILS
Name of the company: Physical IQ Sports Academy (Pty) Ltd
Managing Director / CEO: Ashleigh Donovan Hall
Information Officer: Wayne Minnie
Physical Address: Suite 310, Medstone Medical Centre, Umhlanga, Kwazulu-Natal, South Africa.
Postal Address: Suite 310, Medstone Medical Centre, Umhlanga, Kwazulu-Natal, South Africa.
Telephone number: 031 630 0747
Email address: education@physicaliq.com
2. GUIDE TO THE SOUTH AFRICAN HUMAN RIGHTS COMMISSION
A guide to the Act, (as contemplated under section 10 of the PAIA Act) is available from the South African Human Rights Commission. This guide contained such information as may be reasonably required by a person who wishes to exercises any right contemplated in the Act. Any enquiries regarding this guide and its content should be directed to:
The South African Human Rights Commission;
PAIA Unit (the Research and Documentation Department)
Postal Address: Private Bag X2700, Houghton, 2041
Telephone: +27-114 848 300
Fax number: +27-114 847 146
Website: www.saharc.org.za
Email: PAIA@sahrc.org.za
3. ACCESS TO RECORDS HELD BY THE COMPANY
Records held by the company may be accessed on request only once the requirements for access have been met. A requestor is any person making a request for access to a record of the company and in this regard, the Act distinguishes between two types of requestors:
A) Personal requestor A personal requestor is a requestor who is seeking access to a record containing personal information about the requestor. Subject to the provisions of the Act and applicable law, the company will provide the requested information, or give access to any records with regards to the requestors personal information. The prescribed fee for reproduction of the information requested will be charged by the company.
B) Other requestor A requestor must comply with all the procedural requirements contained in the Act relating to a request for access to records. A requestor must complete the prescribed form enclosed herewith marked annexure “A” and submit same as well as payment of a request fee and a deposit, if applicable to the Information Officer at the postal or physical address, fax number or electronic mail address stated herein. The prescribed form must be filled in with enough particularity to at least enable the Information Officer to identify:
the record or records requested;
the identity of the requestor;
what form of access is required; and
the postal address, fax number or email of the requestor.
A requestor may state that he/she requires the information in order to exercise or protect a right, and clearly state what the nature of the right is to be exercised or protected. The requestor must also provide an explanation of why the requested record is required for the exercise or protection of that right.
The company will process a request within 30 days, unless the requestor has stated special reasons which would satisfy the Information Officer that circumstances dictate that this time period not be complied with.
The requestor shall be informed in writing whether access has been granted or denied. If in addition the requestor requires the reasons for the decision in any other manner, he or she must state the manner and the particulars so required. If a request is made on behalf of another person, the requestor must then submit proof of the capacity in which the requestor is making request to the satisfaction to this Information Officer.
If an individual is unable to complete the prescribed form because of illiteracy or disability, such a person may make the request orally to the Information Officer.
5.DECISION
The company will within 30 days of receipt of a request, decide whether to grant or decline a request and give notice with reasons (if required) to that effect.
The 30-day period within which the company has to decide whether to grant or refuse the request, may be extended for a further period of not more than 30 days if the request is for a large quantity of information, or the request requires a search for information held at another office of the company (other than the head office) and the information cannot reasonably be obtained within the 30-day period.
The Information Officer will notify the requestor in writing should an extension be necessary.
6. FEES
The Act provides for two types of fees, the request fee, which will be a standard fee and an access fee, which must be calculated by taking into account reproduction costs, search and preparation time and costs, as well as postal costs where applicable.
When a request is received by the Information Officer of the company, the Information Officer shall by notice require the requestor, other than a personal requestor, to pay the prescribed request fee before further processing of the request.
If a search for the record is necessary and the preparation of the record for disclosure, including arrangements to make it available in the requested form, requires more than the hours prescribed in the regulation for this purpose, the Information Officer shall notify the requestor to pay as a deposit the prescribed portion of the access fee which would be payable if the request is granted.
The Information Officer shall withhold a record until the requestor has paid the fee or fees as indicated. A requestor whose request for access to a record has been granted, must pay an access fee for reproduction and for search and preparation, and for any time reasonably required in excess of the prescribed hours to search for and prepare the record for disclosure, including making arrangements to make it available in the requested form.
If a deposit has been paid in respect of a request for access, which is refused, then the Information Officer shall repay the deposit to the requestor.
7. CATEGORIES OF RECORDS HELD BY THE COMPANY:
Companies Act Records
All trust deeds;
Documents of Incorporation;
Index of names of Directors;
Memorandum of Incorporation;
Minutes of meetings of the Board of Directors;
Minutes of meetings of Shareholders;
Proxy forms;
Register of debenture-holders
Register of directors’ shareholdings;
Share certificates;
Share Register and other statutory registers and/or records and/or documents;
Special resolutions / resolutions passed at General and Class meetings;
Records relating to the appointment of:
Auditors
Directors;
Prescribed Officer
Public Officer
Secretary
Financial Records
Account Records;
Annual Financial Reports;
Annual Financial Statements;
Asset Registers;
Bank Statements;
Banking details and bank accounts;
Banking Records;
Debtors / Creditors statements and invoices;
General ledgers and subsidiary ledgers;
General reconciliation;
Invoices;
Paid cheques;
Policies and procedures;
Rental agreements; and
Tax Returns
Income Tax Records
PAYE Records;
Documents issued to employees for income tax purposes;
Records of payments made to SARS on behalf of employees;
All other statutory compliances;
VAT;
Regional Services Levies;
Skills Development Levies;
UIF
Workmen’s Compensation
Personnel Documents and Records
Accident books and records;
Address lists;
Disciplinary Code and Records;
Employee benefits arrangements rules and records;
Employment contracts;
Employment Equity Plan;
Forms and applications;
Grievance Procedures;
Leave Records;
Medical Aid Records;
Payroll Reports / Wage Register;
Pension Fund Records;
Safety, Health and Environmental Records;
Salary Records;
SETA Records;
Standard letters and notices
Training Manuals;
Training Records;
Workplace and Union Agreements and Records.
Procurement Department
Standard Terms & Conditions for supply of services and products;
Contractor, client and supplier agreements;
Lists of suppliers, products, services and distribution; and Polices and Procedures.
Sales Department
Customer details
Credit Application information
Information and records provided by a third party
Marketing Department
Advertising and promotional material
Risk Management and Audit
Audit reports;
Risk management frameworks; and
Risk management plans.
Safety, Health and Environment
Complete Safety, Health and Environment Risk Assessment;
Environmental Management Plans;
Inquiries, inspections, examinations by environmental authorities.
IT Department
CSR schedule of projects / record or organisations that receive funding;
Reports, books, publications and general information related to CSR spend;
records and contracts of agreement with funded organisations.
Corporate Social Responsibility (CSR)
Document Types – Period: 5 Years
Where a vendor’s basis of accounting is changed, the vendor shall prepare lists of debtors and creditors showing the amounts owing to the creditors at the end of the tax period immediately preceding the changeover period;
Importation of goods, bill of entry, other documents prescribed by the Custom and Excise Act and proof that the VAT charge has been paid to SARS;
Vendors are obliged to retain records of all goods and services, rate of tax applicable to the supply, list of suppliers or agents, invoices and tax invoices, credit and debit notes, bank statements, deposit slips, stock lists and paid cheques;
Documentary proof substantiating the zero rating of supplies;
Where a tax invoice, credit or debit note, has been issued in relation to a supply by an agent or a bill of entry as descried in the Customs and Excise Act, the agent shall maintain sufficient records to enable the name, address and VAT registration number of the principal to be ascertained.
8. RECORDS AVAILABLE WITHOUT A REQUEST TO ACCESS IN TERMS OF THE ACT
Records of a public nature, typically those disclosed on the company’s website and in its various annual reports, may be accessed without the need to submit a formal application. Other non-confidential records, such as statutory records maintained at CIPC, may also be accessed without the need to submit a formal application, however, please note that an appointment interview such records will still have to be made with the Information Officer.
9. REFUSAL OF ACCESS TO RECORDS
A private body such as the company is entitled to refuse a request for information if the information relates to the following: The main grounds to refuse request:
a) mandatory protection of the privacy of a third party who is a natural person or a deceased person or a juristic person, as included in the Protection of Personal Information Act 4 of 2013, which would involve unreasonable disclosure of personal information of that natural or juristic person;
b) mandatory protection of personal information and/or for disclosure of any information in addition to any other legislative regulatory or contractual agreements in compliance with the provisions of the POPIA Act;
c) mandatory protection of the commercial information of a third party if the record contains:
i. trade secrets of the first party;
ii. financial, commercial, scientific or technical information which disclosure could likely cause harm to the financial or commercial interests of that party;
iii. information disclosed in confidence by a third party to the company if the disclosure could put that third party at its advantage in negotiations or commercial competition.
d) mandatory protection of confidential information of third parties if it is protected in terms of any agreement;
e) mandatory protection of the safety of individuals and the protection of property;
f) mandatory protection of records which would be regarded as privileged in legal proceedings.
The commercial activities of a private body such as the company, which may include:
a) trade secrets of the company;
b) financial, commercial, scientific or technical information which disclosure could likely cause harm to the financial or commercial interests of the company;
c) information which, if disclosed, could put the company at a disadvantage in negotiations or commercial competition;
d) a computer program which is owned by the company and which is protected by copyright;
e) the research information of the company or a third party if its disclosure would disclose the identity of the company, the researcher or the subject matter of the research and would place the research at a serious disadvantage;
f) request for information that are clearly frivolous or vexatious, or which involve an unreasonable diversion of resources shall be refused;
g) all requests for information will be assessed on their own merits and in accordance with the applicable legal principles and legislation;
h) if a request record cannot be found or if the record does not exist, the Information Officer shall, by way of affidavit, notify the requestor that it is not possible to give access to the requested record.
10. REMEDIES AVAILABLE WHEN THE COMPANY REFUSES A REQUEST
1. Internal remedies: The company does not have internal appeal procedures. The decision made by the Information Officer is final. Requestors will have to exercise such external remedies as at their disposal if the request for information is refused and the requestor is not satisfied by the answer supplied by the Information Officer.
2. External remedies:
a) a requester that is dissatisfied with the Information Officer’s refusal to disclose information may, within 30 days of notification of the decision, apply to a court for relief;
b) a third party dissatisfied with the Information Officer’s decision to grant a request for information may, within 30 days of notification of the decision, apply to court for relief.
For purposes of the Act, the court that has jurisdiction over these applications are the Constitutional Court, High Court or another court of similar status and a Magistrates Court designated by the Minister of Justice and constitutional development, and which is presided over by a designated Magistrate.
11. LIST OF APPLICABLE LEGISLATION
Records of the company and other legal entities in which the company has a direct controlling interest or indirect controlling interest through its subsidiaries may be kept by or on behalf of the company in accordance with the following legislation:
Basic Conditions of Employment Act 57 of 1997
Broad-based Black Economic Empowerment Act 53 of 2003
Collective Investment Schemes Control Act 45 of 2002
Companies Act 71 of 2008
Compensation for Occupational Injuries and Diseases Act 130 of 1993
Copyright Act 98 of 1978
Currencies and Exchanges Act 9 of 1993
Electronic Communications and Transactions Act 25 of 2002
Employment Equity Act 55 of 1998
Financial Intelligence Centre Act 38 of 2001
Financial Institutions (Protection of Funds) Act 28 of 2001
Financial Services Board Act 97 of 1990
Income Tax Act 58 of 1962
Inspection of Financial Institutions Act 80 of 1998
Labour Relations Act 66 of 1995
Occupational Health and Safety act 85 of 1993
Regulation of Interception of Communications and Provision of Communication-Related Information Act 70 of 2002
Prevention of Organised Crime Act 121 of 1998
Prevention and combating of Corrupt Activities Act 12 of 2004
Promotion of Access to Information Act 2 of 2000
Protected Disclosures Act 26 of 2000
Protection of Constitutional Democracy against Terrorist and Related Activities Act 33 of 2004
Skills Development Act 97 of 1998
Skills Development Levy Act 9 of 1999
Securities Transfer Tax Act 25 of 2007
Securities Transfer Tax Administration Act 26 of 2007
Trade Marks Act 194 of 1993
Trust Property Control Act 57 of 1988
Unemployment Insurance Act 30 of 1966
Unemployment Insurance Contributions Act 4 of 2002
Value Added Tax Act 89 of 1991
WEBSITE PRIVACY NOTICE
Privacy Policy and Notice
This is the privacy statement of the company. In this document, “we” or “us” refers to “Physical IQ Sports Academy Pty Ltd” is a company registered in terms of the Companies Act, 2008 with registration number 2011/010556/07 and whose registered office is at Suite 310, Medstone Medical Centre, Umhlanga, Kwazulu-Natal, South Africa.
This is a statement to tell you our policy about all information that we record about you. It covers both information that could identify you and information that could not.
We are extremely concerned to protect your privacy and confidentiality. We understand that all users of our web site are quite rightly concerned to know that their data will not be used for any purpose unintended by them and will not accidentally fall into the hands of a third party. Our policy is both specific and strict. It complies with the South African law and with the laws of all jurisdictions of which we are aware. If you think our policy falls short of your expectations or that we are failing to abide by our policy, do please tell us.
We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our web site immediately.
Except as set out below, we do not share, or sell, or disclose to a third party, any personally identifiable information collected at this site.
Here is a list of the information we collect from you, either through our web site or because you give it to us in some other way, and why it is necessary to collect it:
1. Business and personal information
This includes basic identification and contact information, such as your name and contact details and also includes all information given to us in the course of your business and ours, such as information you give us in your capacity as our client. We undertake to preserve the confidentiality of the information and of the terms of our relationship. It is not used for any other purpose. We expect you to reciprocate this policy. This information is used:
1.1. to provide you with the services which you request;
1.2. for verifying your identity for security purposes;
1.3. for marketing our services and products;
1.4. information which does not identify any individual may be used in a general way by us or third parties, to provide class information, for example relating to demographics or usage of a particular page or service.
We keep information, which forms part of our business record for a minimum of six years. That is because we may need it in some way to support a claim or defence in court. That is also the period within which our tax collecting authorities may demand to know it.
2. Your domain name and e-mail address
This information is recognised by our servers and the pages that you visit are recorded. We shall not under any circumstances, divulge your e-mail address to any person who is not an employee or contractor of ours and who does not need to know, either generally or specifically. This information is used:
to correspond with you or deal with you as you expect;
in a collective way not referable to any particular individual, for the purpose of quality control and improvement of our site;
to send you news about the services to which you have signed up;
to tell you about other of our services or services of sister web sites.
3. Information you post on our website
Information you send to us by posting to a forum or blog or in your advertisement, is stored on our servers. We do not specifically use that information except to allow it to be read, but you will see in our terms and conditions that we reserve a right to use it in any way we decide.
4. Website usage information
We may use software embedded in our website (such as JavaScript) to collect information about pages you view and how you have reached them, what you do when you visit a page, the length of time you remain on the page, and how we perform in providing content to you. We do not presently associate such information with an identifiable person.
5. Third party advertising
Third parties may advertise on our web site. In doing so, those parties, their agents or other companies working for them may use technology that automatically collects your IP address when they send an advertisement that appears on our site to your browser.
They may also use other technology such as cookies or JavaScript to personalise the content of, and to measure the performance of their adverts. We do not have control over these technologies or the data that these parties obtain. Accordingly, this privacy notice does not cover the information practices of these third parties.
6. Third party content
Our web site is a publishing medium in that anyone may register and then publish information about himself or some other person. We do not moderate or control what is posted. If you complain about any of the content on our web site, we shall investigate your complaint.
If we feel, it may be justified, we shall remove it while we investigate. Free speech is a fundamental right, so we have to make a judgment as to whose right will be obstructed: yours, or that of the person who posted the content which offends you. If we think, your complaint is vexatious or without any basis, we shall not correspond with you about it.
7. Information we obtain from third parties
Although we do not disclose your personal information to any third party (except as set out in this notice), we do receive data which is indirectly made up from your personal information, from software services such as Google Analytics and others. No such information is identifiable to you.
8. Content you provide to us with a view to be used by third party
If you provide information to us with a view to it being read, copied, downloaded or used by other people, we accept no responsibility for what that third party may do with it. It is up to you to satisfy yourself about the privacy level of every person who might see your information. If it is available to all the World, you have no control whatever as to how it is used.
9. Cookies
Cookies are small text files that are placed on your computer’s hard drive through your web browser when you visit any web site. They are widely used to make web sites work, or work more efficiently, as well as to provide information to the owners of the site.
Like all other users of cookies, we may request the return of information from your computer when your browser requests a web page from our server. Cookies enable our web server to identify you to us, and to track your actions and the pages you visit while you use our website.
The cookies we use may last for a single visit to our site (they are deleted from your computer when you close your browser), or may remain on your computer until you delete them or until a defined period of time has passed.
Although your browser software enables you to disable cookies, we recommend that you allow the use of cookies in order to take advantage of the features of our website that rely on their use. If you prevent their use, you will not be able to use all the functionality of our website.
Here are the ways we use cookies:
to record whether you have accepted the use of cookies on our web site. This is solely to comply with the law. If you have chosen not to accept cookies, we will not use cookies for your visit, but unfortunately, our site will not work well for you.
to allow essential parts of our web site to operate for you.
to operate our content management system.
to operate the online notification form – the form that you use to contact us for any reason. This cookie is set on your arrival at our web site and deleted when you close your browser.
to enhance security on our contact form. It is set for use only through the contact form. This cookie is deleted when you close your browser.
to collect information about how visitors use our site. We use the information to improve your experience of our site and enable us to increase sales. This cookie collects information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from, and the pages they visited.
to record that a user has viewed a webcast. It collects information in an anonymous form. This cookie expires when you close your browser.
to record your activity during a web cast. An example is as to whether you have asked a question or provided an opinion by ticking a box. This information is retained so that we can serve your information to you when you return to the site. This cookie will record an anonymous ID for each user, but it will not use the information for any other purpose. This cookie will last for 3 months, when it will delete automatically.
to store your personal information so that you do not have to provide it afresh when you visit the site next time. This cookie will last for 90 days.
to enable you to watch videos we have placed on YouTube. YouTube will not store personally identifiable cookie information when you use YouTube’s privacy-enhanced mode.
10. Sending a message to our support system
When you send a message, we collect the data you have given to us in that message in order to obtain confirmation that you are entitled to receive the information and to provide to you the information you need.
We record your request and our reply in order to increase the efficiency of our business / organisation. We do not keep any personally identifiable information associated with your message, such as your name or email address.
11. Complaining
When we receive a complaint, we record all the information you have given to us. We use that information to resolve your complaint. If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint.
We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and, if we do, what that information is. We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.
12. Re-marketing
We may use re-marketing from time to time. This involves Google or some other supplier placing a tag or marker on your website in order to be able to serve to you an advert for our products / services when you visit some other website.
13. Use of site by children
Certain areas of our website are designed for use by children over 18 years of age. We collect data about all users of and visitors to these areas regardless of age, and we anticipate that some of those users and visitors will be children. Such child users and visitors will inevitably visit other parts of the site and will be subject to whatever on-site marketing they find, wherever they visit.
14. Disclosure to Government and their agencies
We are subject to the law like everyone else. We may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
15. Compliance with the law
This confidentiality policy has been compiled so as to comply with the law of every jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your country, we should like to hear from you, but ultimately it is your choice as to whether you wish to use our website.
16. Review or update personally identifiable information
At any time you may review or update the personally identifiable information that we hold about you, by contacting us at the address below. To better safeguard your information, we will also take reasonable steps to verify your identity before granting access or making corrections to your information.
17. If you wish us to remove personally identifiable information
from our web site, you may contact us at education@physicaliq.com. To better safeguard your information, we will also take reasonable steps to verify your identity before granting access or making corrections to your information.
18. Data may be “processed” outside South Africa
Our web sites are hosted in South Africa. We also use outsourced services in countries outside South Africa from time to time in other aspects of our business. Accordingly data obtained within South Africa may be “processed” outside South Africa and data obtained in any other country may be processed within or outside that country.