This policy explains how we obtain, process and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act 4 of 2013 (“the Act”). Importantly, processing also includes legal use of your personal information as per the definitions provided in the Act.
At Caterwize (Pty) Ltd we are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently.
Caterwize supplies and maintains industrial catering equipment to clients across the globe.
You may be either a client or a service provider to Caterwize. Depending on your role in relation to Caterwize, for purposes of this policy you may either be a data subject, an operator or even another responsible party. Caterwize applies this policy irrespective as if it relates to a data subject.
“Responsible party” – a public or private body or any other person which determines the purpose of and means for processing personal information.
“Operator” – a person who processes information for a responsible party in terms of a contract or mandate, without coming under the direct authority of the responsible party.
“Data subject” – a person to whom personal information relates.
“Processing” – any operation or activity concerning personal information.
“Record” – any recorded information, regardless of when it came into existence.
“Personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person. When we refer to information, we also refer to personal information.
Rationale, collection and accountability
Whereas we are the responsible party collecting and processing information about you, the data subject, we undertake to comply with all conditions for the lawful and reasonable processing of your personal information as these conditions are found in Chapter 3 of the Act.
We collect and process your personal information mainly because you are a data subject to Caterwize. For this purpose, upon receiving your consent we typically collect the following categories of personal information from you:
- Name and surname of the person or the business
- Email address, physical address, telephone number
- Account numbers
We would also like you to know that upon becoming a data subject to Caterwize, we may automatically collect your personal information. We also collect information directly from you where you provide us with your personal details. Where possible, we will inform you what information you are required to provide to us and what information is optional, and for all such information we will seek your consent. For those instances of personal information we do not receive your consent to use, we will consequently make an assessment of whether or how it impacts upon the services and products we have agreed to deliver to you, and where lack of consent materially impacts upon such delivery we will inform you timeously. Where your information becomes available to us in another manner, we will collect it only in accordance with the same consent and in compliance with the Act.
exposure so caused.
How we process your information
We are legally obliged to quality assure your information and to only use it for the purposes specified. Therefore, we will process your personal information only for the purposes for which it was collected and as it was agreed with you. This is in holding with the principle of minimality requiring that processing of personal information be adequate, relevant and not excessive. In addition, where necessary your information may be retained for legal or research purposes.
The following example demonstrate potential use:
- To conclude or perform on a contract to which you are a party;
- To gather contact information;
- For the detection and prevention of fraud, crime, money laundering or other malpractice;
- To conduct market or customer satisfaction research or for statistical analysis;
- For audit and record keeping purposes;
- To protect your legitimate interest;
- In connection with legal proceedings.
Your rights to access to information, objections to processing and withdrawal of consent to processing
You have the right to request a copy of the personal information we hold about you, and about the details of any third parties who have or have had access to your information. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require. We will require proof of your identity in a legally accepted format before providing details of your personal information. Please note that any such access request may be subject to a payment of a legally allowable fee.
You have the right at any time, within reason and within the determinations of the Act, to object to the manner in which we process your personal information.
You have the right at any time, within reason and within the determinations of the Act, to withdraw your consent to collection and processing of your personal information.
Correction of your information
You have the right to ask us to update, correct or delete your personal information. We will require proof of your identity in a legally accepted format before making changes to personal information we may hold about you. To this end, we would appreciate it if you would keep your personal information accurate as we collect it from you. In whichever way your personal information is modified, we will inform you should this have any material impact upon you.
We are legally obliged to provide adequate protection for the personal information we hold, to guarantee its integrity and confidentiality, and to stop and prevent unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.
Our security policies and procedures cover:
- Physical security;
- Computer and network security;
- Access to personal information;
- Secure communications;
- Security in contracting out activities or functions;
- Retention and disposal of information;
- Acceptable usage of personal information;
- Governance and regulatory issues;
- Monitoring access and usage of private information;
- Investigating and reacting to security incidents.
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.
Should we ever experience a security breach impacting upon your personal information, we will deal with such a security breach and notify you as per the requirements of the Act.
Disclosure of information
We may also disclose your information:
Where we have a duty or a right to disclose in terms of law or industry codes;
Where we believe it is necessary to protect our rights.
How to contact us
If you have any queries about this notice; should you need further information about our privacy practices; should you wish to withdraw consent; should you want to exercise preferences, or access, or correct your personal information, please contact us at the numbers/addresses listed on our website.