Privacy Policy

Introduction

This notice explains why and how we obtain, process, and disclose your Personal Information. Importantly, Processing also includes legal use of your Personal Information as per the definitions provided in the Act. 

At Indevaldi, we are committed to protecting your privacy and to ensuring that your Personal Information is collected and used properly, lawfully and transparently.

Please read the following Privacy Policy (“Policy”) carefully to understand how Indevaldi will treat your Personal Information.

Please note that we may update this Policy from time to time by posting the latest version on the Website, so please ensure that your refer to it periodically.

We may use your Personal Information provided to us for any purposes mentioned in this Policy or otherwise stated at the point or instance where Indevaldi is collecting your Personal Information.

 

Application

Indevaldi recognises the importance of protecting your privacy regarding your Personal Information collected by us when you use our Website www.indevaldi.co.za (“Website”).

By using our Website, you agree to Indevaldi, its directors, consultants, employees, agents, subcontractors, affiliates and/or third parties to process your Personal Information for the purposes stated in this Policy. If you disagree with our processing activities described in this Policy, please do not use the Website.

This Policy applies to all parties with whom we interact. This includes but is not limited to clients, representatives of organisations, visitors to our offices and any other users of our services or information we make public.

The Policy applies to Personal Information provided to us, both by individuals or others.

The Policy applies to all Indevaldi group firms, member firms and associates.

    Definitions

    “Act” – Protection of Personal Information Act 4 of 2013

    “Responsible party” – a public or private body or any other person that determines the purpose and means for processing personal       information.

    “Operator” – a person who processes information for a responsible party in terms of a contract or mandate without coming under the direct authority of the responsible party.

    “Data subject”, “you”, “your” – a person to whom personal information relates.

    “Indevaldi”, “us”, “we” – refers to the Indevaldi Network. The Indevaldi Network consists of group firms and/or member firms and/or associates of whom each is a separate legal entity.  

    “Processing”, “Process” – any operation or activity concerning Personal Information, including but not limited to handling, collecting, protecting or storing.

    “Record” – any recorded information, regardless of when it came into existence.

    “Personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.  When we refer to information, we also refer to personal information.

    “Sensitive Personal Information” – Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.

    “Service Providers” – third party providers of various services whom we engage, including, but not limited to, providers of information technology, website hosting and management, data analysis, data backup, security, cloud storage services, communication, file storage, data storage, copying, printing, accounting or auditing services, legal advisors or counsel, experts, investigators, translators, taxation consultants, other professional services and our insurers and professional advisors.

    “Website” – any website operated or maintained by us or on our behalf.

    Why we process Personal Information

    Indevaldi process information for numerous purposes.

    We will use you Personal Information for the purposes as set out in this Policy.

    The primary purposes why we process information is:

    • to perform our duties in relation to the services you agreed with us to deliver.
    • to understand your business requirements before we engage in providing a service.
    • for the administration, operation and development of our business
    • for the interest of our clients and potential clients (and/or individuals associated with them) in receiving professional advise or services to assist them in the effective and lawful operation of their business.
    • for relationship management and marketing purposes in relation to our services.
    • for accounts management
    • for marketing activities to establish, maintain and/or improve our relationship with you and our Service Providers.
    • for analytical and statistical purposes.
    • to develop and improve our services, operations, businesses, offerings and technologies.
    • to fulfill our internal management and management reporting purposes, including, but not limited to, conducting internal audits, conduct internal investigations, implementing internal business processes and controls, insurance purposes and management reporting analysis.
    • to fulfill our obligations, legal or otherwise, and to satisfy any requirements of law, regulations or professional body of which we are a member.
    • to meet our recruitment requirements. 
    • for any other reason or purpose at which you have agreed with us.

    Indevaldi does not sell or release personal data to third parties for purposes of allowing them to market their products and services without consent from individuals to do so.

    When do we collect Personal Information

    We may collect or obtain Personal Information when:

    • we interact with you in the course of our relationship.
    • we interact with you in the course of providing services to you or your organisation.
    • you become a client or supplier of Indevaldi.
    • you visit and/or engage with our Website.
    • you visit and/or engage with our social media platforms.
    • you register on our communication platforms.
    • you engage with our online shop.
    • you engage with our digital marketing campaigns.
    • you visit our offices.
    • you apply for a career with Indevaldi.

    We may collect or obtain Personal Information about you:

    • that is in the public domain.
    • from third parties when we have consent to obtain such information.

    What Personal Information do we process

    e endeavour to protect your Personal Information that is in our possession from loss, disclosure or access.

    To service the purposes for why we collect Personal Information, the following indicate what Personal Information we process:

    • personal details, including your name/s and surname.
    • demographic information, including gender, date of birth, age, marital status, nationality, country of residence, salutation, title and language preferences.
    • identifier information, including identity number, passport, company registration details, tax registration numbers and various other registration numbers or information relevant to be used in our service delivery.
    • financial information, including bank details, bank statements, financial statements, tax returns, salary and other income, investments and other financial information relevant to our service delivery.
    • employment information, including employer and employee information to the extent relevant to our service delivery.
    • legal information, including lease agreements and various other agreements relevant to our service delivery.
    • contact details, including physical and postal address, telephone numbers, email addresses and details of your public social media profiles.
    • interaction information, including information about our interactions.
    • service details, including instructions for services to be performed, records, documents, working papers and retention documents or other material/records/documents that we may process in providing our services.
    • attendance details, including date and details of meetings or events.
    • consent records, including records of any consent you may have given, including Power of Attorney.
    • payment details, including billing address, payment details and methods, bank or credit card account numbers, invoice records, payment records, SWIFT details, IBAN details, payment amount and payment date.
    • website visit records, including your device type, operating system, browser type, browser settings, IP address, language settings, dates and times of visiting our Website, instance records, page visits and other technical communication information.
    • social media records, including records of your interactions with our online content and advertising.

    Sensitive Personal Information

    We acknowledge that we process Sensitive Personal Information to provide our services to you.

    Where we need to Process your Sensitive Personal Information, we will do so in the ordinary course of our business and accordance with applicable law. We will Process your Sensitive Personal Information for a legitimate purpose.

    Disclosure of Personal Information

    We may disclose your Personal Information to the Indevaldi group firms, member firms, associates or Service Providers, for legitimate business purposes, in accordance with applicable law and subject to relevant professional and regulatory requirements regarding confidentiality. When we contract with Service Providers, we impose appropriate security, privacy and confidentiality obligations on them through written contracts to ensure that the Personal Information we remain responsible for is kept secure. 

    We may also disclose your Personal Information:

    • if required by law.
    • to legal and regulatory authorities, upon your request, or to report any actual or suspected breach of applicable law or regulation.
    • to third party Operators located anywhere in the world, including, but not limited to, data processors, data hosting services, document management operators.
    • where it is necessary for legal proceedings.
    • professional advisors necessary in connection with the services they have been engaged to provide.
    • to any third party acquirers(s), in the event that we sell or transfer all or any portion of our business or assets.
    • to any third party provider, where our website or social media platforms uses third party technology or software.
    • to any other party, when explicitly requested by you.

    Where we engage with a third party Operator to process any of your Personal Information, we require that such third party Operator, local or foreign, be subject to privacy laws, regulations or agreements to a similar level to which we are responsible.   

    International transfer of Personal Information

    We may transfer your Personal Information to recipients or store your Personal Information outside of the Republic of South Africa. 

    The Operator or third-party undertakes to protect Personal Information in line with applicable data protection legislation (similar to POPIA), and the transfer is necessary for the purposes of why we process Personal Information.

    Data security

    We implement appropriate technical and organisational security measures to protect your Personal Information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access in accordance with applicable law.

    When there are reasonable grounds to believe that your Personal Information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the relevant regulator and you.

    Although we implement all reasonable measures to protect your Personal Information that is in our possession, we cannot guarantee the security of any information transmitted using the internet (including email). The transmission of information via the internet is not completely secure, because the internet is an open system. We cannot be held liable for any loss of privacy occurring during the course of transmission of information via the internet.

    On an ongoing basis, we review our security controls and related processes to ensure that your personal information remains secure.

    Only authorised persons are provided access to Personal Information. Such individuals have agreed to maintain the confidentiality of this information.

    Our security policies and procedures cover:

    • physical security and access control to our offices.
    • computer and network security.
    • access to personal information.
    • secure communications.
    • security in contracting out activities or functions.
    • retention and disposal of information.
    • acceptable usage of personal information.
    • governance and regulatory issues.
    • monitoring access and use of private information.
    • investigate and reacting to security incidents.

     

    Data accuracy

    Personal Information provided to Indevaldi should be accurate, complete and up-to-date. Should Personal Information change, it is your responsibility to notify us of such change and provide us with accurate data. 

    Scope of data

    Indevaldi will restrict its Processing of Personal Information to data which is sufficient to fulfil the primary purpose and applicable, legitimate purpose for which it was collected. 

    Data retention

    Indevaldi will only retain and store Personal Information for the period for which the data is required to serve its primary purpose or legitimate interest or for the period required to comply with any applicable legal requirement, whichever is longer. 

    Your rights

    You may have rights under relevant laws, South African and other laws, to have access to your Personal Information and to ask us to rectify, erase and restrict the use of your personal information.

    You may also have rights to object to your Personal Information being used, ask for the transfer of Personal Information you have made available to us, and withdraw consent to the use of your Personal Information. 

    Your rights are subject to relevant data privacy regulations and laws. We will act accordingly.

    We will require proof of your identity in a legally accepted format before providing details of your personal information. Please note that any such access request may be subject to payment of a legally allowable fee.

    Direct Marketing

    We may Process your Personal Information to provide you with information  regarding services that may be of interest to your. You may unsubscribe for free at any time.

    If you currently receive marketing information from us which you prefer not to receive in the future, please email us at info@indevaldi.co.za

    Cookies and similar technologies

    We may process your Personal Information through Cookies and similar technologies. Please refer to our Cookie Policy

    Contact us

    .If you have any queries about this notice, should you need further information about our privacy practices, should you wish to withdraw consent, should you want to exercise preferences, or access or correct your personal information, you may contact the information officer. The Information officer contact details for each Indevaldi group firm, member firm or associate can be found here.