Privacy Policy
Data Privacy & Protection Policy
This end-user agreement (“Agreement”) is an agreement between you (“you” or “User”) and WiMSA (“The Company”).
This Policy explains how we obtain, use, and disclose your personal information, in accordance with the requirements of the South African Personal Information Act (“POPIA”) and where applicable the General Data Protection Regulation (“GDPR”) for European data subjects.
By registering with The Company, you hereby grant to us a right to process your data to the extent reasonably required for the performance of our obligations and the exercise of our rights under this policy.
We are committed to protecting your personal data and we respect your privacy.
This privacy policy covers the following:
-
Why we use your data
-
What data we process
-
How we use your data
-
Legal basis for processing your data
-
Your rights as a Data Subject
-
Data Retention
-
Sharing data with third parties
-
Privacy policy changes
Why I use your data
Our services are provided to customers through agreements between us and the customer and various specific terms and conditions that you agree with when you register.
I process your personal data for the following purposes:
-
To provide you with the service(s) you signed up for
-
To verify your identity when required
-
For the ongoing administration of the service
-
To allow us to improve the products and services we offer to our customers
-
To enable us to comply with our legal and regulatory obligations
What data we process
We will collect from you directly and process the following information:
-
First and last names
-
Physical addresses
-
Mobile number(s)
-
Business Telephone Number(s)
-
Email address(s)
-
Banking account details for the processing of Debit orders as and when required.
How we process your data
Data is stored physically by hand-written notes and is not stored on any digital device or with any digital service. Your data is stored in a secured location with all reasonable protections in place.
Legal basis for processing your data
We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into a or perform a contract with you, with your consent, and or for compliance with our legal obligations.
We use information that we collect and receive:
-
To facilitate account creation in the applicable systems.
-
To send you marketing and promotional communications.
-
To send administrative information to you.
-
To enforce our terms, conditions, and policies.
-
To respond to legal requests and prevent harm.
-
For other Business Purposes. We may use our information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our website, products, services, marketing and your experience.
Your rights under Data Protection Law
-
Right to Access
You have the right of access to your data. A formal request via email is required to start the process.
-
Right to Rectification
You have the right to request that your personal information be corrected when required. Any requests for corrections to incorrect or inaccurate data will actioned within 24 business hours.
-
Right to be Forgotten (Right to Erasure)
You have the right to withdraw your consent to The Company processing your data; depending on the circumstances, we may or may not be obliged to action this request. Where actioned, deletion of your personal information occurs within 24 business hours. Any financial transactional information relevant to you however must be retained for up to seven years for regulatory compliance.
-
Right to Object
You have the right to object to the processing of your information at any time; depending on the circumstances, we may or may not be obliged to action this request.
-
Right to Restriction of Processing
You have the right to request that I restrict the extent of our processing activities; depending on the circumstances, we may or may not be obliged to action this request.
-
Right to Data Portability
You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine-readable format suitable for transferring to another data controller.
-
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with the relevant supervisory authority if you believe we have infringed on your data protection or privacy. You can lodge your complaint in your country of residence, country of work or country where you believe I infringed your right(s).
Data Retention
We may need to retain records for regulatory compliance fulfilment. Accordingly, certain records must be retained for an extended duration, which may be up to seven years.
Sharing personal information with third parties
We use trusted service providers to help deliver our services. All of our suppliers are subject to appropriate safeguards, and in compliance with POPIA and the General Data Protection Regulation (“GDPR”).
We may also have access to your personal information as part of delivering the service.
We will only disclose your information to other parties in the following limited circumstances
-
Where I am legally obliged to do so, e.g. to law enforcement and regulatory authorities.
-
Where there is a duty to disclose in the public interest.
-
Where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud.
-
Where you give us explicit consent to do so.
Privacy Policy Changes
We reserve the right to change, modify, add, or remove portions of these terms at any time. We will post a clear, easily accessible notification on the website if there are any changes made to these terms.
Jurisdiction
This Privacy Policy is governed by the laws of the Republic of South Africa. You agree that any cause of action that may arise under this Privacy Policy shall be commenced and be heard in the appropriate court in South Africa. You agree to submit to the personal and exclusive jurisdiction of the courts located within South Africa.