1. Background


Joubert Galpin Searle will maintain the confidentiality of your personal information and comply with the Protection of Personal Information Act 4 of 2013 (POPIA) when processing your personal information.


2. The purpose of the notice


The purpose of this notice is to inform Joubert Galpin Searle's clients about the type and use of personal information the company collects, the ways in which it is collected, the sharing, protection and storage thereof.


3. Defining personal information


3.1 The term 'personal information', as used in this notice, applies to information that may be used to identify an individual or a juristic person (i.e. for example a registered company).


3.2 POPIA defines personal information as "information which relates to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person. The person to whom personal information relates is referred to as the "data subject".


3.3 Examples of personal information include, but are not limited to, contact information, financial information, information relating to race, gender, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person.


4. Information collected by Joubert Galpin Searle


4.1 Personal information collected by Joubert Galpin Searle can include a data subject's name, contact, birth date, identity number, gender, employment details, marital, family, policy, bank account, medical or health information.


4.2 When personal information is collected, the company will indicate the purpose for the collection and whether the information required is compulsory or voluntary.


5. Data Collection


The company collects information directly from the data subject or from legal proceedings entered into during the course and scope of our business.


6. Use of personal information

After obtaining consent, the personal information collected or held by Joubert Galpin Searle may be used, stored, transferred or disclosed or shared for the following purposes:


6.1 Communication with clients; and


6.2 Direct marketing of Joubert Galpin Searle services to clients;


7. Sharing of personal information


7.1 Joubert Galpin Searle will only share personal information with third parties if you have consented to such disclosure.


7.2 If consent has been obtained, the company may share your personal information with persons or organisations within and outside of Joubert Galpin Searle.


7.3 Where Joubert Galpin Searle discloses personal information to others, the third parties will be obliged to use that personal information only for the reasons and purposes it was disclosed for.


7.4 Joubert Galpin Searle may be obliged to disclose personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, or for the purposes of protecting the interest of clients, for example fraud prevention or to give effect to an agreement.


8. Securing personal information


8.1 Joubert Galpin Searle will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.


8.2 The company will store all the personal information in secured environments, for example on secured servers in a protected data centre.


9. Retention of personal information

Joubert Galpin Searle will retain your personal information for the period required by law. Once this period has come to an end, all information will be destroyed in terms of our information destruction practices.


10. Review personal information


10.1 Clients can request to review all personal information held by Joubert Galpin Searle at any time to correct or update the information.


10.2 If the purpose for which your personal information was requested initially does not exist anymore, for example you no longer have a contract with it, you may request information held by the company to be removed.


10.3 Joubert Galpin Searle can decline your request to delete the information from its records if other legislation requires the continued retention thereof or if it has been de-identified.


11. Updating privacy policy


Joubert Galpin Searle may update this notice periodically and an updated version may be requested, for example through a postal request or through an email notification addressed to the contact details provided below.


12. Employee Training on Cyber Security and Data Privacy


Employee Training on Cyber Security and Data Privacy forms part of ongoing compliance training. Cyber Security training is currently further required as a basic compliance training that all employees must complete. As part of the POPIA management programme, there is a specific focus on training, awareness as well as communication that will cover data privacy, data security and more detailed cyber security training as mandatory compliance training to all staff.