Guardrisk Group (Pty) Ltd respects the right to privacy and confidentiality of our potential and existing client’s personal information. We are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently. This notice extends to all entities within Guardrisk Group (Pty).
This privacy notice is meant to help you understand how we collect, use, share and protect your personal information. Guardrisk subscribes to the conditions of the Protection of Personal Information Act (POPIA) as well as the principles set out in Section 51 of the Electronic Communications and Transactions Act 25 of 2002 to make sure that you are always protected when supplying us with personal information.
The Protection of Personal Information Act 9 (POPIA) describes personal information as information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.
The person to whom personal information relates is referred to as the “data subject”.
The type of information we collect will depend on the purpose for which it is collected and used. We will only collect information that we need for that purpose. When personal information is collected, the company will indicate the purpose for the collection and whether the information required is compulsory or voluntary.
Examples of personal information include, but are not limited to, contact information, financial information, information relating to race, gender, sexual orientation, age, contact details, identity number, religion, name, culture, language and nationality.
The company collects information either directly from the data subject, the employer or through intermediaries. The source from which personal information was obtained, if not directly from the data subject, will be disclosed.
After obtaining consent, the personal information collected or held by Guardrisk may be used, stored, transferred or disclosed or shared only for the purposes for which it was collected or agreed with you. This may include:
Records of personal information will be retained for the period necessary for achieving the purpose for which the information was collected. Please note that you have a right to object to the processing of your personal information for example for purposes of direct marketing, unless consent was obtained from you.
Data processing is carried out using computers and/or IT-enabled tools, following organisational procedures and modes strictly related to the purposes indicated. In some cases, the data may be accessible to certain types of persons in charge, involved with the operations inside Guardrisk (underwriting, compliance, marketing, legal, system administration, etc.) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as data processors by Guardrisk.
Guardrisk will only share your personal information with third parties if you have consented to such disclosure. If consent has been obtained, the company may share your personal information with third parties who are involved in the delivery of services to you. We have agreements in place to ensure that they comply with the Protection of Personal Information Act, No 4 of 2013.
Where Guardrisk discloses personal information to any third parties, the third party will be obliged to use that personal information only for the reasons and purposes it was disclosed for. We may be obliged to disclose your personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, or for the purposes of protecting the interest of clients, for example fraud prevention or to give effect to an agreement.
Guardrisk processes the data of data subjects in a proper manner and shall take appropriate security measures to prevent loss of, damage of personal information, unauthorised access, disclosure, modification, or unauthorised destruction of the data. The company will store all the personal information in secured environments, for example on secured servers in a protected data centre.
You have the right to request to review your personal information contained by Guardrisk at any time to correct or update the information. If the purpose for which your personal information was requested initially does not exist anymore, for example you no longer have an active contract, you may request information held by the company to be removed. However, Guardrisk can decline your request to delete the information from its records if other legislation requires the continued retention thereof or if it has been de-identified.
If you would like to obtain a copy of your personal information held by Guardrisk, please review our information manual located at https://guardrisk.co.za/wp-content/uploads/2020/02/INFORMATION-MANUAL_2020.pdf
Any person may submit a complaint to the Regulator alleging interference with the protection of the personal information of a data subject.
Please note that we may amend this Notice from time to time. Please check this website periodically to inform yourself of any changes.
This Privacy Notice applies to Guardrisk Group (Pty) Ltd, incorporating all its operating entities.
Please direct any questions, complaints or concerns regarding this privacy notice, data privacy and our treatment of your Personal Information to the following:[email protected]
Upon receiving your request, we will contact you directly, investigate your request, and work to address your concerns. We will respond to your request without undue delay. We reserve the right to take reasonable steps to verify your identity prior to granting access or processing changes or corrections.
You have the right to complain to the Information Regulator, whose contact details are:
Tel: 012 406 4818
Fax: 086 500 3351
Email: [email protected]