1 INTRODUCTION
1.1 Whereas eLan is obliged to comply with the Protection of Personal Information Act 4 of 2013.
1.2 eLan is required to inform Users as to how their Personal Information is used, disclosed and destroyed.
1.3 eLan is committed to protecting Users’ privacy and ensuring that their Personal Information is used appropriately, transparently, securely and in accordance with applicable laws.
1.4 Wherefore this Policy sets out a manner in which eLan deals with Personal Information as well as stipulates the purposes for which said information is used.
2 DEFINITIONS AND INTERPRETATION
2.1 Unless otherwise expressly stated, or the context otherwise requires, the words and expressions listed below shall, when used in this Charter, bear the meanings ascribed to them below, and cognate expressions bear corresponding meanings:
2.1.1 “Board” means the Board of Directors of eLan serving from time to time.
2.1.2 “Directors” means the Directors of eLan as defined in eLan Memorandum of Incorporation.
2.1.3 “Chief Marketing Officer” means the Chief Marketing Officer of eLan.
2.1.4 “Users” means the users of eLan as defined in eLan Memorandum of Incorporation.
2.1.5 “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:
2.1.5.1 information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
2.1.5.2 information relating to the education or the medical, financial, criminal or employment history of the person;
2.1.5.3 any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignments to the person;
2.1.5.4 the biometric information of the person;
2.1.5.5 the personal opinions, views or preferences of the person;
2.1.5.6 correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
2.1.5.7 the views or opinions of another individual about the person; and
2.1.5.8 the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
2.1.6 “POPI” means the Protection of Personal Information Act 4, 2013.
2.1.7 “Policy” means this POPI policy.
2.2 In this Policy:
2.2.1 table of contents and paragraph headings are for purposes of reference only and shall not be used in interpretation.
2.2.2 unless the context clearly indicates a contrary intention, any word connoting any gender includes the other genders, and the singular includes the plural and vice versa.
2.2.3 When a number of days are prescribed such number shall exclude the first and include the last day unless the last day is not a business day, in which case the last day shall be the next succeeding business day.
2.2.4 A reference to a business day is a reference to any day excluding Saturday, Sunday and a public holiday in the RSA.
3 PERSONAL INFORMATION COLLECTED
3.1 Section 10 of POPI states that “Personal Information may only be processed if, given the purpose for which it is processed, it is adequate, relevant and not excessive.”
3.2 ELan collects and processes Users’ Personal Information pertaining to their respective usership. The type of information will depend on the need for which it is collected and will be processed for that purpose only. Whenever possible, we will inform
Users’ what information they are required to provide us with and what information is optional.
3.3 Examples of the Personal Information we collect includes but is not limited to:
3.3.1 Member’s contact information, identity number, name, surname, addresses, postal code and employment details;
3.3.2 Description of the Member’s residence, business, assets; financial information, banking details;
3.3.3 Member’s marketing preferences;
3.3.4 Member’s demographic data such as gender, age, country and preferred language; and
3.3.5 Any other information reasonably required by eLan, suppliers and Insurers.
3.4 ELan also collects and processes the Users’ personal information for marketing purposes.
3.5 For purposes of this Policy, Users included potential and existing Users.
4 THE USAGE OF PERSONAL INFORMATION
4.1 Users Personal Information will only be used for the purpose for which it was collected and agreed. This may include:
4.1.1 Respond to Member’s enquiries and requests;
4.1.2 Providing products or services to Users and to carry out the transactions requested;
4.1.3 Confirming, verifying and updating Users details;
4.1.4 For the detection and prevention of fraud, crime, money laundering or other malpractice;
4.1.5 Conducting market or customer satisfaction research;
4.1.6 For audit and record keeping purposes;
4.1.7 In connection with legal proceedings;
4.1.8 To enable the Member to subscribe to newsletters and mailing lists;
4.1.9 Providing our services to Users to carry out the services requested and to maintain and constantly improve the relationship;
4.1.10 In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law; and
4.1.11 Any other reasonable usage of Personal Information with the consent of the Member.
5 DISCLOSURE OF PERSONAL INFORMATION
5.1 Subject to a Users approval, eLan may share Users’ Personal Information with and obtain information about Users from third parties for the reasons already discussed above.
5.2 ELan may also disclose Users’ information where eLan has a duty or a right to disclose in terms of applicable legislation, the law or where it may be deemed necessary to protect eLans rights.
6 SAFEGUARDING USERS INFORMATION
6.1 It is a requirement of POPI to adequately protect the Personal Information we hold and to avoid unauthorised access and use of Personal Information. We continuously review our security controls and processes to ensure that Personal Information is secure.
6.2 The following procedures are in place in order to protect Personal Information:
6.2.1 The Chief Marketing Officer, whose details are available below and who is responsible for the encouragement of compliance with the conditions of the lawful processing of Personal Information and other provisions of POPI;
6.2.2 Employees are required to sign Confidentiality Agreements which are considered annexures to their Employment Contracts;
6.2.3 Hard copy files are stored at secure premises and are destroyed after five years;
6.2.4 ELan internal server hard drives are protected by tools
6.2.5 A Disaster Recovery Register will be kept to log any security incidents and to report on and manage said incidents. The Chief Marketing Officer will maintain this register.
6.2.6 Consent to process user information is obtained from Users (or a person who is authorised by the client to provide the candidates’ Personal Information) during registration.
7 ACCESS AND CORRECTION OF PERSONAL INFORMATION
7.1 Users have the right to access the Personal Information that eLan holds about them. Users also have the right to ask for an update, correction or deletion of their Personal Information on reasonable grounds. Once a Users objects to the processing of their Personal Information, eLan may no longer process such Users Personal Information.
7.2 The details of our Chief Marketing Officer are as follows:
7.2.1 Chief Marketing Officer Details
7.2.1.1 Name: Eugene Boniface
7.2.1.2 Telephone Number: +27 315 769 600
7.2.1.3 E-mail Address: info@elan.co.za