1. INTRODUCTION, PURPOSE AND APPLICATION
1.1 Bohle Glass Equipment (Pty) Ltd (“Bohle, we, us, our”) is committed to protecting the privacy of all parties with whom we interact, including but not limited to, prospective employees, clients, visitors and service providers (“you”) in accordance with, inter alia, the Protection of Personal Information Act 4 of 2013 (“POPIA”) and ensuring that your Personal Information is used appropriately, transparently, securely and in accordance with applicable laws.
1.3 By providing us with your Personal Information, you –
1.3.1 agree to this Policy and authorise us to process such information as set out herein; and
1.3.2 authorise Bohle, its Associates, service providers and other third parties to process such information for the purposes stated herein
1.4 We will not use your Personal Information for any other purpose than as set out in this Policy and will endeavour to protect your Personal Information that is in our possession from unauthorised alteration, loss, disclosure or access.
1.5 We may review and update this Policy from time to time. The latest version of this Policy is available on request.
2.1 Unless otherwise expressly stated, or the context otherwise requires, the words and expressions listed below shall, when used in this Policy, bear the meanings ascribed to them:
2.1.1 “Associates” means Bohle’s shareholders and the directors, employees and consultants of Bohle;
2.1.2 ‘‘consent’’ means any voluntary, specific and informed expression of will in terms of which permission is given for the processing of Personal Information;
2.1.3 “Operator” means any person or entity that processes Personal Information on behalf of a Responsible Party;
2.1.4 “Personal Information” means information relating to an identifiable, living, natural person, and where applicable, to an identifiable, existing juristic person, including, but not limited to —
18.104.22.168 information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
22.214.171.124 information relating to the education or the medical, financial, criminal or employment history of the person;
126.96.36.199 any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
188.8.131.52 the biometric information of the person;
184.108.40.206 the personal opinions, views or preferences of the person;
220.127.116.11 correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
18.104.22.168 the views or opinions of another individual about the person; and
22.214.171.124 the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
2.1.5 ‘‘processing’’ means any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information, including —
126.96.36.199 the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
188.8.131.52 dissemination by means of transmission, distribution or making available in any other form; or
184.108.40.206 merging, linking, as well as restriction, degradation, erasure or destruction of information;
2.1.6 “Responsible Party” means the entity that decides how and why Personal Information is processed;
2.1.7 “Bohle” means Bohle Glass Equipment (Pty) Ltd, registration number: 2002/000317/07;
2.1.8 “Services” means selling and distribution of products to the glass and glazing industry as well as to related industries;
2.1.9 “Special Personal Information” means information pertaining to:
220.127.116.11 the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a person; or
18.104.22.168 the criminal behaviour of a person to the extent that such information relates to the alleged commission by a person of any offence or any proceedings in respect of any offence allegedly committed by a person or the disposal of such proceedings.
3. COLLECTION AND USE OF PERSONAL INFORMATION
3.1 Source of Personal Information
3.1.1 We may collect or obtain Personal Information about you –
22.214.171.124 directly from you;
126.96.36.199 in the course of providing Services to you or your organisation;
188.8.131.52 when you make your Personal Information public;
184.108.40.206 when you visit and/or interact with our Website or our social media platforms; or
220.127.116.11 when you visit our offices.
3.1.2 Personal Information from other sources will be collected where it is publicly and/or commercially available.
3.2 Categories of Personal Information
3.2.1 We collect and process Personal Information only for purposes relating to the rendering of our Services to you. We may, where permitted or required to do so by applicable law, process your Personal Information without your knowledge or permission if sufficient grounds of justification are present, and we will do so in accordance with the further provisions of this Policy.
3.2.2 The categories of Personal Information we collect and process include:
18.104.22.168 personal and demographic details (e.g. name, ID number, gender, photograph, nationality, etc.);
22.214.171.124 contact details (e.g. telephone number, email address, physical address, etc.);
126.96.36.199 employment details (e.g. name of employer, job title, etc.) to the extent relevant;
188.8.131.52 financial information (e.g. financial statements, details of income and remuneration, payment details such as billing address, payment method, invoice records, etc.).
3.2.3 We also collect and process Special Personal Information, particularly information relating to race, health, criminal behaviour and biometric information. This information is collected and processed solely to enable us to render our Services to you in circumstances where the use of such information is necessary and in accordance with applicable law.
3.3 Purpose and Legal Bases for Processing
3.3.1 We will process your Personal Information in the ordinary course of the business of providing our Services. We will primarily use your Personal Information only for the purpose for which it was originally collected. We will use your Personal Information for a secondary purpose only if such purpose constitutes a legitimate interest and is closely related to the original purpose for which the Personal Information was collected.
3.3.2 We may use your Personal Information for, amongst others –
184.108.40.206 rendering our Services to you;
220.127.116.11 complying with our obligations in terms of our mandates with you and other contractual relationships;
18.104.22.168 complying with our legal obligations and applicable law;
22.214.171.124 developing and improving our businesses, services and offerings;
126.96.36.199 statistical purposes;
188.8.131.52 relationship management and marketing purposes in relation to our Services, account management and for marketing activities in order to establish, maintain and/or improve our relationship with you and with our Service Providers;
184.108.40.206 internal management and management reporting purposes; and
220.127.116.11 safety and security purposes.
4. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES
4.1 We rely on third-party service providers to perform a variety of services on our behalf. This means that we may have to share Personal Information with these third parties.
4.2 We may disclose your Personal Information to our Associates and service providers, for legitimate business purposes, in accordance with applicable law and subject to applicable professional and regulatory requirements regarding confidentiality.
4.3 In addition, we may disclose your Personal Information –
4.3.1 if required by law;
4.3.2 to legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
4.3.3 to third party operators (including, but not limited to, data processors), located anywhere in the world, subject to paragraph 4.4 below;
4.3.4 where it is necessary for the purposes of, or in connection with, actual or threatened legal proceedings or establishment, exercise or defence of legal rights;
4.3.5 to any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including, but not limited to, safeguarding against, and the prevention of threats to, public security; and
4.3.6 to any relevant third party acquirer(s), in the event that we sell or transfer all or any portion of our business or assets (including, but not limited to, in the event of a reorganization, dissolution or liquidation).
4.4 If we engage an Operator to process any of your Personal Information, we recognise that any Operator who is in a foreign country must be subject to a law, binding corporate rules or binding agreements which provide an adequate level of protection similar to POPIA. We will review our relationships with Operators we engage and, to the extent required by any applicable law in force, we will require such Operators to be bound by contractual obligations to –
4.4.1 only process such Personal Information in accordance with our prior written instructions; and
4.4.2 use appropriate measures to protect the confidentiality and security of such Personal Information.
5. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION
5.1 We may transfer your Personal Information to recipients outside of the Republic of South Africa.
5.2 Subject to paragraph 4.4 above, Personal Information may be transferred outside of the Republic of South Africa provided that the country to which the data is transferred has adopted a law that provides for an adequate level of protection substantially similar to POPIA, the Operator/third party undertakes to protect the Personal Information in line with applicable data protection laws and the transfer is necessary in order to provide the our Services.
6. SECURITY OF PERSONAL INFORMATION
6.1 We are obliged to provide adequate protection for the Personal Information in our possession. We implement appropriate technical and organisational security measures to protect your Personal Information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.
6.2 In dealings with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that the Personal Information disclosed to them is kept secure. We will ensure that anyone to whom we pass Personal Information on agrees to treat such Personal Information with the same level of protection as we are obliged to.
6.3 We will, on an on-going basis, review our security controls and related processes to ensure your Personal Information remains secure.
6.4 Where there are reasonable grounds to believe that your Personal Information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the relevant Information Regulator and you.
6.5 Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Information that is in our possession, we cannot guarantee the security of any information transmitted using the internet and we cannot be held liable for any loss of privacy occurring during the course of such transmission.
7. DATA ACCURACY
The Personal Information provided to us should be accurate, complete and up-to-date. Should Personal Information change, the onus is on the provider of such data to notify us of the change and provide us with the accurate data.
8. DATA MINIMISATION
We will restrict our processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.
9. DATA RETENTION
We shall only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer.
10. YOUR RIGHTS
10.1 The right to access your personal information
You have the right to establish what Personal Information we have related to you, including the right to request access to that Personal Information.
10.2 The right to have your Personal Information corrected or deleted
You have the right to request, where necessary, that your Personal Information must be corrected or deleted where we are no longer authorised to retain your Personal Information. Please refer to Form 2 annexed hereto which is to be used for all such requests.
10.3 The right to object and withdrawal of consent to the processing of your Personal Information
You have the right, on reasonable grounds, to object to us processing your Personal Information and to withdraw your consent for the processing of your Personal Information. Please refer to Form 1 annexed hereto which is to be used for all such objections.
10.4 The right to object to direct marketing
You have the right to object to us processing your personal information for purposes of direct marketing by means of unsolicited electronic communications.
10.5 The right to complain to the Information Regulator
You have the right to submit complaints to the Information Regulator regarding an alleged infringement of any of your rights protected under POPIA.
10.6 The right to be informed
You have the right to be notified that your Personal Information is being collected. You also have the right to be notified in any situation where we have reasonable grounds to believe that your Personal Information has been accessed or acquired by an unauthorised person.
11. DIRECT MARKETING
11.1 We may process your Personal Information for the purposes of providing you with information regarding services that may be of interest to you. You may unsubscribe for free at any time.
11.2 If you currently receive marketing information from us which you would prefer not to receive in the future please email us at firstname.lastname@example.org.
Our Information Officer’s contact details are as follows:
Attention: Sebastian Till
Telephone: +27 11 792 6430
Please click here to download the relevant POPI forms as gazetted.
Revised: 24 June 2021