CompuFreak IT recognises the importance of protecting the personal information that you (“the User”) provide to us. Therefore, we have put together, and endevour to follow this policy that respects and addresses that.
2. INFORMATION COLLECTION
2.1 CompuFreak IT collects information from the User at several different points on the Site. CompuFreak IT is the sole owner of the information collected on CompuFreak’s web site (“the Site”). We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement.
2.2 Consent to collect information can be express (eg. signing an agreement) or implied (eg. if the user is given an opportunity to opt-out of a specific form of information sharing, but chooses not to do so, CompuFreak IT implies that the User chooses to share this information with us).
2.3 CompuFreak IT processes personal information on web hosting servers that may not be in your present country.
3. INFORMATION WE COLLECT
In the course of service provision to the User we may collect certain forms of information. The types of information that we may collect are detailed below:
Information you provide – When you register for an account on CompuFreak IT by completing the appropriate form, we ask you for personal information (such as your name, email address and phone number). We may combine the information you submit under your account with information from other services or third parties in order to provide you with a better experience and to improve the quality of our service.
Financial Information – In the course of providing a service to you, CompuFreak IT may ask for financial information (Bank account details, credit card details etc.). Such information will be treated with the upmost privacy, will be stored encrypted on our systems, will only be communicated across a secure link and will not be provided to any third parties except where necessary to provide CompuFreak IT‘s service to you.
Log information – When you use CompuFreak IT, our server automatically records information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
User communications – When you send email or other communication to CompuFreak IT, we may retain those communications in order to process your enquiries, respond to your requests and improve our services.
Links – CompuFreak IT may present links in a format that enables us to keep track of whether these links have been followed and who followed them, either on the web site or in electronic communications. We use this information to improve the quality of our service, customized content and advertising.
4. HOW THIS INFORMATION IS USED
4.1 CompuFreak IT collects user information for the purposes described below:
Providing a service to our users, including the display of customized content and advertising
Auditing, research and analysis in order to maintain, protect and improve our service
Ensuring the technical functioning of our equipment and resources
Developing new services
4.2 While mostly this information will be used to provide a service to our users, it may also be used to provide our own services.
5.1 CompuFreak IT may send the User, site and service announcement updates on an irregular basis. Users are not able to unsubscribe from service announcements, which contain important information about our service.
5.2 On occasion CompuFreak IT will email newletters to provide the User with information that we think the User will find useful, including information about new products and services. We might also contact the User by email to see if the User is interested in participating in market research regarding CompuFreak IT. We may also contact the User by email to respond to customer-service complaints that the User has submitted, to address a problem affecting the User’s use of the service or to verify the User’s account information if the User submits a password request.
6. INFORMATION SHARING
6.1 CompuFreak IT may share aggregate demographic information with our advertisers or information collection companies, but will not reveal any personally identifiable information in these instances. These companies do not retain, share, store or use personally identifiable information for any secondary purposes. We may also partner with third parties to provide specific services. When the User signs up for these services, we will share the information that is necessary for the third party to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
6.2 CompuFreak IT may share a User’s contact information with other registered Users for the purposes of resolving support queries relating to CompuFreak IT or the service provided to a User by another User. This contact information includes, but is not limited to, name, surname, email address and phone number. Typically, this would be providing a buyer’s contact details to a seller or vice versa, where CompuFreak IT has the necessary information to assist, but cannot actually resolve a support query.
7. DATA INTEGRITY
8. INFORMATION SECURITY
8.1 We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. The servers that we store personally identifiable information on are kept in a secure environment.
8.2 We restrict access to personal information to CompuFreak IT employees who need to know that information in order to operate, develop or improve our services.
9. ACQUISITION OR MERGER
10. NOTIFICATION OF CHANGES
10.2 CompuFreak IT is, however, under no obligation to inform the User of such changes when they happen, although it is assumed that any changes will be minor and will not fundamentally impact the User. Should the change be deemed by CompuFreak IT to be significant, we will endevour to inform the User of these changes through whatever means we deem necessary (banner on home page, email notification etc.) in a timely manner.
11. CONTACT INFORMATION
If the User has any questions about this Privacy Statement or about CompuFreak IT‘s information collection practices, please contact us at info@compuFreak.co.za
12.1 The terms “The User” and “User” are used interchangeably and refer to all individuals and/or entities accessing this web site for any reason whatsoever.
12.2 The terms “we” and “CompuFreak IT” are used interchangeably and refer to CompuFreak IT itself and all individuals and/or entities acting directly on behalf of CompuFreak IT.
By signing the Customer Service Order, the client accepts the following Information Privacy Agreement. The “jobcard”number or CSO Number has reference.
In this Agreement, unless the context requires otherwise, the words below mean the following:
- “Agreement” means this information privacy agreement, together with all schedules and annexures;
- “Business Day” means any day other than a Saturday, Sunday, or official public holiday in South Africa;
- “Confidential Information” means any information relating to one Party or its agents (“Disclosing Party”) and / or the business carried on or proposed or intended to be carried on by the Disclosing Party and which is made available in connection with this Agreement to the other Party (“Receiving Party”), or its agents, by the Disclosing Party, or its agents, or which is recorded in agreed minutes following oral disclosure to the Receiving Party and any other information which is otherwise made available by the Disclosing Party, or its agents, to the Receiving Party, or its agents, whether before, on or after the Signature Date of this Agreement, including any information, analysis or specifications derived from, containing or reflecting such information;
- “CPA” means the Consumer Protection Act 68 of 2008;
- “The Service Provider” means the party set out in Item 1.2. of the Schedule;
- “Data Subject” means all living, identifiable natural or Juristic Persons about whom the Parties hold Personal Information or Special Personal Information;
- “ECTA” means the Electronic Communications and Transactions Act 25 of 2002;
- “Juristic Person/s” means any juristic person of whatever nature including a body corporate, association, company, close corporation, trust or partnership (whether or not having separate legal personality);
- “Operator” means a person who processes Personal Information for a Responsible Party in terms of a contract or mandate, without coming under the direct authority of that party;
- “Organisation” means the party set out in Item 1.1. of the Schedule;
- “Parties” means the Organisation and the Service Provider and “Party” means either one of them, as the context may indicate;
- “Personal Information” means information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing Juristic Person, including:
- information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
- information relating to the education or the medical, financial, criminal or employment history of the person;
- any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
- the biometric information of the person;
- the personal opinions, views or preferences of the person;
- correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
- the views or opinions of another individual about the person; and
- the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
- “POPIA” means the Protection of Personal Information Act 4 of 2013;
- “Processing” means any operation or activity, whether or not by automatic means, concerning Personal Information, including:
- the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
- dissemination by means of transmission, distribution or making available in any other form; or
- merging, linking, as well as restriction, degradation, erasure or destruction of information;
- “Responsible Party” means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for Processing Personal Information;
- “Special Personal Information” means more sensitive information about an individual that pertains to racial or ethnic origins, religious or philosophical beliefs, health or sex life, trade union membership or political persuasion, biometric information or criminal behaviour of a Data Subject (and regarding the latter, to the extent that such criminal behaviour relates to the alleged commission by a Data Subject of any offence or any proceedings in respect of any offence allegedly committed by a Data Subject;
- “Schedule” means the schedule to this Agreement set out in clause 1;
- “Sign” means a handwritten signature or advanced electronic signature as defined by ECTA;
- “Signature Date” means the date of Signature of this Agreement by the Party Signing last in time;
- “South Africa” means the Republic of South Africa, as constituted from time to time;
- “Third Party” means any natural or Juristic Entity other than the Parties; and
- “Writing” means any mode of reproducing information or data in physical form and includes hard copy printouts, handwritten documents and facsimile transmissions, together with information or data in electronic form.
- Any reference in this Agreement to:
- a clause is, subject to any contrary indication, a reference to a clause of the main body of this Agreement;
- an item is, subject to any contrary indication, a reference to an item in the Schedule to this Agreement;
- law means any law including common law, statute, constitution, decree, judgment, treaty, regulation, directive, by-law, order or any other measure of the government, local government, statutory or regulatory body or court having legal authority within South Africa; and
- person means, unless the context indicates otherwise, any natural or juristic person, government, state, agency or organ of a state.
- Where a word or expression is given a particular meaning, other parts of speech and grammatical forms of that word or expression have a corresponding meaning.
- The headings do not govern or affect the interpretation of this Agreement.
- If any provision in a definition confers rights, or imposes obligations on any Party, effect is given to it as a substantive provision of this Agreement.
- Unless the context indicates otherwise, an expression which denotes any gender includes the other gender; reference to a natural person includes a juristic person; the singular includes the plural, and the plural includes the singular.
- Any number of days prescribed in this Agreement excludes the first day and includes the last day.
- The words “including” and “in particular” are without limitation.
- Any reference to legislation is to that legislation as at the Signature Date, as amended or replaced from time to time, and includes all regulations and schedules to such legislation.
- Any reference to a document or instrument includes the document or instrument as ceded, delegated, novated, altered, supplemented or replaced from time to time.
- A reference to a Party includes that Party’s successors-in-title and permitted assigns.
- A time of day is a reference to Johannesburg time.
- The rule of interpretation that, in the event of ambiguity, the contract must be interpreted against the party responsible for the drafting of the contract does not apply.
- The cancellation or termination of this Agreement does not affect those of its provisions which expressly provide that they will operate after cancellation or termination, or which must continue to have effect after cancellation or termination, or which must by implication or by their nature continue to have effect after cancellation or termination.
- No provision in this Agreement is intended to contravene or limit any applicable provisions of the CPA or POPIA.
|3. MAINTAINING CONFIDENTIALITY OF INFORMATION|
- The Parties agree that they will not, during or after the termination of this Agreement for any reason whatsoever disclose any (i) Confidential Information, and / or (ii) Personal Information, and / or (iii) Special Personal Information of, or about, or in relation to, or received from, the other Party, to any Third Party for any reason or purpose whatsoever without the prior Written consent of such other Party.
- The Parties both agree and undertake that they will at all times ensure that any information obtained from the other of them pursuant to this Agreement, including (i) Confidential Information, and / or (ii) Personal Information, and / or (iii) Special Personal Information will be protected and not misused in any way.
- In order to give effect to the provisions of clause 4.2, the Parties agree and undertake to:
- ensure that all such information is properly safeguarded;
- exercise due care in communicating such information to any Third Party (if such communication is permitted); and
- avoid using such information for personal gain or benefit.
|4. INFORMATION PROCESSING PRINCIPLES|
- The Parties hereby confirm their respective support and compliance with the 8 (Eight) lawful Processing principles of POPIA, which set out in this clause 5.
- The Data Subject in question must be told (i) who the Responsible Party is, and (ii) the purpose for which Personal Information, including Special Personal Information, is to be processed by the respective Parties.
- Process limitation
- Processing of Personal Information must be done lawfully and only information needed and legally obtained must be collected by the Parties.
- A Responsible Party must collect Personal Information directly from the Data Subject unless such information is contained in a public record, or unless any of the other exceptions set out in section 12 of POPIA apply.
- The Data Subject must have consented to the Processing of their (i) Personal Information, and / or (ii) Special Personal Information by the Parties, unless such consent is not required in terms of sections 11, and / or sections 27 to 35 of POPIA, including for reason that the Processing (i) is necessary to carry out actions for the conclusion or performance of a contract to which the Data Subject is a party, (ii) protects a legitimate interest of the Data Subject, and / or (iii) is necessary for pursuing the legitimate interests of the Responsible Party or of a Third Party to whom the information is supplied.
- Purpose specification
- Personal Information may only be Processed by the Parties for a specific and lawful purpose or for any other purpose specifically permitted by POPIA.
- The Parties confirm that they will take the necessary steps to ensure that the Data Subject in question is aware of the purpose of the collection of the Personal Information, and that they will not (i) thereafter use such information for another purpose, or (ii) retain it for longer than necessary, given the original purpose and the legitimate commercial interests of the Parties.
- Further Processing limitation
- The Parties will not use any Personal Information collected by them for any purpose other than that for which it originally received such information, unless any further Processing is compatible with the original purpose for which such information was collected.
- Information quality
- The Parties undertake to (i) keep Personal Information complete, accurate, and up to date, (ii) take all necessary steps to check the accuracy of any Personal Information at the point of collection and at regular intervals afterwards, and (iii) correct or destroy any inaccurate, outdated and / or misleading Personal Information.
- The Parties agree to be transparent with Data Subjects at all time and confirm that Personal Information will only be Processed by the Parties if the Data Subject in question has been notified, or if permitted to do so in terms of POPIA.
- The Parties will only obtain Personal Information from legitimate sources.
- Security safeguards
- The Parties, including all of its (i) employees, (ii) contractors, (iii) visitors, and (iv) all other authorised users of their systems (“Users”) undertake at all times to ensure that appropriate, reasonable technical and organisational security measures are taken against unlawful or unauthorised Processing of Personal Information, and against the accidental loss of, or damage to, Personal Information.
- The Parties confirm that they will in place appropriate procedures and technologies to maintain the security of all Personal Information Processed by them.
- The Parties confirm that they will only transfer Personal Information to an Operator if the Operator has agreed in Writing to comply with such procedures and policies.
|5. GENERAL PROVISIONS|
- The Parties agree that:
- (i) only people who are authorised to use Personal Information can access it, (ii) they will ensure that only authorised persons will have access to records containing Personal Information, (iii) all Users of the Parties will be required to maintain the confidentiality of any Personal Information that they have access to;
- proper security safeguards are in place to ensure the maintenance, and the assurance, of, and the accuracy and consistency of, Personal Information over such information’s entire life cycle;
- authorised users should be able to access the Personal Information only if they need it for an authorised purpose; and
- where there are reasonable grounds to believe that the Personal Information of a Data Subject has been accessed or acquired by any unauthorised person, the Parties or any Third Party Processing Personal Information under the authority of the Parties, will notify both the information regulator (“Regulator”) and the Data Subject. Such notification must be in Writing, and the communication to the Data Subject must be made in at least one of the following ways:
- Mailed to the Data Subject’s last known physical or postal address;
- Sent by email to the Data Subjects last known email address;
- Placed in a prominent and conspicuous position on the website of the Parties;
- Published in the news media; and / or
- As directed by the Regulator.
- In this Agreement, where reference is made to Personal Information, this includes a reference to Special Personal Information, unless (i) the context indicates otherwise, and / or (ii) this would contravene any provision of POPIA.
|6. DATA SUBJECT PARTICIPATION|
- A formal request from a Data Subject for information that the Parties hold about them, must be made in Writing accompanied with adequate proof of identification, including a certified copy of the individual’s identity document or passport and proof of residence.
- The Organisation has drafted and implemented Data Subject request policies for both natural and Juristic Persons.
|7. LETTERS AND NOTICES|
- Any letter or notice given in terms of this Agreement shall be in Writing and shall:
- if delivered by hand be deemed to have been duly received by the addressee on the date of delivery;
- if posted by prepaid registered post be deemed to have been received by the addressee on the 5th (Fifth) Business Day following the date of such posting; and
- if transmitted by facsimile or email be deemed to have been duly received by the addressee on the date of delivery.
- For purposes of clause 8.1, the contact details are as follows:
- For the Organisation, as set out in item 1.1; and
- For the Service Provider, as set out in item 1.2.
- Notwithstanding anything to the contrary contained herein, a Written notice of communication actually received by a Party shall be an adequate Written notice or communication to it notwithstanding that it was not sent to or delivered to the addresses set out in items 1.1 and 1.2 (as the case may be).
- The addresses given by the Parties in item 1.1 and item 1.2 shall constitute the Parties chosen addresses for any and all purposes stipulated under this Agreement and the receipt of any documentation and the institution of any legal proceedings.
|8. GOVERNING LAW|
- This Agreement is governed by South African law.
- Not limiting the jurisdiction that any other court may have, the Parties consent in terms of section 45 of the Magistrates’ Courts Act 32 of 1944 (or any similar section of an act replacing such act) to the jurisdiction of the Magistrate’s Court for the purpose of any proceedings in terms of or incidental to this Agreement, notwithstanding that the amount claimed or the value of the matter in dispute may exceed such jurisdiction.
|9. NON VARIATION|
- No addition to or variation or consensual cancellation of this Agreement, including this clause, has effect unless it is in Writing and Signed by both Parties.
- The Organisation and the Service Provider agree that this Agreement is the whole agreement between the Parties in regard to its subject matter.
- The Parties undertake at all times to do all such things, to perform all such acts and to take all such steps as may be open to them and necessary for or incidental to the putting into effect or maintenance of the terms, conditions and import of this Agreement.
|10. RELAXATIONS AND INDULGENCES|
No indulgence by one Party to the other Party, or failure to strictly enforce the terms of this Agreement, is to be construed as a waiver or a basis for raising estoppel in any way.
Each provision in this Agreement is severable from all others, notwithstanding the manner in which they may be linked together or grouped grammatically, and if in terms of any judgment or order, any provision, phrase, sentence, paragraph or clause is found to be defective or unenforceable for any reason, the remaining provisions, phrases, sentences, paragraphs and clauses shall nevertheless continue to be of full force. In particular, the Parties acknowledge their intention to continue to be bound by this Agreement notwithstanding that any provision may be found to be unenforceable or void or voidable, in which event the provision concerned shall be severed from the other provisions, each of which shall continue to be of full force.