1. Introduction
2. What is personal information
3. Where and when do we collect personal information
4. When will we process your personal information
5. When will we process your special personal information
6. What information do we collect, and how do we use your information
7. How we share your information
8. Your rights and obligations
9. Changes to our policy
10. Other important information
11. Contact Information
12. Document control
13. Change history
In this document, references to : “Firedart Engineering Underwriting Managers (Pty) Ltd", "we", "us", or "the Group" are to Firedart Engineering Underwriting Managers (Pty) Ltd and its subsidiary companies.
Firedart Engineering Underwriting Managers (Pty) Ltd recognises its accountability in terms of the Protection of Personal Information Act (hereinafter referred to as POPIA), other privacy protection legislation, together with its regulations to all its employees. Firedart Engineering Underwriting Managers (Pty) Ltd needs to collect personal information from its employees to carry out its business.
To maintain a trust relationship with our Stakeholders, we are committed to complying with both the spirit and the letter of POPIA, other privacy protection legislation, and to always act with due skill, care, and diligence when dealing with personal information.
Personal Information according to POPIA, means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to –
a. Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language, and birth of the person;
b. Information relating to the education or the medical, financial, criminal, or employment history of the person;
c. Any identifying number, symbol, e-mail address, telephone number, location information, online identifier, or other particular assignment to the person;
d. The biometric information of the person;
e. The personal opinions, views, or preferences of the person;
f. Correspondence sent by the person that would reveal the contents of the original correspondence;
g. The views or opinions of another individual about the person; and
h. The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
Information you provide to us:
Clients
Directly from you;
Online quote request forms
Purchase orders
Contracts
Suppliers
Invoices
Contacts
We will only process your personal information for lawful purposes relating to our business if the following circumstances apply:
You have consented thereto;
a person legally authorised by you, or a court, has consented thereto;
It is necessary to conclude or perform under a contract we have with you;
The law requires or permits it;
It is required to protect or pursue your, our, or a third party’s legitimate interest; and/or
You are a child, and a competent person (such as a parent or guardian) has consented thereto on your behalf.
Special personal information refers to the following categories of information:
Religious and philosophical beliefs;
Race;
Ethnic origin;
Trade union membership;
Political beliefs;
Health including physical or mental health, disability, and medical history;
Biometric information;
Criminal behaviour where it relates to the alleged commission of any offence or the proceedings relating to that offence.
We will process special personal information in the following instances:
You have consented to the processing (in circumstances where we are legally obliged to obtain your consent); or
It is necessary to exercise or defend a right or obligation in law; or
It is necessary to comply with an international legal obligation of public interest; or
It is for certain historical, research, or statistical purposes that would not adversely affect your privacy; or
You have deliberately made your personal information public.
Kindly note that the following list is not comprehensive. It sets out the main purposes and data elements collected by Firedart Engineering Underwriting Managers (Pty) Ltd:
Clients
Invoicing
Debit Orders
Service Delivery
To contact you;
Audit & Record keeping;
BEE compliance.
Business Registration Nr
VAT nr
Business Name, t/a name
Banking details
Title
Name
Surname
Id nr
Physical address
Postal Address
Province
Contact nrs
email addresses
Business Sector
Service Providers / Suppliers
Purpose: Data elements:
Purchase Orders
To contact you;
Audit & Record keeping;
BEE compliance.
Name:
Bank Details:
Contact Numbers:
Address:
We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.
We may also disclose your information:
Where we have a duty or a right to disclose in terms of law or industry codes;
Where we believe it is necessary to protect our rights.
Legal Disclosures:
We may need to share your information when we believe it is required by law, legal process or to help protect the rights and safety of you, us, or others. We attempt to notify members about legal demands for their data when appropriate in our judgment unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, at our discretion, that the requests are overbroad, vague, or lack proper authority, but we do not promise to challenge every demand.
Data Retention:
We keep most of your personal information while we still have a purpose, we need to provide you with services or where we are legally obligated to do so.
We will also keep your information where you have agreed for us to do so, or have given your consent that we are allowed to do so.
We keep some of your information even after you are no longer in our employment, if it is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our other user agreements, or fulfil your request to object to our processing of your information.
You have rights in connection with your personal information. You have many choices about how your information is collected, used, and shared.
In certain circumstances, by law, you have the right to:
Request access to your information: You will be able to ask us what information we have about you as well as ask for a copy of this information. This should be done on request to prisha@firedart.co.za. There are some exemptions, which means you may not always receive all the information we process. When we can give you a copy it might be done at a certain fee, which will also be communicated to you at the time of your query.
Change or correct information: You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Delete information: You can ask us to delete or remove personal information under certain circumstances.
Object to processing: You can do this where we are relying on your legitimate interest, public interest, or our legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your data for direct marketing purposes or where you have given your consent for the specific processing and you want to retract your consent. Retracting your consent does not invalidate the information we lawfully processed while we had your consent to do so.
Request the restriction of processing: You can ask us to suspend the processing of personal data about you, for example, if you want us to establish its accuracy or the reason for processing it.
Changes to the privacy notice apply to your use of our services. We may modify this privacy notice from time to time, as required by changes in legislation. When material changes are made, we will provide notice through our services, or by other means, to provide you the opportunity to review the changes before they become effective.
You acknowledge that your continued use of our services after we publish our changes to this privacy notice means that the collection, use, and sharing of your personal information is subject to the updated privacy notice.
Security:
We have put in place appropriate security measures to prevent your data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal information on a business need-to-know basis, and subject to a duty of confidentiality.
Transborder information transfers:
We do not share any of our clients, suppliers, service providers and other third parties’ information across borders.
However, should it become necessary to transfer personal information to another country for any lawful purposes, we will ensure that anyone to whom it pass personal information is subject to a law, binding corporate rules or binding agreement which provides an adequate level of protection and the third party agrees to treat that personal information with the same level of protection as we are obliged under POPIA.
Should you have a query please send an email to: prisha@firedart.co.za
Our Information Officer:
Prisha Bhoola
Email: prisha@firedart.co.za
The Information Regulator:
You have the right to lodge a complaint with the South African Information Regulator. See the Information Regulator contact details below.
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
P.O Box 31533, Braamfontein, Johannesburg, 2017
Complaints email: PAIAcomplaints@inforegulator.org.za
General inquiries email: enquiries@inforegulator.org.za