INTERGEST SOUTH AFRICA (PTY) LTD

PRIVACY POLICY

1. INTRODUCTION

1.1 This Privacy Policy (hereinafter referred to as the “Policy”) applies to the use of the website of Intergest South Africa (Pty) Ltd (hereinafter referred to as “we/us”) and any interactions between you and us.

1.1 We, through this Policy, wish to inform you of the scope and purpose for which your personal information is processed by us in connection with your use of our website or through any interactions with us.

1.2 We gather, store and use your personal information only in line with the contents of this Policy and with applicable data protection provisions, such as: –

1.2.1 The European General Data Protection Regulation (GDPR); and

1.2.2 The Protection of Personal Information Act 4 of 2013 (POPI).

1.3 We are committed to safeguarding your personal information and we take the protection of your privacy and personal information very seriously. We will always treat your personal information as confidential and in accordance with the applicable statutory data protection provisions.

1.4 This Policy hereby notifies you that we, in terms of this Policy, collect personal information in accordance with section 18 of POPI and Article 12(1) of the GDPR.

    2.  SCOPE

    This Policy applies to all data subjects (i.e. persons (whether a natural or juristic person) to whom the personal information relates), and the personal information we collect and process, whether it was provided to us through the use of our website(s), or through any other form of communications with us, such as email, telephone, or otherwise.

    3.           INTERGEST AND ITS CONTACT DETAILS

    3.1 We are the responsible party, with registration number 2003/03191/07. We are a private company duly incorporated and registered in South Africa in accordance with the provisions of the Companies Act 71 of 2008, as amended, with our registered office at 300 Acacia Road, Darrenwood, Randburg, South Africa, 2194.

    3.2 Our Information officer is available for questions related to our management of your personal information or more information on issues relating to the protection of your personal information. Our Information Officer may be contacted using the details provided below:

    • Information Officer:          Mr. Volker Ernst Werth.
    • Postal Address:                    PO Box 4367, Cresta, Gauteng, 2118.
    • Street Address:                    300 Acacia Road, Darrenwood, Randburg, South Africa, 2194.
    • Telephone Number:           011 476 1776.

    4.           PERSONAL INFORMATION WE COLLECT

    Personal information is any information that may identify or relate to any identifiable person (be it natural or juristic). The personal information we collect may include, but is not limited to:

    • Identity information – such as your name, identification number, company registration number or VAT registration number, including the names of any employees or representatives and in certain cases dates of birth;
    • Contact information – such as your address, zip/postal code, email address and phone number, including the contact information of any employees or representatives;
    • Financial and payment information – such as your spending and transaction history, or bank account information;
    • Technical information – such as information about the device you use to interact with us on our website; the IP address of your device, browser information and IT usage data;
    • Correspondence information – when you contact us when you send an enquiry or make a request, any correspondence or application may be kept and added to your personal information.

    5.           PURPOSES OF COLLECTION

    For each of the categories of information listed above, we may use your personal information for the following purposes: –

    • To fulfil a contract or pre-contractual measures;
    • To enable you to use our website;
    • To allow us to identify you and any account you hold with us;
    • To provide you with customer service;
    • For billing and payment purposes in relation to the sale or purchase of any products and/or services;
    • To confirm prior transactions and/or manage or reconcile financial records;
    • To contact you in relation to any inquiries you have and deal with any other correspondence, concerns, or complaints you may have raised;
    • To operate our business, including for internal purposes, such as auditing, information analysis, statistical and research purposes and to help us improve our offerings and service delivery.

    6.           LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION

    6.1 We collect, process, and use your personal information only to the extent necessary to establish, maintain or modify legal relationships with us.

    6.2 Where we obtain consent to process your personal information, section 11(1)(a) of POPI and/or Article 6(1)(a) of the GDPR, serves as the legal basis for processing.

    6.3 Insofar as your personal information is processed because processing is required to fulfil a contract, or to take the steps necessary to conclude a contract, section 11(1)(b) of POPI and/or Article 6(1)(b) of the GDPR serves as the legal basis for processing.

    6.4 Insofar as we process your personal information to fulfil a legal obligation, section 11(1)(c) and/or Article 6(1)(c) of the GDPR serves as the legal basis for processing.

    6.5 In cases where we process your personal information in order to protect your legitimate interest section 11(1)(d) of POPI and/or Article 6(1)(d) of the GDPR serves as the legal basis for processing.

    6.6 Where processing is necessary for pursuing our legitimate interests, or those of a third party to whom the information is supplied, section 11(1)(f) of POPI and/or Article 6(1)(f) of the GDPR serves as the legal basis for processing.

    6.7 In this policy, we will always indicate the basis upon which we process your personal information.

    6.8 We will not use your personal information other than for the purpose for which it was provided or collected, unless such use is to comply with our legal obligations, to protect your legitimate interests or to further ours.

    6.8 We collect, process, and use your personal information only to the extent necessary to establish, design or modify legal relationships with us.

    7.           SOURCES OF COLLECTION

    For the categories of information listed above, we collect information when you provide it to us, for instance: –

    • When you purchase our products and/or services;
    • When you enter into a legal relationship with us;
    • When you contact us for any reason; or
    • When you make use of our website(s) and other web applications provided by us.
    • We may also collect information when it is provided to us, or from other publicly available sources.

    8.           WEBSITE USE

    We collect personal information when you visit our website and provide specific details in relation to these aspects in the corresponding sections of this Policy below.

    8.1   Server Log Files

    When you visit our website for information purposes only, we do not actively collect personal information. However, personal information is collected and stored in so-called log files, which your browser transmits to us.

    In such cases, we process the following technically required information: –

    • The IP address of your device;
    • The date and time of the request;
    • The time zone difference to Greenwich Meridian Time (GMT);
    • The location of the device you used, such as the city and province;
    • The amount of data transferred;
    • The duration of the time spent on our website;
    • The name and URL of the requested page;
    • The website/application from which the request was made (referrer URL);
    • The browser type, software language and version;
    • The operating system of your Internet-enabled computer and its interface; and
    • The name of your internet provider.
    • We collect and temporarily store this information, to enable us to transmit the contents of our website to your device, which includes, but is not limited to text, images and files. In order for these actions to occur, your IP Address must be stored by us for the entire duration of your session.
    • The IP address of your end device and the data listed above are used by us to:
    • Ensure that a smooth, problem-free connection to our website is established;
    • Ensure ease of use of our website;
    • Evaluate system security and stability;
    • Prosecution in the event of a cyber-attack.
    • The supply of such information is mandatory in order to ensure that we can make the content of our website available to you and a failure to provide such information means that you will be unable to use our website or will only have access to a restricted version of our website.
    • The legal basis for processing is Article 6(1)(f) of the GDPR and/or section 11(1)(f) of POPI. Our legitimate interest results from the data collection purposes listed below. Please note that the collected data does not give us any indication as to your identity, nor do we use it to draw any conclusions about your person.
    • The information collected by the us through server log files is not used for marketing purposes.
    • The information collected through server log files will be deleted as soon as possible once the purpose for its collection has been fulfilled. As a general rule, the information collected in server log files is deleted following the expiry of a period of 180 (One Hundred and Eighty) days. Where information is stored for a longer period, we ensure that your IP Address is deleted or altered to ensure that you can no longer be identified from such information.

    8.2   Contact Us Form

    Should you send us an inquiry using the contact form on our website, we may collect the following personal information from the data subject: –

    • Your title;
    • Name and surname;
    • Company;
    • Email address;
    • Telephone number; and
    • The content of your request.
    • The information you provide will be processed by us for the sole purpose of responding to your inquiry and any follow-up questions you may have in response to us.
    • It is mandatory to supply certain information to allow us to respond to your request, whereas the supply of additional information is voluntary. Data subjects will recognise the mandatory information which must be supplied by an asterisk “*” which appears in the relevant field.
    • The information contained in the contact form is processed based on: –
    • Your consent in terms of section 11(1)(a) of POPI and/or Article 6(1)(a) of the GDPR, which consent may be revoked at any time;
    • Section 11(1)(b) of POPI and/or Article 6(1)(b) of the GDPR, to the extent that such contact with us is aimed at concluding or entering into a contract; and
    • Our legitimate interest in responding to your inquiry in accordance with section 11(1)(f) of POPI and/or Article 6(1)(f) of the GDPR.
    • We will not share the personal information provided by you to any third parties.
    • We will process the information provided by you until such time as you request its deletion, revokes your consent or where it may be inferred from the circumstances that the request has been resolved, whereafter your personal information will be deleted. In cases where statutory obligations require the continued storage of your personal information, we will restrict the processing of this information.

    8.3   Downloadable Investment Guide

    An Investment Guide is available for free download on our website. If you would like to receive a copy of the Investment Guide, we may collect the following personal information from the data subject: –

    • Name and surname;
    • Email address;
    • Company Name; and
    • Country.
    • We will use the information you provide to provide you with the Investment Guide.
    • It is mandatory to supply the information which enables us to provide you with the Investment Guide and you will recognise the mandatory information which must be supplied by the asterisk “*” which appears in the relevant field.
    • The information contained in the contact form is processed based on: –
    • Your consent in terms of Article 6(1)(a) of the GDPR and section 11(1)(a) of POPI, which consent may be revoked at any time.
    • Article 6(1)(b) of the GDPR and section 11(1)(b) of POPI, to the extent that obtaining the Investment Guide may facilitate the conclusion of a contract.
    • Our legitimate interest in responding to your inquiry in accordance with Article 6(1)(f) of the GDPR and section 11(1)(f) of POPI.
    • We will not share the information provided by you to any third parties.
    • The information you provide will be processed for historical, statistical and research purposes and will be restricted to ensure that it is only processed for these purposes.

    8.4   Use of Cookies

    On our website, we use cookies or other storage technologies (local storage, session storage) of your browser. Cookies are small files that are created automatically by your browser and stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause damage to your device, and they do not contain any viruses, Trojans or other malware.

    • The information stored in the cookie is produced in connection with the specific end device used. However, this does not mean that we can obtain direct knowledge of your identity from this information.
    • The use of cookies is intended to make the use of our website a more pleasant experience for you. For example, we use session cookies to determine that you have previously visited specific pages of our website. These are erased automatically when you leave our site.
    • In addition, we use temporary cookies to make our website more user-friendly. These temporary cookies are stored on your end device for a specific set period. If you visit our website again to take advantage of our services, the cookies will automatically recognise that you have visited the site previously and remember the entries and settings that you made so that you do not have to re-enter these details.
    • We also use cookies to record statistics pertaining to the use of our website, to evaluate these statistics in order to optimise our website for you, as well as to display personalised information. If you re-visit our website, these cookies will automatically recognise that you have accessed the site previously. These cookies are automatically deleted after a predefined time. Most browsers accept cookies automatically.
    • Cookies are stored on your device and transmitted to us. As such, you have full control over our use of such cookies and the supply of such information is entirely voluntary.
    • You are able to alter your cookie setting in your internet browsers and can disable or restrict the transmission of cookies. Saved cookies are can also be deleted at any time.
    • You are able to alter your cookie setting in your internet browsers and can disable or restrict the transmission of cookies. Saved cookies are can also be deleted at any time.
    • However, you may only have access to a restricted version of our website, or not at all, if you reject the storage of cookies or delete the necessary cookies.
    • The information collected through this cookie is stored on your browser until such time as you clear and/or delete your stored cookies. This information is stored on the individual’s browser and will remain private until the induvial deletes this information. The website will not be able to take this information and identify an individual.
    • The legal basis for processing information collected though our use of cookies is: –
    • Based on your consent in terms of section 11(1)(a) of POPI and/or Article 6(1)(a) of the GDPR; and/or
    • Our legitimate interests in the proper and user-friendly functioning of our website in terms of section 11(1)(f) of POPI and/or Article 6(1)(f) of the GDPR.
    • We do not share the information we collect via cookies to any other person.

    8.5  YouTube

    • We may use functions of the YouTube service to display and play back videos on our website. These functions are provided by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066, USA. Additional information is provided in the YouTube privacy policies.
    • In this case, the enhanced data protection mode is used which, according to the provider, ensures that user information is only stored during video playback. When the user initiates playback of embedded YouTube videos,
    • YouTube may employ cookies or other storage technologies to collect information regarding user behaviour. According to YouTube, this is done, among other things, to record video statistics, improve usability and prevent misuse.
    • Independently of any playback of the embedded videos, the integration of the YouTube service may also result in a connection being established to the Google network “DoubleClick”, which can trigger additional data processing operations over which we have no influence.
    • Further details regarding the use of YouTube, data protection provisions and setting options can be found here:

    8.6  Website Security

    Our website uses Secure Socket Layer (SSL) encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us.

    You can recognize an encrypted connection in their browser’s address bar when it changes from “http://” to “https://” and the system-specific lock icon is displayed in your browser’s address bar.

    If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

    9.     EMAIL AND TELEPHONE CONTACT

    • Where you contact us for any reason, be it via email or telephone we may collect the following information: –
    • Name and surname;
    • Company;
    • Email address; and/or
    • Telephone number.
    • The contact information you provide, will be processed by us for the purpose of responding to your inquiry and any follow-up questions which may arise by virtue of our response.
    • It is mandatory to supply the information which is necessary to allow us to respond to your request, whereas the supply of additional information is voluntary. A failure to provide the mandatory information means that we are unable to respond to your request.
    • The information collected from you during a telephone call or upon receipt of an email is processed based on: –
    • Your consent in terms of section 11(1)(a) of POPI and/or Article 6(1)(a) of the GDPR, which consent may be revoked at any time.
    • Section 11(1)(b) of POPI and/or Article 6(1)(b) of the GDPR, to the extent that your contact with us is aimed at concluding or entering into a contract or performing in terms thereof.
    • Our legitimate interest in responding to your inquiry in accordance with section 11(1)(f) of POPI and/or Article 6(1)(f) of the GDPR.
    • We will not share the information provided by you to any third parties unless we require a third-party service provider to assist in responding to the request.
    • We will process the information provided by you during the telephone call or in the email until such time as you request its deletion, revoke your consent or where it may be inferred from the circumstances that your request has been resolved, whereafter the personal information will be deleted. registered members.

    10.        MARKETING ACTIVITIES

    Marketing is an important way in which we conduct business and is key to our continued success. We ensure our marketing activities are conducted strictly in accordance with applicable data protection requirements.

    We will only direct market to you via electronic communication if you are an existing customer, or in circumstances where you have provided your consent to receive such marketing materials.

    In order to enable such direct marketing activities, we will collect personal information from you such as your name and email address, this information is collected from you either at the time your purchased products or services from us or a company forming part of our group, or at the time you provided us with your information.

    In these circumstances, we process your personal information for the purpose of informing you of our products, services, events, and other opportunities.

    We process this personal information based on: –

      • Your consent in terms of section 11(1)(a) of POPI and/or Article 6(1)(a) of the GDPR; or
      • Actions which are necessary for the performance of a contract to which you are party in terms of section 11(1)(b) of POPI and/or Article 6(1)(b) of the GDPR; and
      • Our legitimate interest in informing you of products and services, promotions, and other opportunities in accordance with section 11(1)(f) of POPI   and/or Article 6(1)(f) of the GDPR.
      • The supply of such personal information for the purposes of direct marketing is entirely voluntary and a failure to provide such information would mean that we are unable to keep you informed of products, services, events and opportunities, which may be of interest to you.
      • In order to conduct our marketing activities, we may transfer your personal information to service providers. However, we include contractual provisions which ensure that your information is always protected in compliance with applicable data protection provisions.
      • At all times, you have the right to object to the processing of your personal information for the purposes of direct marketing in terms of Article 21(2-4) of the GDPR and/or section 69(3)(c) of POPI. To exercise this right, you can simply opt out of receiving further electronic communications by clicking the unsubscribe button at the bottom of every marketing email we send, or by emailing us directly.
      • We may also process your personal information to direct market in other ways, which do not involve electronic communications. In such cases, you are also entitled to object to the processing of your personal information in terms of Article 21(1) of the GDPR and/or section 11(3)(b) of POPI. Please visit the corresponding section below to find out more information on how to exercise this right.
      • If you have objected to the processing of your personal information for the purposes of direct marketing, either in terms of electronic communication or otherwise, we will remove you from our marketing data base and will ensure that we no longer process your personal information for these purposes. However, the legality of any processing which may have taken place either prior to objection, or which continues to take place based on other grounds will not be affected.

      11.        DISCLOSURE OF INFORMATION

      We do not sell or otherwise disclose your personal information, save as specified in this Policy, or as may be required in terms of applicable law. However, we may disclose your personal information, inter alia: –

      • Where such disclosure is necessary for marketing purposes;
      • Where such disclosure is made to suppliers or third-party service providers, who enable us to provide our services; and/or
      • To our employees who strictly require it in order to perform their functions.

      We ensure that third party service providers and employees, who may receive your personal information, respect the confidentiality and the need for protection of your personal information by adopting appropriate measures to this effect. In all other cases, we will not disclose your personal information without first notifying you and obtaining your consent.

      12.        SECURITY IN RESPECT OF PERSONAL INFORMATION

      We ensure the confidentiality, integrity and availability of the personal information we process by placing same onto specially secured servers, which are only accessible: –

      • from password protected computers;
      • by designated members of staff with specific access permissions.

      The storage thereof is a technical and organizational measure employed by us to protect against loss, destruction, access, alteration or dissemination of your data by unauthorized persons.

      We have a dedicated hardware firewall, to protect the corporate network from external attacks. Up to date Anti-virus software is installed on all machines and regular patches and updates of software is performed to keep systems compliant.

      Only authorized persons are able to access your personal information at any given time. These individuals are responsible for the technical, commercial and editorial supervision of the server. Despite regular inspections, complete protection against all risks is not possible and we in no way guarantees complete protection in this regard.

      Our security measures are continuously enhanced in line with technological advancement.

      For more information in respect of our security practices, please refer to our Manual which has been prepared in accordance with section 51 of the Promotion of Access to Information Act 2 of 2000, as amended, which Manual is available on our website(s).

      13.        SECURITY COMPROMISES

      Should we have reason to believe that your personal information has been accessed or acquired by any unauthorised person, we hereby inform you that we shall, as soon as possible, notify the Information Regulator and any affected data subjects, unless their identity cannot be established. The basis for processing your personal information in such cases is to comply with obligations imposed by law, in terms of section 11(1)(c) of POPI and/or Article 6(1)(c) of the GDPR and to protect your legitimate interest in respect of your personal information in terms of section 11(1)(d) of POPI and/or Article 6(1)(d) of the GDPR.

      14.        THIRD PARTY SERVICE PROVIDERS

      In certain cases, we make use of third-party service providers to assist us in performing our functions and duties, in terms of which our service providers may process your personal information for and on our behalf. Where service providers process personal information on our behalf, we commit them to safeguarding the security of the personal information which is

      provided to them in terms of written contracts, which oblige them to treat such information as confidential and not disclose it, and to adopt appropriate security measures to protect the relevant personal information from unauthorised access.

      15.        TRANSFER OF PERSONAL INFORMATION OUTSIDE OF THE REPUBLIC OF SOUTH AFRICA

      We transfer personal information outside of the Republic of South Africa only to the extent that: –

      • It is required to share the information for the purposes of intercompany reporting;
      • It is stored on our secure servers of our cloud-based CRM and IMS service providers, which are located in Germany; and/or
      • as may be otherwise required in the performance of our contractual duties.

      In cases where personal information is transferred to third parties based outside of the Republic of South Africa, we will only transfer such information in terms of a written contract which obliges recipients to: –

        • Treat the personal information as confidential and not disclose it;
        • Establish and implement appropriate security measures to protect the personal information against unauthorised access;
        • Effectively upholds the principles of reasonable processing as set out in POPI; and
        • Limit the further transfer of such personal information in terms of provisions which are substantially similar to the provisions of section 72 of POPI.

        16.  USE OF SOCIAL MEDIA

        Our website contains links to various social media platforms, which can be recognized by the provider’s respective logo.

        By clicking on the link, the corresponding social media page will open, for which this privacy policy does not apply. Please check the relevant privacy policies of the individual providers for details on the applicable terms and conditions

        Before calling up the relevant hyperlinks, the data subject’s personal information is not transferred to the respective provider.

          16.4  LinkedIn

          We make use of the social media platform LinkedIn for promotional and business purposes.

          The operator of this service is LinkedIn Corporation, 1000 West Maude Avenue, Sunnyvale, CA 94085. If a data subject accesses our LinkedIn profile, this creates a connection to LinkedIn’s servers. This then communicates to LinkedIn’s servers and our online server that the data subject has visited the profile.

          More information on handling user data can be found in LinkedIn’s privacy policies https://www.linkedin.com/legal/privacy-policy.

            17.        LINKS TO OTHER WEBSITES

            Our website may contain links to other websites from time to time, with relevant hyperlinks for these purposes being labelled as such.

            We have no influence on and to what extent the linked websites comply with the applicable data protection regulations and accordingly recommends that data subjects acquaint themselves with the relevant privacy policies for such other websites before accessing or entering same.

            18.        PROMOTION OF ACCESS TO INFORMATION

            Should you wish to access any information held by us for the purposes of exercising any of your rights, please refer to our manual, which has been prepared in accordance with section 51 of the Promotion of Access to Information 2 of 2000, as amended, which manual is accessible on our website or may be obtained upon request.

            Although you have the right to request access to information held by us, in certain instances we are obliged to refuse access to information based on the grounds contained in the provisions of Chapter 4 of Part 2 and Chapter 4 of Part 3 of the Promotion of Access to Information Act 2 of 2000, as amended.

            In the event that a particular ground of refusal applies, we will not provide you access to such information.

              19.        YOUR RIGHTS AS A DATA SUBJECT

              We place strong emphasis on explaining the processing of your personal information as transparently as possible and informing you of your rights. In the event that you would like more detailed information or wish to exercise your rights, you can contact us at any time so that we can take care of your concerns.

              As well as your right to revoke any consent you have given to us, you are afforded the following additional rights where the relevant statutory requirements are met:

                • Right of access to information regarding the personal data stored by us in accordance with Article 15 of the GDPR and/or section 23 of POPI;
                • Right to rectify or correct any inaccurate information in accordance with Article 16 of the GDPR and/or section 24 of POPI;
                • Right to erasure of data stored by us in accordance with Article 17 of the GDPR and/or section 24 of POPI, provided that no legal or contractual retention periods must be observed and/or no other legal obligations or rights exist with regard to continued storage;
                • Right to restriction of processing of personal data in accordance with Art. 18 of the GDPR and/or section 14 of POPI;
                • Right to data portability in accordance with Art. 20 GDPR;
                • Right to lodge a complaint with a supervisory authority; as a rule, you may contact the supervisory authority of your usual place of residence or workplace or our company headquarters.

                In the paragraphs below, we provide more detailed information on how to exercise your rights. For any other questions, please feel free to send us an email so that we may address your concerns.

                19.4   Right of Access to, Correction and/or Deletion of Personal Information

                Provided you are able to prove your identity, you have the right to request confirmation, free of charge, whether we hold personal information about you, as well as information about the categories of third parties who have, or have had, access to your personal information.

                Should you wish to establish whether we hold any personal information about you, you are invited to send us an email with your request using the information set forth above.

                Should personal information be disclosed to the data subject in response to any requests as aforesaid, the data subject is hereby notified of its right to request correction, deletion and/or blocking of the personal information, in line with section 24 of the Protection of Personal Information Act 4 of 2013, as amended.

                Should you wish to request the correction or deletion of your personal information or the destruction or deletion of a record of personal information, please submit a request to us on Form 2,    which may be accessed at https://inforegulator.org.za/wp-content/uploads/2020/07/FORM-2-REQUEST- FOR-CORRECTION-OR-DELETION-OF-PERSONAL-INFORMATION-OR.pdf. We will render such reasonable assistance, as may be necessary and free of charge, to enable you to complete Form 2.

                  19.5   Withdrawal of Consent and Right to Object to processing of Personal Information

                  You have the right to revoke your consent to any processing of your personal information and may exercise your right by simply sending us an email. However, the revocation of such consent will not affect the lawfulness of continued processing where legal grounds authorise or require us to continue processing such information, nor will it affect the lawfulness of any processing that was carried out by us between the time of consent and withdrawal.

                  Please take note that you may also object, in terms of section 11(3)(a) of POPI, to the processing of your personal information, where processing takes place on the following grounds: –

                  In order to protect your legitimate interest; or

                  Where processing is necessary for pursuing our legitimate interest, or those of a third party.

                  Should you wish to object to the processing of your personal information in terms of section 11(3)(a) of POPI, please submit your objection to us on Form 1, in accordance with the Regulations relating to POPI.

                  The Form 1 document may be accessed through the following link: https://inforegulator.org.za/wp-content/uploads/2020/07/FORM-1-OBJECTION- TO-THE-PROCESSING-OF-PERSONAL-INFORMATION.pdf

                  We will render such reasonable assistance as is necessary, free of charge, to enable you to make an objection on Form 1.

                  Any objections must be based on reasonable grounds relating to your particular situation unless legislation provides for such processing, in which case we shall continue to process such personal information in compliance with our statutory obligations.

                  In the absence of such legislative obligations, we will review and, if necessary, cease the processing of such personal information.

                  We will inform you of the results of the review and if the data processing is to continue nevertheless, we will provide you with detailed information about why the continued processing is permitted and/or required.

                    19.6                     Right to Lodge a Complaint

                    Should you feel as though we have used your personal information contrary to POPI and/or the GDPR, please send us an email in order for us to address any of your concerns.

                    If we are unable to resolve the issue to your satisfaction, you have the right to lodge a complaint with the Information Regulator.

                    In terms of the Regulations relating to POPI, any person who wishes to submit a complaint must submit such a complaint to the Information Regulator on Part I of Form 5.

                    The relevant form is accessible via the following link: https://inforegulator.org.za/wp-content/uploads/2020/07/FORM-5-COMPLAINT- REGARDING-INTERFERENCE-WITH-THE-PROTECTION-OF-AN-ADJUDICATOR.pdf.

                    The available contact details of the Information Regulator are recorded as follows:

                    Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001;

                    Postal Address: PO Box 31533, Braamfontein, Johannesburg, 2017.

                    Email: complaints.IR@justice.gov.za.

                      20.        UPDATES TO THIS POLICY

                      We reserve our right to amend this Policy from time to time and will do so without notice to you. The latest version of this Policy will be indicated by the date information (below). The current version of this Policy can always be accessed directly via our website(s).

                      Last updated: 1 August 2023