1. PRIVACY NOTICE
1.1. We, Sawyer Group CC (Sawyer’s, we or us) process personal information in terms of this policy when
we act as a responsible party (We decide why and how to process the personal information). Privacy
is very important to us.
1.2. This policy (read with other notices given to individual data subjects) is our notice in terms of section
18 of the Protection of Personal Information Act, 2013 (POPIA).
1.3. This policy describes what personal information we process, where we collect it, why we process it
and the legal basis on which we do so and generally, how we do so.
2. THE INFORMATION WE COLLECT AND PROCESS
We collect and process personal information using our website, email system, voice recordings, post or
other hard copy reception facilities or other infrastructure. If you send us personal information, you do
so through our website, email system, WhatsApp or SMS’s, post or other hard copy reception facilities
or other infrastructure
2.1. INFORMATION RELATING TO OUR SERVICES
2.1.1. We process personal information in relation to our services; Distributors of Security Products.
2.1.2. We source the Service Information from our Clients or their representatives.
2.1.3. We process Service Information to negotiate, conclude and perform our contracts with our
Clients, to communicate and manage our relationships and contracts with our Clients, to invoice
and recover payment for our services, to ensure the security of our business and Infrastructure,
to effect all required registrations and to apply for, obtain and maintain all applicable licences
and other authorisations required to enable us to lawfully provide our services and operate our
business, to comply with the law including the tax laws, any applicable collective agreements and
employment laws, occupational health and safety laws, South African Revenue Service (SARS)
and other regulators (collectively Applicable Laws), to keep records including backups of our IT
systems and securely and properly administering our business.
2.1.4. The legal bases on which we process Service Information are consent or compliance with the law
including Applicable Laws or concluding and performing contracts for our services or our
legitimate interests in properly and securely administering our business.
2.2. INFORMATION VIA THE INFRASTRUCTURE OUR WEBSITE
2.2.1. You don’t have to provide personal information to us when you visit our website but you can do
so by sending an enquiry to us.
2.2.2. If you provide us with personal information using our website, we source that information from
you, with your consent and we only use it for the purpose for which you provide it.
2.2.3. Any email enquiries you send us via our website or other email Infrastructure are held on our
email server, by the addressee and by anyone in our business to whom the addressee refers your
email for response.
2.2.4. We use the personal information that you provide to us through our website:
184.108.40.206. for the purposes for which you provided it;
220.127.116.11. to administer and improve our website;
18.104.22.168. to improve our services; and
22.214.171.124. to communicate with you.
2.2.5. When you use our website, we process personal information about how you do so including your
IP address and information about your use of the website (eg the search terms you use, what
pages you access, the links you click, when you visited and the web browser you use) (Analytics
Information). We don’t collect any of your other personal information when you use our website
and we don’t use the Analytics Information to identify any person. We collect the Analytics
Information from our website analytics service providers, Media ETC and its service providers,
Microsoft, Profitbricks Inc and Trininty Interactive and Google Analytics. The legal basis on which
we use the Analytics Information is our legitimate interest in analyzing use of, and improving, our
website for the benefit of anyone who uses it.
website for your browsing session only (session cookie) or permanently (persistent cookie) which allow
that website to recognize you and track your preferences. You can set your browser to notify you
cookie settings on your browser at any time. You can also delete cookies at any time. Your ability to
access and use our website may be affected if you block cookies. We use first party cookies on our
website to learn how you use it, to improve it, to identify language and location preferences and for
basic website functionality. The cookies we use don’t contain personal information and we don’t
combine them with other data so that we can identify you.
2.2.6. Our website service providers (including Google Analytics, Microsoft, Facebook, Twitter, &
website. Third Party Cookies belong to and are managed by our website service providers. We
don’t control these service providers. These website service providers have their own privacy
policies which you can find on their websites.
2.2.7. We have pages on the social media platform, Facebook, Twitter, Instagram, Whatsapp and
Maillchimp and we use this to communicate with the public about our business and services.
2.2.8. You don’t have to provide us with any personal information when communicating with us on
our social media accounts but if you do, we may store and use that information to respond to
you or otherwise deal with your communication. The legal basis on which we process
information which you provide to us on our social media accounts is our legitimate interest in
marketing our business and responding to enquiries.
2.2.9. When you communicate with us using our social media accounts, please remember that social
media platform may collect your personal information for its own purposes including tracking
your use of our website on the pages on which links to the social media platform are displayed.
If you are logged in to a social media platform (including any Google service) while you visit
our website or our social media accounts, the social media platform’s tracking will be
associated with your profile with that social media platform. These social media platforms are
beyond our control. They have their own independent privacy policies which you can find on
WHATSAPPS AND SMS’S
2.2.11. We may use the SMSs and WhatsApp to communicate with our employees, our Clients and
their representatives and suppliers. You don’t have to provide us with any personal information
using SMSs or WhatsApp but if you do so, we may use and store and process that information in
relation to our services (Message Information). If you provide us with Message Information, we
source that information from you, with your consent and we only use it for the purpose for which
you provide it. The legal basis on which we process Message Information are consent or
concluding and performing a contract for our services or our legitimate interests in properly and
securely administering our business, providing services to our Clients and marketing our services.
Telecommunications companies and WhatsApp may collect your personal information for their
own purposes. The telecommunications companies and WhatsApp are beyond our control. They
have their own independent privacy policies which you can find on their websites.
2.2.12. We may have links to other websites, social media accounts and platforms on our website or
social media pages. These linked websites, accounts and platforms are beyond our control. If you
click on links on our website or social media pages, the linked website, account or platform may
send its own cookies to your device, collect data or process your personal information. You access
other websites, accounts and platforms through links on our website or social media pages at
your own risk. Please check the privacy policies of websites, accounts and platforms which are
linked to our website. You don’t have any recourse against us if you access a third party website,
account or platform, even if you do so using a link on our website or social media page.
2.2.13. If you post information on our website or our social media accounts, we may process the
personal information in your posts (Published Information). We may process the Published
Information to enable publication of your posts and in administering our website and our social
media accounts and marketing our services. The legal basis on which we process Published
Information is your consent or our legitimate interests in properly administering our business
including our website and our social media accounts and marketing our services.
1.2.14. We may make voice recordings using the Infrastructure when you communicate with us via
our call centre. You don’t have to provide us with any personal information on a telephone call
but if you do so, we may use and store and process that information on the Infrastructure (Call
Information). If you provide us with Call Information, we source that information from you, with
your consent and we only use it for the purpose for which you provide it. The legal bases on
which we process Call Information are consent or complying with the law including the Applicable
Laws or protecting our legitimate interests and those of our Clients by verifying the identities of
callers, communicating with callers, dealing with questions and complaints and properly and
securely managing our business.
1.2.15. We may also use the Infrastructure to make voice recordings or transcriptions of meetings.
We source the personal information in those recordings or transcriptions from the people who
attend the meeting. We use the recordings or transcriptions to keep a record of the outcome of
the meetings which we need for various business reasons, including dealing with any claims by,
against or involving us, including legal proceedings in any forum. The legal basis for sourcing the
personal information in recordings or transcriptions is your consent or our legitimate interest in
keeping records of meetings with Clients, employees, suppliers and others or dealing with claims
against, by or involving us, including legal proceedings in any forum.
2.2.16. If you send us personal information by post or by hand delivery, that information will be
processed by our Infrastructure for receiving and handling post and hand deliveries.
2.3. INFORMATION OF OUR PEOPLE, THEIR DEPENDANTS AND BENEFICIARIES
2.3.1. We process personal information in relation to our employees and their dependants and
beneficiaries (Employee Information) including names, identity or passport numbers, contact
information (phone numbers, email and other addresses) information in communications, bank
account details, remuneration and payroll information, tax number, financial, education and
employment information, health information, trade union membership, information about
marital status and dependants including children, race, gender and credit and criminal history.
2.3.2. Our employees are the main source of the Employee Information but we also source it from
recruitment agents and websites, references, public records, qualification checks, credit and
fraud checks, criminal history checks and licensed databases. We may also source Employee
Information from competency, psychometric and other appropriate assessments.
2.3.3. We process Employee Information in recruiting employees, concluding and managing our
contracts with our employees, in relation to benefits such as medical scheme and retirement
fund membership and group life and other insurance cover, to comply with the law including
Applicable Laws, determining our employment equity compliance in respect of diversity
categories including age, gender, ethnicity, nationality, religion, disability, and marital or family
status, so we know who to contact in an emergency involving an employee, in implementing,
monitoring and applying access and security controls for our offices, remote work access and our
IT systems, providing training and skills development, in dealing with disputes and claims by,
against or involving us, including legal proceedings in any forum, to list the names of employees
dismissed for serious misconduct with the South African Fraud Prevention Service or any similar
service and for internal recruitment screening against the names of employees dismissed for
2.3.4. The legal bases on which we process Employee Information are consent or compliance with the
law including Applicable Laws or concluding and performing a contract with our employees or
our legitimate interests in providing our services, managing, securing and administering our
business, offices, remote work access, IT systems and our other Infrastructure, ensuring a proper
standard of service to the Funds and our other Clients, communicating with and managing our
employees and discouraging the reemployment of employees associated with serious
misconduct by us or others within the financial services sector to reduce fraud and dishonesty.
2.4. INFORMATION RELATING TO JOB APPLICATIONS
2.4.1. We process personal information relating to job applicants including names, contact details
(including phone numbers, email, and other addresses), education and employment history,
race, gender and any other personal information included in the job application (Applicant
2.4.2. We source most of the Applicant Information from the job applicant in person or by email. We
may also source Applicant Information from competency, psychometric and other
assessments. We may also source Applicant Information from recruitment agents and
websites, from references, public records, qualification checks, credit and fraud checks,
criminal history checks and licensed databases.
2.4.3. We process Applicant Information to consider, verify and deal with the job applications and so
that we can contact applicants about possible job opportunities.
2.4.4. The legal basis on which we process the Applicant Information is consent or our legitimate
interests in recruiting suitable employees for our business.
2.5. SUPPLIER INFORMATION
2.5.1. We process personal information relating to potential and actual suppliers of goods and
services including names, identity, passport, or registration numbers, contact information
(including phone numbers, email and other addresses), tax and VAT numbers, Broad-Based
Black Economic Empowerment verification certificates and other relevant and required
registrations, licences, authorisations and accreditation and bank account details (Supplier
2.5.2. We usually source the Supplier Information directly from our potential or actual suppliers, but
we may source it from quotations, adverts, proposals, references or public records.
2.5.3. We process Supplier Information in relation to the appointment of suppliers, concluding and
managing contracts with them, compliance with laws including the Applicable Laws and our
legitimate interest in the proper management of our business. The legal bases on which we
process Supplier Information include consent or concluding and performing contracts with
suppliers or our legitimate interests in managing relationships and communicating with our
suppliers, receiving, processing and paying supplier invoices, dealing with disputes and claims
by, against or involving us, including legal proceedings in any forum and complying with the
law including Applicable Laws.
2.6. OTHER TYPES OF INFORMATION
2.6.1. If you enquire about our services, we may process your personal information (Enquiry
Information). We process Enquiry Information for the purposes of responding to your enquiry.
Consent is the legal basis on which we process your Enquiry Information.
2.6.2. We process information when you communicate with us or when we communicate with you in
performing our services (Communication Information). The Communication Information may
include your name and contact details, the content of the communication and if you use our
website for the communication, related metadata. We process Communication Information to
communicate with you, to comply with the law including Applicable Laws and to keep records.
The legal bases on which we process Communication Information is the performance of contracts
or compliance with the law including the Applicable Laws or our legitimate interest in properly
providing our services or the legitimate interests of our Clients, employees, suppliers’ and others
in communicating with us and receiving responses.
2.6.3. We process any of the personal information identified in this policy to investigate, assess,
establish, exercise or defend legal claims in any forum (Claims Information). The legal basis on
which we process Claims Information is our legitimate interests in protecting and enforcing our
rights or the rights of others and the proper administration and protection of our business.
2.6.4. We process any of the personal information identified in this policy when necessary for audits,
to prepare annual financial statements, to obtain expert advice, to identify, mitigate and manage
risks and to obtain, maintain and claim under insurance cover (Audit and Risk Information). The
legal basis on which we process Audit and Risk Information is compliance with the law, including
Applicable Laws or in our legitimate interest in identifying, managing and protecting our business
against risk and dealing with any related disputes or claims by, against or involving us, including
legal proceedings in any forum.
2.6.5. We process any of the personal information described in this policy when required to do so by
law such as to comply with court orders or orders of other tribunals or bodies and as necessary
to cooperate with any investigation by any regulatory authority or law enforcement agency.
2.6.6. We process any of the personal information described in this policy when necessary to protect
your life or other vital interests or those of any other person.
3. SHARING YOUR PERSONAL INFORMATION WITH OTHERS
3.1. We won’t sell personal information to anyone.
3.2. When necessary, our trusted third party operators process personal information for us. We contract
with our operators binding them to comply with applicable data privacy laws including POPIA. Our
contracts oblige our operators to process information only for the purposes, and using means of
processing, we determine.
3.3. We disclose personal information to our suppliers as necessary to perform our services and manage
3.4. We disclose personal information to underwriters, auditors, investment advisors and other
professional advisors when necessary so that we can obtain or maintain insurance cover, manage risk,
manage our assets, get advice or establish, exercise or defend our rights including in relation to claims
by, against or involving us in any legal proceedings in any forum and in any negotiation.
3.5. We use the following service providers to process personal information: hosting provider, web analysis
service provider, IT programming and maintenance service providers (including website), email
exchange, online platform service providers, archiving and document storage service providers
(electronic and hard copy), payroll and data destruction service provider (physical files).
3.6. We also disclose personal information to regulators and law enforcement agencies where required by
law and where we reasonably believe disclosure is necessary to identify, contact or stop someone who
or interests or those of anyone else. We disclose personal information when required to comply with
a legally binding order or directive of a court, tribunal or other entity.
3.7. We share Employee Information with medical schemes, retirement funds and insurers for purposes of
providing benefits to our employees.
4. OFFSHORE TRANSFERS
4.1. Where you publish information on our website or on any of our social media accounts or where you
require us to use an online platform when communicating with you and that online platform transfers
personal information offshore, you consent to the transfer of your personal information to third
parties in foreign countries and you acknowledge that that personal information may be available
through the Internet around the world. We cannot prevent unauthorized access to, misuse of, damage
to, or destruction of, that personal information.
4.2. If we are obliged by law to use an online platform which may transfer personal information offshore,
we do not control that online platform and we cannot prevent unauthorized access to, misuse of,
damage to, or destruction of, that personal information.
4.3. Our website is backed up in the United States of America and any personal information which you
provide to us using our website is also backed up there.
4.4. Our email servers and file servers are hosted on Microsoft Office 365 including One Drive or SharePoint
online in Ireland and backups of these servers are held in Europe. The European Union has data
protection laws which provide an adequate level of protection that upholds principles for reasonable
processing of personal information substantially similar to the conditions for lawful processing applied
4.5. If a Microsoft Teams meeting with us is recorded, that recording may be stored on Microsoft OneDrive
which is backed up in the European Union. The European Union has data protection laws which
provide an adequate level of protection that upholds principles for reasonable processing of personal
information substantially similar to the conditions for lawful processing applied by POPIA.
4.6. Where we transfer personal information to countries which don’t have an adequate level of data
protection similar to POPIA’s conditions for lawful processing and the transfer is not covered by section
72 (1) (b) (consent to transfer), (c) (transfer needed to perform a contract with the data subject or take
pre-contract steps), (d) (transfer needed to conclude or perform a contract in the data subject’s
interests) or (e) (the transfer is for the data subject’s benefit and it’s not reasonably practicable to
obtain the data subject’s consent) of POPIA, we will conclude contracts with the third parties to whom
the information is transferred binding them to process your information to the standards required by
POPIA and not transfer your information to any other country without similar protection.
5. MANDATORY AND VOLUNTARY DISCLOSURE
5.1. Where we have to collect and process personal information to comply with the law in relation to our
services, we can’t provide our services unless you provide that information.
5.2. Except where providing personal information to us is required by law, our Clients, employees, suppliers
and others are free to volunteer personal information to us. We may ask you for personal information
to verify your identity when communicating with you. If you don’t provide us with that personal
information, we will not be able to assist or further communicate with you. Please don’t send us
personal information unless we ask you for it or you need to provide it to us. If a person chooses not
to provide personal information which we request so that we can properly provide our services, this
may restrict or prevent us from providing those services.
6. PROTECTING PERSONAL INFORMATION
6.1. We take appropriate and reasonable technical and organisational steps to protect your personal
information against unauthorised access or disclosure. The steps we take include ensuring that the
Infrastructure (and our operators’ infrastructure on which your personal information is processed) is
protected by physical and electronic access control, encryption, appropriate firewalls and malware and
7. SUMMARY OF DATA SUBJECT RIGHTS OF ACCESS, RECTIFICATION, OBJECTION AND COMPLAINT
7.1. Every data subject has the rights of access, correction, objection and complaint which are summarised
in this paragraph. This is only a summary of those rights and to get a proper understanding of them,
please read the relevant provisions in POPIA.
7.2. Subject to POPIA and other laws, by completing and sending us the request form available on request
from firstname.lastname@example.org, you may:
7.2.1. ask us to confirm, free of charge, if we hold personal information about you;
7.2.2. for the prescribed fee, obtain a record or description of the personal information we hold and a
list of third parties or the categories of third parties who hold it;
7.2.3. where the legal basis on which we process your personal information is consent, you may
withdraw your consent but this will not affect the lawfulness of our processing before your
withdrawal and even if you do withdraw your consent, we can continue processing your personal
information where there is another legal basis for that processing such as compliance with
7.2.4. if any of your personal information that we have processed is inaccurate, irrelevant, excessive,
out of date, incomplete, misleading, obtained unlawfully or if we are no longer authorised to
retain that personal information, you may ask us to correct, destroy or delete the personal
information but we emphasize that, despite your request, we may not destroy or delete personal
information where we are entitled to continue processing it;
7.2.5. at any time, on reasonable grounds and except where legislation provides for such processing,
object to the processing of your personal information for the proper performance of a public law
duty by a public body or to pursue your legitimate interests or to pursue our legitimate interests
or those of a third party to whom the personal information is supplied;
7.2.6. at any time, object to the processing of personal information for direct marketing (other than
direct marketing by means of unsolicited electronic communications);
7.2.7. if you feel that we have processed your personal information unlawfully, complain to the
Information Regulator who can be contacted at:
126.96.36.199. JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001;
188.8.131.52. P.O Box 31533, Braamfontein, Johannesburg, 2017; or
184.108.40.206. Complaints email: complaints.IR@justice.gov.za.
8. AMENDING THIS POLICY
8.1. We may update this policy from time to time by publishing a new version on our website.
8.2. We may email you to tell you tell you about important changes to this policy.
8.3. You can also obtain the current version of this policy at any time by emailing a request to
9. OUR ADDRESS AND OUR INFORMATION OFFICER’S DETAILS
9.1. 147 Ontdekkers Road, Roodepoort, 1724
9.2. Our Information Officer can be contacted at email@example.com