sawyer company logo

SAWYER GROUP CC - PRIVACY POLICY - POPIA

1. PRIVACY NOTICE
      1.1. We, Sawyer Group CC (Sawyer’s, we or us) process personal information in terms of this policy when
      we act as a responsible party (We decide why and how to process the personal information). Privacy
      is very important to us.
      1.2. This policy (read with other notices given to individual data subjects) is our notice in terms of section
      18 of the Protection of Personal Information Act, 2013 (POPIA).
      1.3. This policy describes what personal information we process, where we collect it, why we process it
      and the legal basis on which we do so and generally, how we do so.
2. THE INFORMATION WE COLLECT AND PROCESS
      We collect and process personal information using our website, email system, voice recordings, post or
     other hard copy reception facilities or other infrastructure. If you send us personal information, you do
     so through our website, email system, WhatsApp or SMS’s, post or other hard copy reception facilities
     or other infrastructure
     2.1. INFORMATION RELATING TO OUR SERVICES
             2.1.1. We process personal information in relation to our services; Distributors of Security Products.
             2.1.2. We source the Service Information from our Clients or their representatives.
             2.1.3. We process Service Information to negotiate, conclude and perform our contracts with our
            Clients, to communicate and manage our relationships and contracts with our Clients, to invoice
            and recover payment for our services, to ensure the security of our business and Infrastructure,
            to effect all required registrations and to apply for, obtain and maintain all applicable licences
            and other authorisations required to enable us to lawfully provide our services and operate our
            business, to comply with the law including the tax laws, any applicable collective agreements and
            employment laws, occupational health and safety laws, South African Revenue Service (SARS)
            and other regulators (collectively Applicable Laws), to keep records including backups of our IT
            systems and securely and properly administering our business.
            2.1.4. The legal bases on which we process Service Information are consent or compliance with the law
            including Applicable Laws or concluding and performing contracts for our services or our
            legitimate interests in properly and securely administering our business.
      2.2. INFORMATION VIA THE INFRASTRUCTURE OUR WEBSITE
             2.2.1. You don’t have to provide personal information to us when you visit our website but you can do
             so by sending an enquiry to us.
             2.2.2. If you provide us with personal information using our website, we source that information from
             you, with your consent and we only use it for the purpose for which you provide it.
             2.2.3. Any email enquiries you send us via our website or other email Infrastructure are held on our
             email server, by the addressee and by anyone in our business to whom the addressee refers your
             email for response.
             2.2.4. We use the personal information that you provide to us through our website:
             2.2.4.1. for the purposes for which you provided it;
             2.2.4.2. to administer and improve our website;
             2.2.4.3. to improve our services; and
             2.2.4.4. to communicate with you.
        2.2.5. When you use our website, we process personal information about how you do so including your
        IP address and information about your use of the website (eg the search terms you use, what
        pages you access, the links you click, when you visited and the web browser you use) (Analytics
        Information). We don’t collect any of your other personal information when you use our website
        and we don’t use the Analytics Information to identify any person. We collect the Analytics
        Information from our website analytics service providers, Media ETC and its service providers,
        Microsoft, Profitbricks Inc and Trininty Interactive and Google Analytics. The legal basis on which
        we use the Analytics Information is our legitimate interest in analyzing use of, and improving, our
       website for the benefit of anyone who uses it.
COOKIES
       We use cookies on our website. Cookies are small pieces of data stored on your device when you use a
        website for your browsing session only (session cookie) or permanently (persistent cookie) which allow
        that website to recognize you and track your preferences. You can set your browser to notify you
        whenever you receive a cookie. Most Internet browsers allow the use of cookies. You can change your
        cookie settings on your browser at any time. You can also delete cookies at any time. Your ability to
        access and use our website may be affected if you block cookies. We use first party cookies on our
        website to learn how you use it, to improve it, to identify language and location preferences and for
        basic website functionality. The cookies we use don’t contain personal information and we don’t
        combine them with other data so that we can identify you.
        2.2.6. Our website service providers (including Google Analytics, Microsoft, Facebook, Twitter, &
        Instagram, may also use cookies (Third Party Cookies) to track your activity when you use our
        website. Third Party Cookies belong to and are managed by our website service providers. We
        don’t control these service providers. These website service providers have their own privacy
        policies which you can find on their websites.
SOCIAL MEDIA
        2.2.7. We have pages on the social media platform, Facebook, Twitter, Instagram, Whatsapp and
        Maillchimp and we use this to communicate with the public about our business and services.
        2.2.8. You don’t have to provide us with any personal information when communicating with us on
        our social media accounts but if you do, we may store and use that information to respond to
        you or otherwise deal with your communication. The legal basis on which we process
        information which you provide to us on our social media accounts is our legitimate interest in
        marketing our business and responding to enquiries.
        2.2.9. When you communicate with us using our social media accounts, please remember that social
       media platform may collect your personal information for its own purposes including tracking
       your use of our website on the pages on which links to the social media platform are displayed.
       If you are logged in to a social media platform (including any Google service) while you visit
       our website or our social media accounts, the social media platform’s tracking will be
       associated with your profile with that social media platform. These social media platforms are
       beyond our control. They have their own independent privacy policies which you can find on
       their websites.
WHATSAPPS AND SMS’S
       2.2.11. We may use the SMSs and WhatsApp to communicate with our employees, our Clients and
       their representatives and suppliers. You don’t have to provide us with any personal information
       using SMSs or WhatsApp but if you do so, we may use and store and process that information in
       relation to our services (Message Information). If you provide us with Message Information, we
       source that information from you, with your consent and we only use it for the purpose for which
       you provide it. The legal basis on which we process Message Information are consent or
       concluding and performing a contract for our services or our legitimate interests in properly and
       securely administering our business, providing services to our Clients and marketing our services.
       Telecommunications companies and WhatsApp may collect your personal information for their
       own purposes. The telecommunications companies and WhatsApp are beyond our control. They
       have their own independent privacy policies which you can find on their websites.
       2.2.12. We may have links to other websites, social media accounts and platforms on our website or
       social media pages. These linked websites, accounts and platforms are beyond our control. If you
       click on links on our website or social media pages, the linked website, account or platform may
       send its own cookies to your device, collect data or process your personal information. You access
       other websites, accounts and platforms through links on our website or social media pages at
       your own risk. Please check the privacy policies of websites, accounts and platforms which are
       linked to our website. You don’t have any recourse against us if you access a third party website,
      account or platform, even if you do so using a link on our website or social media page.
       2.2.13. If you post information on our website or our social media accounts, we may process the
       personal information in your posts (Published Information). We may process the Published
       Information to enable publication of your posts and in administering our website and our social
       media accounts and marketing our services. The legal basis on which we process Published
       Information is your consent or our legitimate interests in properly administering our business
       including our website and our social media accounts and marketing our services.
VOICE RECORDINGS
      1.2.14. We may make voice recordings using the Infrastructure when you communicate with us via
      our call centre. You don’t have to provide us with any personal information on a telephone call
      but if you do so, we may use and store and process that information on the Infrastructure (Call
      Information). If you provide us with Call Information, we source that information from you, with
      your consent and we only use it for the purpose for which you provide it. The legal bases on
      which we process Call Information are consent or complying with the law including the Applicable
      Laws or protecting our legitimate interests and those of our Clients by verifying the identities of
      callers, communicating with callers, dealing with questions and complaints and properly and
      securely managing our business.
      1.2.15. We may also use the Infrastructure to make voice recordings or transcriptions of meetings.
      We source the personal information in those recordings or transcriptions from the people who
      attend the meeting. We use the recordings or transcriptions to keep a record of the outcome of
      the meetings which we need for various business reasons, including dealing with any claims by,
      against or involving us, including legal proceedings in any forum. The legal basis for sourcing the
      personal information in recordings or transcriptions is your consent or our legitimate interest in
      keeping records of meetings with Clients, employees, suppliers and others or dealing with claims
      against, by or involving us, including legal proceedings in any forum.
HARD COPIES
      2.2.16. If you send us personal information by post or by hand delivery, that information will be
      processed by our Infrastructure for receiving and handling post and hand deliveries.
      2.3. INFORMATION OF OUR PEOPLE, THEIR DEPENDANTS AND BENEFICIARIES
      2.3.1. We process personal information in relation to our employees and their dependants and
      beneficiaries (Employee Information) including names, identity or passport numbers, contact
      information (phone numbers, email and other addresses) information in communications, bank
      account details, remuneration and payroll information, tax number, financial, education and
      employment information, health information, trade union membership, information about
      marital status and dependants including children, race, gender and credit and criminal history.
      2.3.2. Our employees are the main source of the Employee Information but we also source it from
      recruitment agents and websites, references, public records, qualification checks, credit and
      fraud checks, criminal history checks and licensed databases. We may also source Employee
      Information from competency, psychometric and other appropriate assessments.
      2.3.3. We process Employee Information in recruiting employees, concluding and managing our
      contracts with our employees, in relation to benefits such as medical scheme and retirement
      fund membership and group life and other insurance cover, to comply with the law including
      Applicable Laws, determining our employment equity compliance in respect of diversity
      categories including age, gender, ethnicity, nationality, religion, disability, and marital or family
      status, so we know who to contact in an emergency involving an employee, in implementing,
      monitoring and applying access and security controls for our offices, remote work access and our
      IT systems, providing training and skills development, in dealing with disputes and claims by,
      against or involving us, including legal proceedings in any forum, to list the names of employees
      dismissed for serious misconduct with the South African Fraud Prevention Service or any similar
      service and for internal recruitment screening against the names of employees dismissed for
      serious misconduct.
      2.3.4. The legal bases on which we process Employee Information are consent or compliance with the
      law including Applicable Laws or concluding and performing a contract with our employees or
      our legitimate interests in providing our services, managing, securing and administering our
      business, offices, remote work access, IT systems and our other Infrastructure, ensuring a proper
      standard of service to the Funds and our other Clients, communicating with and managing our
      employees and discouraging the reemployment of employees associated with serious
      misconduct by us or others within the financial services sector to reduce fraud and dishonesty.
      2.4. INFORMATION RELATING TO JOB APPLICATIONS
              2.4.1. We process personal information relating to job applicants including names, contact details
              (including phone numbers, email, and other addresses), education and employment history,
               race, gender and any other personal information included in the job application (Applicant
               Information).
               2.4.2. We source most of the Applicant Information from the job applicant in person or by email. We
               may also source Applicant Information from competency, psychometric and other
               assessments. We may also source Applicant Information from recruitment agents and
               websites, from references, public records, qualification checks, credit and fraud checks,
               criminal history checks and licensed databases.
               2.4.3. We process Applicant Information to consider, verify and deal with the job applications and so
              that we can contact applicants about possible job opportunities.
              2.4.4. The legal basis on which we process the Applicant Information is consent or our legitimate
              interests in recruiting suitable employees for our business.
      2.5. SUPPLIER INFORMATION
              2.5.1. We process personal information relating to potential and actual suppliers of goods and
             services including names, identity, passport, or registration numbers, contact information
            (including phone numbers, email and other addresses), tax and VAT numbers, Broad-Based
             Black Economic Empowerment verification certificates and other relevant and required
             registrations, licences, authorisations and accreditation and bank account details (Supplier
             Information).
             2.5.2. We usually source the Supplier Information directly from our potential or actual suppliers, but
             we may source it from quotations, adverts, proposals, references or public records.
             2.5.3. We process Supplier Information in relation to the appointment of suppliers, concluding and
             managing contracts with them, compliance with laws including the Applicable Laws and our
             legitimate interest in the proper management of our business. The legal bases on which we
             process Supplier Information include consent or concluding and performing contracts with
             suppliers or our legitimate interests in managing relationships and communicating with our
             suppliers, receiving, processing and paying supplier invoices, dealing with disputes and claims
             by, against or involving us, including legal proceedings in any forum and complying with the
             law including Applicable Laws.
     2.6. OTHER TYPES OF INFORMATION
             2.6.1. If you enquire about our services, we may process your personal information (Enquiry
             Information). We process Enquiry Information for the purposes of responding to your enquiry.
             Consent is the legal basis on which we process your Enquiry Information.
             2.6.2. We process information when you communicate with us or when we communicate with you in
             performing our services (Communication Information). The Communication Information may
             include your name and contact details, the content of the communication and if you use our
             website for the communication, related metadata. We process Communication Information to
             communicate with you, to comply with the law including Applicable Laws and to keep records.
             The legal bases on which we process Communication Information is the performance of contracts
             or compliance with the law including the Applicable Laws or our legitimate interest in properly
             providing our services or the legitimate interests of our Clients, employees, suppliers’ and others
             in communicating with us and receiving responses.
             2.6.3. We process any of the personal information identified in this policy to investigate, assess,
             establish, exercise or defend legal claims in any forum (Claims Information). The legal basis on
             which we process Claims Information is our legitimate interests in protecting and enforcing our
             rights or the rights of others and the proper administration and protection of our business.
             2.6.4. We process any of the personal information identified in this policy when necessary for audits,
             to prepare annual financial statements, to obtain expert advice, to identify, mitigate and manage
             risks and to obtain, maintain and claim under insurance cover (Audit and Risk Information). The
             legal basis on which we process Audit and Risk Information is compliance with the law, including
             Applicable Laws or in our legitimate interest in identifying, managing and protecting our business
             against risk and dealing with any related disputes or claims by, against or involving us, including
             legal proceedings in any forum.
             2.6.5. We process any of the personal information described in this policy when required to do so by
             law such as to comply with court orders or orders of other tribunals or bodies and as necessary
             to cooperate with any investigation by any regulatory authority or law enforcement agency.
             2.6.6. We process any of the personal information described in this policy when necessary to protect
             your life or other vital interests or those of any other person.
3. SHARING YOUR PERSONAL INFORMATION WITH OTHERS
     3.1. We won’t sell personal information to anyone.
              3.2. When necessary, our trusted third party operators process personal information for us. We contract
              with our operators binding them to comply with applicable data privacy laws including POPIA. Our
              contracts oblige our operators to process information only for the purposes, and using means of
              processing, we determine.
      3.3. We disclose personal information to our suppliers as necessary to perform our services and manage
      our business.
      3.4. We disclose personal information to underwriters, auditors, investment advisors and other
      professional advisors when necessary so that we can obtain or maintain insurance cover, manage risk,
      manage our assets, get advice or establish, exercise or defend our rights including in relation to claims
      by, against or involving us in any legal proceedings in any forum and in any negotiation.
      3.5. We use the following service providers to process personal information: hosting provider, web analysis
      service provider, IT programming and maintenance service providers (including website), email
      exchange, online platform service providers, archiving and document storage service providers
      (electronic and hard copy), payroll and data destruction service provider (physical files).
      3.6. We also disclose personal information to regulators and law enforcement agencies where required by
      law and where we reasonably believe disclosure is necessary to identify, contact or stop someone who
      may breach our privacy policy or who may cause harm to, or interfere with, our rights, property, safety
      or interests or those of anyone else. We disclose personal information when required to comply with
      a legally binding order or directive of a court, tribunal or other entity.
      3.7. We share Employee Information with medical schemes, retirement funds and insurers for purposes of
      providing benefits to our employees.
4. OFFSHORE TRANSFERS
     4.1. Where you publish information on our website or on any of our social media accounts or where you
     require us to use an online platform when communicating with you and that online platform transfers
     personal information offshore, you consent to the transfer of your personal information to third
     parties in foreign countries and you acknowledge that that personal information may be available
     through the Internet around the world. We cannot prevent unauthorized access to, misuse of, damage
     to, or destruction of, that personal information.
     4.2. If we are obliged by law to use an online platform which may transfer personal information offshore,
     we do not control that online platform and we cannot prevent unauthorized access to, misuse of,
     damage to, or destruction of, that personal information.
     4.3. Our website is backed up in the United States of America and any personal information which you
     provide to us using our website is also backed up there.
     4.4. Our email servers and file servers are hosted on Microsoft Office 365 including One Drive or SharePoint
     online in Ireland and backups of these servers are held in Europe. The European Union has data
     protection laws which provide an adequate level of protection that upholds principles for reasonable
     processing of personal information substantially similar to the conditions for lawful processing applied
     by POPIA.
     4.5. If a Microsoft Teams meeting with us is recorded, that recording may be stored on Microsoft OneDrive
     which is backed up in the European Union. The European Union has data protection laws which
     provide an adequate level of protection that upholds principles for reasonable processing of personal
     information substantially similar to the conditions for lawful processing applied by POPIA.
     4.6. Where we transfer personal information to countries which don’t have an adequate level of data
     protection similar to POPIA’s conditions for lawful processing and the transfer is not covered by section
     72 (1) (b) (consent to transfer), (c) (transfer needed to perform a contract with the data subject or take
     pre-contract steps), (d) (transfer needed to conclude or perform a contract in the data subject’s
     interests) or (e) (the transfer is for the data subject’s benefit and it’s not reasonably practicable to
     obtain the data subject’s consent) of POPIA, we will conclude contracts with the third parties to whom
     the information is transferred binding them to process your information to the standards required by
     POPIA and not transfer your information to any other country without similar protection.
5. MANDATORY AND VOLUNTARY DISCLOSURE
     5.1. Where we have to collect and process personal information to comply with the law in relation to our
     services, we can’t provide our services unless you provide that information.
     5.2. Except where providing personal information to us is required by law, our Clients, employees, suppliers
     and others are free to volunteer personal information to us. We may ask you for personal information
     to verify your identity when communicating with you. If you don’t provide us with that personal
     information, we will not be able to assist or further communicate with you. Please don’t send us
     personal information unless we ask you for it or you need to provide it to us. If a person chooses not
     to provide personal information which we request so that we can properly provide our services, this
     may restrict or prevent us from providing those services.
6. PROTECTING PERSONAL INFORMATION
     6.1. We take appropriate and reasonable technical and organisational steps to protect your personal
     information against unauthorised access or disclosure. The steps we take include ensuring that the
     Infrastructure (and our operators’ infrastructure on which your personal information is processed) is
     protected by physical and electronic access control, encryption, appropriate firewalls and malware and
     virus protection.
     6.2.
7. SUMMARY OF DATA SUBJECT RIGHTS OF ACCESS, RECTIFICATION, OBJECTION AND COMPLAINT
     7.1. Every data subject has the rights of access, correction, objection and complaint which are summarised
     in this paragraph. This is only a summary of those rights and to get a proper understanding of them,
     please read the relevant provisions in POPIA.
     7.2. Subject to POPIA and other laws, by completing and sending us the request form available on request
     from popia.officer@mibfa.co.za, you may:
     7.2.1. ask us to confirm, free of charge, if we hold personal information about you;
     7.2.2. for the prescribed fee, obtain a record or description of the personal information we hold and a
     list of third parties or the categories of third parties who hold it;
     7.2.3. where the legal basis on which we process your personal information is consent, you may
     withdraw your consent but this will not affect the lawfulness of our processing before your
     withdrawal and even if you do withdraw your consent, we can continue processing your personal
     information where there is another legal basis for that processing such as compliance with
     applicable laws;
     7.2.4. if any of your personal information that we have processed is inaccurate, irrelevant, excessive,
     out of date, incomplete, misleading, obtained unlawfully or if we are no longer authorised to
     retain that personal information, you may ask us to correct, destroy or delete the personal
     information but we emphasize that, despite your request, we may not destroy or delete personal
     information where we are entitled to continue processing it;
     7.2.5. at any time, on reasonable grounds and except where legislation provides for such processing,
     object to the processing of your personal information for the proper performance of a public law
     duty by a public body or to pursue your legitimate interests or to pursue our legitimate interests
     or those of a third party to whom the personal information is supplied;
     7.2.6. at any time, object to the processing of personal information for direct marketing (other than
     direct marketing by means of unsolicited electronic communications);
     7.2.7. if you feel that we have processed your personal information unlawfully, complain to the
     Information Regulator who can be contacted at:
             7.2.7.1. JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001;
             7.2.7.2. P.O Box 31533, Braamfontein, Johannesburg, 2017; or
             7.2.7.3. Complaints email: complaints.IR@justice.gov.za.
8. AMENDING THIS POLICY
     8.1. We may update this policy from time to time by publishing a new version on our website.
     8.2. We may email you to tell you tell you about important changes to this policy.
     8.3. You can also obtain the current version of this policy at any time by emailing a request to
     info@sawyergroup.co.za
9. OUR ADDRESS AND OUR INFORMATION OFFICER’S DETAILS
     9.1. 147 Ontdekkers Road, Roodepoort, 1724
     9.2. Our Information Officer can be contacted at info@sawyergroup.co.z

This website uses cookies to ensure you get the best experience on our website.