Idea Engineers is committed to protecting the privacy of its clients, suppliers and employees and undertakes to ensure that the personal information it collects is used responsibly and in accordance with the applicable Data Protection Legislation.
The purpose of this Privacy Notice is to explain how Idea Engineers collects, uses, retains and discloses Personal Information, as well as the steps taken to safeguard Personal Information in order to protect the privacy of the Data Subjects.
As set out by the Protection of Personal Information Act (POPIA)* and General Data Protection Legislation (GDPR)** Idea Engineers is required to act responsibly and protect the personal information it processes during the course of its Normal Business Operations.
* Applies to any company or entity which processes personal information in South Africa.
** Applies to any company or entity which processes the personal information of data subjects within the European Union.
The following words and/or expressions have the meanings, respectively, ascribed to them below:
- “Data Protection Legislation” means POPIA (Protection of Personal Information Act) (South Africa) and GDPR (General Data Protection Regulation) (EU).
- “Controller” (GDPR) or “Responsible Party” (POPIA) means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing Personal Data.
- “Processor” (GDPR) or “Operator” (POPIA) means a juristic person who processes personal information for a Controller / Responsible Party in terms of a contract or mandate, without coming under the direct authority of that party.
- “Data Processing” or “Processing” means any operation or set of operations which is performed upon Personal Data, automatically or manually, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
- “Data Subject” means an individual or juristic person who can be identified, directly or indirectly, by their Personal Data.
- “Personal Data” means any information relating to an identified or identifiable juristic person (Data Subject), including an identifier such as a name, surname, identification numbers, as well as location information, contact details, medical records, financial information, race, gender, ethnicity, views or opinions, correspondence or other attributes specific to the physical, mental, genetic, economic, cultural or social identity of the person.
- “Normal Business Operations” means the daily activities of Idea Engineers involved in producing and selling their product/service, generating revenues, as well as non-specific administrative and maintenance activities.
- “Cross-border transfer” means any operation or set of operations which would result in Personal Data leaving the country of its origin.
- “Information Officer” means the person appointed by Idea Engineers, from time to time, who is responsible for the monitoring and compliance with the conditions for the lawful processing of Personal Information, dealing with Data Subject requests and working with the Regulator (POPIA) or Information Commissioner’s Office (GDPR) in relation to investigations.
- “Security Measures” means appropriate technical and organisational measures that prevent or are designed to prevent the accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access to Personal Data, including all measures required by Data Protection Legislation.
- “Data Security Incident” means an event where security is compromised leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or exfiltration of Personal Data.
- “Data Integrity Incident” means an event leading to the accidental or unlawful destruction, loss or alteration of Personal Data.
- “Cookies” means messages that web servers pass to your web browser when you visit Internet websites. Your browser stores each message in a small file on your computer called a cookie. Cookies can contain stateful information or be used to record the user’s browsing activity.
NOTICE TO DATA SUBJECTS
By visiting our website and communicating electronically with Idea Engineers, The Data Subject consents to the processing of Personal Information as described in this Privacy Notice.
Data privacy laws are continually evolving, and Idea Engineers regularly reviews its data protection practices and will update this Privacy Notice without notice. The Data Subject is thus encouraged to review this document regularly.
PERSONAL INFORMATION COLLECTED
Idea Engineers collects the following Personal Information directly, or from its clients and suppliers:
Employees: Email Address | Telephone Number | Work Address | Home Address | Banking Details | ID Number |Tax Number
Clients: Email Address | Telephone Number | Work Address | Home Address
Suppliers: Email Address | Telephone Number | Work Address | Home Address | Banking Details
Information is collected directly from Data Subjects during sales transactions or communications. Idea Engineers may also act as an Operator / Processor and use Personal Information supplied by a client, provided that the client provide the necessary assurance that the Personal Information was obtained responsibly with the consent of the Data Subject, and the processing does not violate any data protection principles.
The type of information collected will depend on the purpose for which it is collected and used. Where possible Idea Engineers will inform Data Subjects which personal information is mandatory, and which information is optional. We do not knowingly collect the Personal Information of children (under 18 years of age) without the permission of their parent or legal guardian.
USE OF PERSONAL INFORMATION
Idea Engineers collects and processes Personal Information primary to fulfil its contractual obligations with clients, suppliers and employees through its Normal Business Operations.
COLLECTION OF NON-PERSONAL INFORMATION
Idea Engineers may automatically collect non-personal information from visitors to our website such as your operating system, Internet browser and website/search engine that referred you. This information is only gathered for statistical purposes and cannot be used to identify visitors.
HOW PERSONAL INFORMATION IS SHARED
Idea Engineers does not sell, rent or lease Personal Information to third parties as that would violate data protection principles. Idea Engineers may share your Personal Information with our business partners which are directly involved in providing technology services or the delivery of our products and services. Idea Engineers may share data with other third parties to help us with advertising, public relations, branding and digital & social media services.
Where a Processor/Operator is appointed by Idea Engineers, they are required to enter into a Data Processing Agreement and comply with the relevant Data Protection Legislation. Idea Engineers may also disclose Personal Information deemed necessary to protect the rights of the business or if legally compelled to do so.
HOW LONG PERSONAL INFORMATION IS RETAINED
At a minimum, Idea Engineers, will always keep the Personal Information of a Data Subject for the period required by law, otherwise the Personal Information of a Data Subject is retained for the period required to fulfil Idea Engineers’ contractual obligations.
Idea Engineers may transfer the Personal Information of Data Subjects to another country for processing or storage. Any cross-border data transfers, and subsequent Processing activities, will be carried out in strict compliance with Idea Engineers specifications to ensure that the same or greater information security controls are in place.
DATA STORAGE AND INFORMATION SECURITY
Idea Engineers implements the appropriate security measures to securely store the Personal Information of Data Subjects and observes industry best practices as well as guidelines issued or approved by supervisory authorities.
Idea Engineers also reviews its security controls and related policies on an ongoing basis to protect Personal Information from Data Security Incidents and Data Integrity Incidents. Despite the measures that Idea Engineers implements to secure Personal Information, the Data Subject acknowledges that it may be accessed by an unauthorised third party as the result of an illegal activity.
In such circumstances Idea Engineers undertakes to notify the affected Data Subjects and the Regular and/or Information Authority.
You have the right to have your personal information processed in a manner that is fair, lawful and transparent including:
- The right to be notified
You have the right to be notified that your personal information is being collected and the purpose for which it is being acquired.
- The right to access your information
You have the right to request a copy of your personal information.
- The right to rectify information that may be inaccurate, misleading of outdated
You have the right to request that any incorrect personal information is rectified.
- The right to restrict processing
Under certain conditions, you have the right to request restrictions or suppression of your personal information.
- The right to object
You have the right to object, on reasonable grounds, to the processing of your personal information.
- The right to be notified in the event of unauthorised access
You have the right to be notified in the event that your personal information has been accessed or acquired by an unauthorised third party.
- The right to data portability
Under certain conditions, you have the right to request that your Personal Information is transferred directly to you, or another organisation.
- The right to withdraw your consent
You have the right to request that your personal information is not processed and\or withdraw consent to receive marketing material.
- The right to complain
If your right to privacy has been violated, or you believe that we have not acted lawfully you have the right to complain to your local data protection authority.
South Africa [POPIA] The Information Regulator – [email protected] European Union [GDPR] Lodge a complaint with your national Data Protection Authority
In order to protect your information from unauthorised access and modification, we reserve the right to request that you prove your identity before providing details of your personal information and accepting amendments.
Should you wish to exercise any of these rights please contact us.
So that we are able to recognise you on our website and remember your previously selected preferences.
OUR PRIVACY NOTICE AND OTHER WEBSITES
If you have any queries that pertain to this notice, require further information on our privacy practices would like to exercise your rights or contact the Information Officer, please use the following contact information:
- Brand Wizard (Pty) Ltd t/a Idea Engineers
- 1 Fifth Avenue, Rivonia, Sandton, 2191
- Tel. 011 803 0030
- Email: [email protected]
Idea Engineers welcomes any comments regarding this Privacy Statement.