Privacy Policy
One of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by TechKinect and how we use it. If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
​
PRIVACY
​
This privacy policy applies to email, website and social media. The Protection of Personal Information Act, 4 of 2013 (POPIA) gives effect to the constitutional right to data privacy in terms of Section 14 of the Bill of Rights of the Constitution.
​
Whilst we are committed to protecting all person’s rights to privacy and who in consequence will ensure that all person’s personal information is used appropriately, transparently. According to applicable law, TechKinect has to ensure that these rights to privacy are balanced with other rights such as the right to use and have access to information and services including its online and social media platforms and applications.
​
This Policy sets out the responsibilities and obligations of all persons who make use of, or access or receive TechKinect's Information and Communications. This could be via its electronic communication facilities and resources including its website, email and social media platforms. It set's out how all users of these facilities and resources are to ensure that when using these resources that they respect and process another’s personal information lawfully and in accordance with the provisions of POPIA and the 8 Personal Information Processing Principles.
​
By using this website, you hereby consent to our Privacy Policy and agree to its terms.
​
Definitions
In this policy as defined below, unless the context requires otherwise, the following words and expressions bear the meaning assigned to them and cognate expressions bear corresponding meanings:
​
1.1 "Child" means any natural person under the age of 18 (eighteen) years;
1.2 "Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal information under the control of or in the possession of TechKinect;
1.3 "Data Subject" has the meaning ascribed thereto under POPIA;
1.4 "Direct Marketing" means to approach a person, by electronic communication, for the purpose of promoting or offering to supply, in the ordinary course of business, any goods or services to the data subject;
1.5 "Direct Marketer" means a supplier who employs direct marketing as an advertising mechanism;
1.6 "Employees" means any employee of TechKinect;
1.7 "Government" means the government of the Republic of South Africa;
1.8 "TechKinect" means the Evarein (PTY) Ltd t/a TechKinect.
1.9 "Operator" means a person or entity who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that responsible party;
1.10 "PAIA" means the promotion of access to information act, No 2 of 2000;
1.11 "Personal Information" has the meaning ascribed thereto under POPIA and specifically includes any form of information that can be used to identify a data Subject;
1.12 "Policy" means this privacy policy;
1.13 "POPIA" means the protection of personal information Act No. 4 of 2013;
1.14 "Processing" has the meaning ascribed thereto under POPIA. "Process" has a corresponding meaning;
1.15 "Regulator" means the Information regulator established in terms of POPIA;
1.16 "Responsible Party" means a public or private body or any other person which alone or in conjunction with others, determines the purpose of and means for processing personal Information;
1.17 "Special Personal Information" means personal information concerning a data subject's religious or philosophical beliefs, race or ethnic origin, trade union membership, political opinions, health, sexual life, biometric information or criminal behaviour; and
1.18 "Third Party" means any independent contractor, agent, consultant, sub-contractor or other representative of TechKinect.
​
PURPOSE OF POLICY
-
The purpose of this policy is to inform data subjects about how TechKinect processes their personal information.
​
-
TeckKinect, in its capacity as Responsible Party (and/or Operator, where applicable), shall strive to observe, and comply with its obligations under POPIA as well as accepted information protection principles, practices and guidelines when it processes personal information from or in respect of a data subject.
​
-
This policy applies to personal information collected by TechKinect in connection with the products and services which TechKinect provides. This includes information collected directly from you as a data subject, as well as information we collect indirectly though our service providers who collect your information on our behalf.
​​
-
This privacy policy does not apply to the information practices of Third Party companies who we may engage with in relation to our business operations (including, without limitation, their websites, platforms and/or applications) which we do not own or control; or individuals that TechKinect does not manage or employ. These Third Party sites may have their own privacy policies and terms and conditions and we encourage you to read them before using them.
​​
PROCESS OF COLLECTING PERSONAL INFORMATION
-
TechKinect collects personal information directly from data subjects as and when required for a defined purpose, unless an exception is applicable (such as, for example, where the data subject has made the personal information public or the personal information is contained in or derived from a public record).
-
TechKinect will always collect personal information in a fair, lawful and reasonable manner to ensure that it protects the data subject's privacy and will process the personal information based on legitimate grounds in a manner that does not adversely affect the data subject in question.
-
TechKinect often collects personal information directly from the data subject and/or in some cases, from third parties. Where TechKinect obtains personal information from third parties, TechKinect will ensure that it obtains the consent of the data subject. We will only process the personal information without the data subject's consent where TechKinect is permitted to do so in terms of the above or the applicable law.
-
An example of such Third Parties includes: (i) recruitment agencies; (ii) other companies providing services to TechKinect; and (iii) where TechKinect makes use of publicly available sources of information (e.g. the companies and intellectual property commission, an agency of the Department of Trade and Industry in South Africa (CIPC)).
​​
LAWFULL PROCESSING OF PERSONAL INFORMATION
​
Where TechKinect is the Responsible Party, it will only process a data subject's personal information (other than for special personal information) where:
-
Consent of the data subject (or a competent person, where the data subject is a child) is obtained;
-
Processing is necessary to carry out the actions for conclusion of a contract to which a data subject is party;
-
Processing complies with an obligation imposed by law on TechKinect;
-
Processing protects a legitimate interest of the data subject; and/or
-
Processing is necessary for pursuing the legitimate interests of TechKinect or of a third party to whom the information is supplied.
TechKinect will only process personal information where one of the legal bases referred, above are present.
TechKinect will make the manner and reason for which the personal information will be processed clear to the data subject.
Where TechKinect is relying on a data subject's consent as the legal basis for processing personal information, the data subject may withdraw his/her/its consent or may object to TechKinect's processing of the personal information at any time. However, this will not affect the lawfulness of any processing carried out prior to the withdrawal of consent or any processing justified by any other legal ground provided under POPIA.
If the consent is withdrawn or if there is otherwise a justified objection against the use or the processing of such personal information, TechKinect will ensure that the personal information is no longer processed.
​
SPECIAL PERSONAL INFORMATION AND PERSONAL INFORMATION OF CHILDREN
Special personal information is sensitive personal information of a data subject and TechKinect acknowledges that it will generally not process special personal information unless:
-
Processing is carried out in accordance with the data subject's consent;
-
Processing is necessary for the establishment, exercise or defense of a right or obligation in law;
-
Processing is for historical, statistical or research purposes, subject to stipulated safeguards;
-
Information has deliberately been made public by the data subject; or
-
Specific authorisation applies in terms of POPIA.
TechKinect acknowledges that it may not process any personal information concerning a child and will only do so where it has obtained the consent of the parent or guardian of that child or where it is permitted to do so in accordance with applicable laws.
​
PURPOSE OF PROCESSING PERSONAL INFORMATION
TechKinect understands its obligation to make data subjects aware of the fact that it is processing their personal information and inform them of the purpose for which TechKinect processes such personal information.
TechKinect will only process a data subject's personal information for a specific, lawful and clear purpose (or for specific, lawful and clear purposes) and will ensure that it makes the data subject aware of such purpose(s) as far as possible.
It will ensure that there is a legal basis for the processing of any personal information. Further, TechKinect will ensure that processing will relate only to the purpose for and of which the data subject has been made aware (and where relevant, consented to) and will not process any personal information for any other purpose(s).
TechKinect will generally use Personal Information for purposes required to operate and manage its normal operations and these purposes include one or more of the following non-exhaustive purposes:
-
for the purposes of providing its products or services to customers and where relevant, for purposes of doing appropriate customer onboarding and credit vetting
-
for purposes of onboarding suppliers or service providers as approved suppliers/service providers of TechKinect. For this purpose, TechKinect will also process a service provider's/supplier's personal information for purposes of performing the necessary due diligence checks;
As part of the "Know Your Customer" / "KYC" process as per the requirements of the Financial Intelligence Centre Act, No. 38 of 2001;
-
generally for procurement and supply purposes;
-
for purposes of monitoring the use of TechKinect's electronic systems and online platforms by data subjects. TechKinect will, from time to time, engage third party service providers (who will process the data subject's personal information on behalf of TechKinect) to facilitate this;
-
for purposes of preventing, discovering and investigating violations of this policy, the applicable law and other TechKinect policies;
-
in connection with the execution of payment processing functions, including payment of TechKinect suppliers'/service providers' invoices;
-
for employment-related purposes such as recruiting staff, administering payroll, background checks, etc.;
-
in connection with internal audit purposes (i.e. ensuring that the appropriate internal controls are in place in order to mitigate the relevant risks, as well as to carry out any investigations where this is required);
-
in connection with external audit purposes. For this purpose, TechKinect engages external service providers and, in so doing, shares personal information of the data subjects with third parties;
-
for company secretarial related purposes. For this purpose, TechKinect will, from time to time, collect information relating to data subjects from third parties such as the Companies and Intellectual Property Commission, an agency of the Department of Trade and Industry in South Africa
-
for such other purposes to which the data subject may consent from time to time;
-
for such other purposes as authorised in terms of applicable law; and
-
to comply with any applicable law or any query from Government authorities, including any regulatory authority that has authority over TechKinect.
​​
​
KEEPING PERSONAL INFORMATION ACCURATE
-
TechKinect will take reasonable steps to ensure that all personal information is kept as accurate, complete and up to date as reasonably possible depending on the purpose for which personal information is collected or further processed.
-
TechKinect may not always expressly request the data subject to verify and update his/her/its personal information unless this process is specifically necessary.
-
TechKinect, however, expects that the data subject will notify TechKinect from time to time in writing of any updates required in respect of his/her/its personal information.
​​
STORAGE AND PROCESSING OF PERSONAL INFORMATION BY TECHKINECT AND THIRD PARTY SERVICE PROVIDERS
-
TechKinect may store your personal information in hard-copy format and/or in electronic format using TechKinect's own secure on-site servers or other internally hosted technology. Personal information may also be stored by third parties, via cloud services or other technology, with whom TechKinect has contracted with, to support the operations as a Information Technology & Retail company.
-
TechKinect third party service providers, including data storage and processing providers, may from time to time also have access to a data subject's personal information in connection with purposes for which the personal information was initially collected to be processed.
​
-
Personal information may be processed in South Africa or another country where TechKinect, its affiliates and their third party service providers maintain servers and facilities.
​​
PERSONAL INFORMATION FOR DIRECT MARKETING PURPOSES
-
To the extent that TechKinect acts in its capacity as a direct marketer, it shall strive to observe, and comply with its obligations under POPIA when implementing principles and practices in relation to direct marketing.
-
TechKinect acknowledges that it may only use personal information to contact the data subject for purposes of direct marketing from time to time where it is permissible to do so.
-
It may use personal information to contact any data subject and/or market TechKinect's services directly to the data subject(s) if the data subject is one of TechKinect's existing clients, the data subject has requested to receive marketing material from TechKinect or TechKinect has the data subject's consent to market its services directly to the data subject.
-
If the data subject is an existing client, TechKinect will only use his/her/its personal information if it has obtained the personal information through the provision of a service to the data subject.
-
TechKinect will ensure that a reasonable opportunity is given to the data subject to object to the use of their personal information for TechKinect's marketing purposes when collecting the personal information and on the occasion of each communication to the data subject for purposes of direct marketing.
​
​
Retention of Personal Information
TechKinect may keep records of the personal information, correspondence, or comments it has collected in an electronic or hardcopy file format.
In terms of POPIA, TechKinect may not retain Personal Information for a period longer than is necessary to achieve the purpose for which it was collected or processed and is required to delete, destroy (in such a way that it cannot be reconstructed) or de-identify the information as soon as is reasonably practicable once the purpose has been achieved. This prohibition will not apply in the following circumstances;
-
where the retention of the record is required or authorised by law or by any government authority;
-
TechKinect requires the record to fulfil its lawful functions or activities;
-
retention of the record is required by a contract between the parties thereto;
-
the data subject (or competent person, where the data subject is a child) has consented to such longer retention; or
-
the record is retained for historical, research, archival or statistical purposes provided safeguards are put in place to prevent use for any other purpose. Accordingly, TechKinect will, subject to the exceptions noted in this policy, retain personal information for as long as necessary to fulfill the purposes for which that personal information was collected and/or as permitted or required by applicable law.
Where TechKinect retains personal information for longer periods for statistical, historical, archival or research purposes, TechKinect will ensure that appropriate safeguards have been put in place to ensure that all recorded personal information will continue to be processed in accordance with this policy and applicable laws.
Once the purpose for which the personal Information was initially collected and processed no longer applies or becomes obsolete, TechKinect will ensure that the personal information is deleted, destroyed or de-identified sufficiently so that a person cannot re-identify such personal information.
​
FAILURE TO PROVIDE PERSONAL INFORMATION
Should TechKinect need to collect personal information for any of the purposes set out in this policy and you fail to provide the personal information when requested, the failure to provide such personal information may have negative consequences, including that TechKinect may not be able to effectively perform its obligations as an employer, product or service provider, have to decline to receive the relevant services from the supplier. The supplier will be notified where this is the case.
​
BREACHES OF PERSONAL INFORMATION
​
-
A data breach refers to any incident in terms of which reasonable grounds exist to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person.
-
A Data Breach can happen for many reasons, which include: (a) loss or theft of data or equipment on which personal information is stored; (b) inappropriate access controls allowing unauthorised use; (c) equipment failure; (d) human error; (e) unforeseen circumstances, such as a fire or flood; (f) deliberate attacks on systems, such as hacking, viruses or phishing scams; and/or (g) alteration of personal information without permission and loss of availability of personal information.
-
TechKinect will address any data breach in accordance with the terms of POPIA.
​​
USE OF WEBSITE COOKIES
Our website may use cookies, which are small text files sent by a web server to store on a web browser. They are used to ensure websites function properly, store user preferences when needed and collect anonymous statistics on website usage.
You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to the website. If you accept a “cookie” or fail to deny the use of “cookies”, you agree that we may use your personal information collected using “cookies” (subject to the provisions of this policy). Where you either reject or decline cookies, you are informed that you may not be able to fully experience the interactive features of our website.
​
CHANGES TO THE POLICY
TechKinect reserves the right to make amendments to this policy from time to time and will use reasonable efforts to notify data subjects of such amendments.
The current version of this policy will govern the respective rights and obligations between the data subject and TechKinect each time that the data subject access and use TechKinect's site.
​
CONTACTING US
If you have any questions about this privacy policy, please contact us.