PRIVACY POLICY

  >  

At Bronaar Plase (Edms) Bpk (‘Bronaar’, ‘we’, ‘our’) we are committed to protecting your privacy and ensuring that your personal information is collected and used appropriately, lawfully and transparently.

This privacy policy contains:

  • Overview
  • What personal information we collect
  • How we use your personal information
  • Our legal basis for using your personal information
  • Who we share your personal information with and why
  • Retention of your personal information
  • How we keep your personal information secure
  • Your rights
  • Transfers of personal information
  • How to contact us

This privacy policy also sets out various rights that you may exercise in respect of our use of your personal information.  A fundamental right which you should be aware of is that you may ask us to consider any valid objections you have to our use of your personal information where we process your personal information on the basis of our, or another person’s, legitimate interest.

 

Please read this privacy policy carefully to understand how we handle your personal information before you provide your personal information to us.

 

 

Overview

This privacy policy sets out how Bronaar ensures that your personal information is collected and used appropriately, lawfully and transparently. Our business maintains policies and processes around the collection and use of the personal information of our clients, suppliers, service providers, shareholders, members and employees.

 

Our responsibilities
Bronaar is responsible for your data in relation to your use of our services as a client, supplier, service provider, shareholder and/or employee of Bronaar.  Our registered address is Bronaar Plase (Edms) Bpk, Koue Bokkeveld, 6836.  We are the responsible party of the personal information that we collect from you, and as such we control the way in which your personal information is collected and the purposes for which your personal information is used.


Our Operators
No third party has been appointed to process the personal information of our clients, service providers, suppliers, shareholders or employees.

 

 

What personal information we collect

We collect personal information directly from you.  For example, we ask for personal information at the start of our relationship (e.g. when you become a shareholder or employee), and in subsequent communications in order to check your identity.  This is a legal requirement and is important to help safeguard you and us against potential crime.  We may also collect information about you from other sources such as external third parties, but only with your consent.

Details of the key categories of personal information we collect are set out below, but please contact us if you would like more or different information.

 

In relation to our employees
We will hold certain personal information to remunerate you as agreed in your employment contract and to contact you for work related matters.

This personal information about you includes:

  • name and surname;
  • physical- and/or postal address;
  • ID number;
  • job title;
  • banking details;
  • data provided when you correspond with us;
  • any updates to data provided to us.

 

In relation to our shareholders
Our operators hold data relating to our shareholders. It is a legal requirement that your name, address and the number of shares you hold are made available on a Register of Members.  Certain other information may be held by our registrars/operators to improve the service that they provide to you, such as bank details to enable the payment of dividends directly to your bank account.

This personal information about you will include, where relevant:

  • name and surname;
  • physical- and/or postal address if relevant;
  • email address if relevant;
  • ID number;
  • job title, your company name and your company’s address if relevant;
  • data provided when you correspond with us;
  • any updates to data provided to us.

 

In relation to our suppliers and service providers
If you are a supplier or service provider to Bronaar (or an employee or other personnel of a supplier or service provider), we will hold information in relation to the persons who are engaged in the provision of those goods and/or services to us, goods- and/or service related data, relationship management data, and other information that you might have provided to us, or which we may have collected directly from you in another form.

 

In relation to our clients
If you are a client of Bronaar (or an employee or other personnel of a client), we will hold information in relation to the persons who make use of our goods and/or services and goods and/or service related data, relationship management data, and other information that you might have provided to us, or which we may have collected directly from you in another form.

In all cases we will keep your personal information only as long as is necessary for the purpose for which it was collected, or for legal or regulatory reasons.  Personal information is securely disposed of when it is no longer required to be held.

 

 

How we use your personal information

We process your information to perform our contract with you, to fulfil our obligations to our clients, service providers, suppliers, shareholders and employees, to support and maintain that relationship, and to comply with legal obligations. 

We also use it:

  • for internal reporting, business administration and to identify and implement business efficiencies;
  • to comply with any procedures, laws and regulations which apply to us – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so;
  • to establish, exercise or defend our legal rights – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so.

 

In relation to our employees
If you are an employee, we will use your personal information:

  • to register you as an employee and maintain and keep this information up to date;
  • to deal with any enquiries or issues you might raise;
  • to provide you with relevant information, reports and communications;
  • to remunerate you with frequency as contractually agreed;
  • to conduct disciplinary measures;
  • for other legitimate purposes connected with you as an employee.

 

In relation to our shareholders
If you are a shareholder, we will use your personal information:

  • to register you as a shareholder and maintain and keep this information up to date;
  • to deal with any enquiries or issues you might raise;
  • to provide you with relevant information, reports and communications;
  • for other legitimate purposes connected with you as one of our shareholders.

 

In relation to our suppliers and service providers
If you are a supplier or service provider to Bronaar (or an employee or other personnel of a supplier or service provider), we will use your information to manage and receive the goods and/or services you provide, and to exercise our rights and obligations in respect of those goods and/or services, including to confirm and process orders or requests, for administration of accounts, and for tax and payment purposes.

 

In relation to our clients
If you are a client of Bronaar (or an employee or other personnel of a client), we will use your information to provide our goods and/or services to you, and to exercise our rights and obligations in respect of those goods and/or services, including to confirm and process requests, for administration of accounts, and for tax and payment purposes.



Our legal basis for using your personal information

We can only use your personal information if we have a proper reason for doing so.  We consider that the legal bases for using your personal information as set out in this privacy policy are as follows:

  • To comply with our legal and regulatory obligations;
  • To perform a contract with you or to take steps at your request before entering into a contract;
  • To respect your choice if we request your consent for specific processing;
  • To use your personal information as is necessary for our legitimate interests or the legitimate interests of others. In some cases, we have identified where this is the case elsewhere in this privacy policy.  Our legitimate interests are:
    • to run and manage our business;
    • to provide information to our shareholders;
    • to perform checks e.g. identification checks and other verifications in line with money laundering or other requirements, on those we interact with;
    • to select appropriately skilled and qualified employees, suppliers and/or service providers;
    • to make and receive payments;
    • to conduct internal administrative

 

If we rely on our (or another person’s) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person’s) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information.

 

 

Whom we share your personal information with and why

We may share your information with trusted third parties, who perform tasks for us and help us to provide our goods and/or services to you, and with other agencies where required by law, court order or regulation.  These include:

  • our operators, should we choose to appoint such in future;
  • a third party to verify your identity, in line with money laundering or other requirements;
  • organisations, including the police and fraud prevention agencies, to prevent and detect fraud;
  • regulatory or governmental agencies;
  • our suppliers and/or service providers, including but not limited to payment processors and suppliers of technical and support services.

 

Any third parties with whom we share your personal information are limited, by law and by contract, in their ability to use your personal information for any purpose other than to provide services for us.  We will always ensure that any third parties with whom we share your personal information are subject to privacy and security obligations consistent with this privacy policy and applicable laws.

 

We will also disclose your personal information to third parties:

  • where it is in our legitimate interests to do so to run and manage our business, such as:
    • if we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets;
    • if substantially all of our assets are acquired by a third party, in which case personal information held by Bronaar will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
  • in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity;
  • to protect the rights of Bronaar and our employees, shareholders or other persons. This may include exchanging personal information with other organisations for the purposes of fraud protection and credit risk reduction.

 

 

Retention of your personal information

We keep your personal information for no longer than necessary for the purposes for which the personal information is processed or as required by law or regulation.  The length of time we retain personal information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.  Currently this period is

  • 2 years for regular employee, client, service provider and supplier information,
  • 7 years for financial information, and
  • duration of life for medical information,

from the date you no longer do business with us.

 

 

How we keep your personal information secure

The main risk of our processing of your personal information is if it is lost, stolen or misused.  This could lead to your personal information being in the hands of someone else who may use it fraudulently or make public information that you would prefer to keep private.


For this reason, Bronaar is committed to protecting personal data from loss, misuse, disclosure, alteration, unauthorised access, unavailability and destruction and takes all reasonable precautions to safeguard the confidentiality of personal data, including through use of appropriate organisational and technical measures. 


Organisational measures include physical access controls to our premises, implementing internal policies and staff training and ensuring confidentiality obligations are imposed on our employees and third parties. 


Technical measures include requiring passwords for access to our systems and the use of anti-virus software.


We are committed to ensuring the confidentiality of the personal information that we hold and we continue to review our security controls and related policies and procedures to ensure that your personal information remains secure.

 

 

Your rights

You have the right:

  • of access to any personal information we hold about you; you can ask us for a copy of your personal information, confirmation whether your personal information is being used by us, details about how it is used and details about why it is used;
  • to request an update to any of your personal information that is out of date or incorrect;
  • to ask us to delete any personal information which we are holding about you in certain specific circumstances;
  • to ask us to restrict the way that we process your personal information.

 

In certain circumstances, you also have the right to:

  • withdraw your consent for the processing of your personal information; if we are relying on consent and have no other legal grounds for processing your personal information, you can withdraw your consent;
  • object to the processing of your personal information; you may ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person’s legitimate interest, or where we use your personal information for profiling purposes;
  • object to automated decision making and profiling;
  • ask us to provide your personal information to a third party provider of services, where we use your personal information on the basis of your consent or performance of a contract.

 

We will consider all such requests and provide our response within a reasonable period (and in any event within the period allowed by applicable law).  Please note, however, that certain personal information may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims.


We may request you to provide us with information necessary to confirm your identity before responding to any request you make.  If an exception applies, we will tell you this when responding to your request.

 

 

Bring Your Own Device (BYOD) Policy

Employees are not required to use their own mobile devices for work purposes.


Should clients be consulted on the premises of Bronaar, only trusted persons will be allowed to access our internal WiFi network.

 

 

Transfers of personal information

The personal information we process may be used, stored and/or accessed by staff working for us, other members of Bronaar or third party partners providing services to us, or performing services on our behalf.  Further details on whom your personal information may be disclosed to are set out above.


When we contract with third parties, we require that they have appropriate security, privacy and confidentiality measures in place to ensure that personal information is kept secure.  We do not work with third parties outside South Africa.

 

 

How to contact us

If you would like any more information about the way we use your information, or if you wish to exercise the rights listed above, please contact us using the details below:

Hendrina van der Merwe
Bronaar Information Officer

Bronaar
Koue Bokkeveld
6836
South Africa

 

Mobile: +27 (0)83 444 9746
Tel: +27 (0)23 317 0729
Email: hendrien@bronaar.co.za

 

 

You have a right to complain to the Information Regulator if you think that your information has been misused.  The contact details are:

www.justice.gov.za/inforeg/index.html

Tel: +27 (012) 406 4818
Fax: 086 500 3351
Email: inforeg@justice.gov.za

 

 

Changes to our Privacy Policy

We may change this privacy policy from time to time.

Please check back frequently to see any updates or changes to our privacy policy.  By continuing to interact with us, you are confirming that you have read and understood the latest version of our privacy policy, which we will make available to you on request.