PROTECTION OF PERSONAL INFORMATION ACT- POLICY AND COMPLIANCE
Policy version: V1 July 2021
Date implemented: 1 July 2021
Responsible person: Information Officer
THE ENTITIES OF SERENGETI ESTATES, NAMELY SERENGETI ESTATES PROPERTY OWNERS ASSOCIATION (RF) NPC (“SPOA”), SERENGETI GOLF CLUB (PTY) LTD (“Golf Club”), SERENGETI GOLF AND WILDLIFE ESTATE PROPERTY MARKETING (PTY) LTD (“Marketing”) AND AFRICAN KINGDOM HOLDINGS (PTY) LTD (“AKH”) (COLLECTIVELY REFERRED TO AS “THE SERENGETI ESTATES ENTITIES”), ARE COMMITTED TO COMPLIANCE WITH, AND TO ADHERE TO THE PROTECTION OF PERSONAL INFORMATION ACT, AND CONFIRM THAT WE COMPLY WITH THIS LEGISLATION.
The POPI Act requires the Serengeti Estates entities to:
Sufficiently inform members/patrons/residents/visitors/personnel/ service providers (hereinafter referred to as “data subjects”), the purpose for which we will process their personal information;
Protect the Information assets of the Serengeti Estates entities from threats, whether internal or external, deliberate or accidental, to ensure business continuation, minimise business damage and maximise business opportunities.
This policy and compliance framework establishes measures and standards for the protection and lawful processing of personal information within the Serengeti Estates entities and provides principles regarding the right of individuals to privacy and to reasonable safeguarding of their personal information.
Application of this Policy
This Policy applies to all data subjects of Serengeti Estates.
All employees, managers, business units, project managers, departments and individuals directly associated with any of the Serengeti Estates entities are responsible for adhering to this policy and for reporting any security breaches or incidents to the Information Officer.
Any service provider that provides information technology services, including data storage facilities, to any of the Serengeti Estates entities must adhere the requirements of the POPI Act to ensure adequate protection of personal information held by them on our behalf. Written confirmation to this effect must be obtained from relevant service providers.
The appointed Information Officer is responsible for:
Conducting a preliminary assessment.
The development, implementation and monitoring of this policy and compliance framework.
Ensuring that this policy is supported by appropriate documentation.
Ensuring that documentation is relevant and kept up to date.
Ensuring this policy and subsequent updates are communicated to relevant members, residents, managers, representatives, staff and other data subjects, where applicable.
Principle 1: Accountability
The Serengeti Estates entities must take reasonable steps to ensure that personal information obtained from data subjects is stored safely and securely.
This includes personal information such as names, identity numbers, addresses, email addresses, references, qualifications, integrity checks and any other personal information that may be obtained for the purpose of providing Estate services, administrative services and such other services as may be related to Serengeti Estates, to the data subjects.
Principle 2: Processing limitation
The Serengeti Estates entities will collect personal information directly from candidates.
Once in the possession of the Serengeti Estates entities, the data will only be processed or released to non-Serengeti Estates entities with the consent of the data subject in question, except where the Serengeti Estates entities are required to do so by law. In the latter case the data subject will be informed of such release.
Principle 3: Specific purpose
Personal information will be processed to enable us the Serengeti Estates entities to perform the functions of such entities and to provide the services or functions, which is the purpose of such entity.
Principle 4: Limitation on further processing
Personal information may not be processed further in a way that is incompatible with the purpose for which the information was collected initially, without the consent of the data subject.
Principle 5: Information quality
The Serengeti Estates entities are responsible for ensuring that processed information is complete, up to date and accurate before such information is used by the Serengeti Estates entities. This means that it may be necessary to request data subjects, from time to time, to update their information and confirm that it is still relevant. If we are unable to reach a data subject for this purpose, their information will be deleted from our records.
Principle 6: Transparency/openness
Where personal information is processed from a source other than directly from a data subject, the Serengeti Estates entities are responsible for ensuring that the data subject is aware –
that the information is being processed,
who or which Serengeti Estates entity is processing the information by giving them the details of the entity, and
what the specific reason for the processing of the information is.
Principle 7: Security safeguards
The Serengeti Estates entities will ensure technical and organisational measures to secure the integrity of personal information, and guard against the risk of loss, damage, or destruction thereof. Personal information must also be protected against any unauthorised or unlawful access or processing. The Serengeti Estates entities are committed to ensuring that information is only used for legitimate purposes with data subject consent and only by authorised employees of the Serengeti Estates entities.
Principle 8: Participation of individuals
Data subjects are entitled to know particulars of their personal information held by the Serengeti Estates entities, as well as the identity of any authorised employees of the Serengeti Estates entities that have access thereto. Data subjects are also entitled to correct any information held by the Serengeti Estates entities.
The Board of the SPOA, which includes representatives of all the Serengeti Estates entities, the management of each of the Serengeti Estates entities, and the Information Officer are responsible for administering and overseeing the implementation of this policy and, as applicable, supporting guidelines, standard operating procedures, notices, consents and appropriate related documents and processes. All employees, consultants, service providers’ on-site personnel, departments and individuals directly associated with the Serengeti Estates entities are to be trained, according to their functions, in the regulatory requirements, policies and guidelines that govern the protection of personal information. The Serengeti Estates entities will conduct periodic reviews and audits, where appropriate, to ensure compliance with this policy and guidelines.
The Serengeti Estates entities shall establish appropriate standard operating procedures that are consistent with this policy and regulatory requirements. This will include:
Allocation of information security responsibilities. Incident reporting and management. User ID addition or removal. Information security training and education. Data backup.
Any breach/es of this policy may result in disciplinary action and possible termination of employment.
For data subjects:
By entering the Estate and submitting your information, you confirm:
That you have read and understood this POPI Policy.
That you have no objection to us retaining your personal information in our database for the purposes of providing Estate services.
That the information you have provided to the Serengeti Estates entities is true, correct and up to date.
If you have any additional questions about the Serengeti Estates entities collection and storage of data, please contact ___________________________ at the Estate Management Centre or on ______________________________ or at firstname.lastname@example.org.
You can at any time change or withdraw your consent from the Cookie Declaration on our website
Your consent applies to the following domains: serengeti-estates.co.za
Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.
As most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.
The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.
What types of cookies do we use ?
Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to your basket, and checkout securely.
Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit, etc. These data help us understand and analyze how well the website performs and where it needs improvement.
Marketing: Our website displays advertisements. These cookies are used to personalize the advertisements that we show to you so that they are meaningful to you. These cookies also help us keep track of the efficiency of these ad campaigns.
The information stored in these cookies may also be used by the third-party ad providers to show you ads on other websites on the browser as well.
Functional: TThese are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing content of the website on social media platforms.
Preferences: These cookies help us store your settings and browsing preferences like language preferences so that you have a better and efficient experience on future visits to the website.
The below list details the cookies used in our website.
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
How can I control the cookie preferences ?
In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more about how to manage and delete cookies, visit wikipedia.org, www.allaboutcookies.org.