top of page

EVERMINE (PTY) LTD (“Evermine”)

PRIVACY POLICY & NOTICE

 

  1. INTRODUCTION

    1. Evermine processes personal information and other confidential information of individuals and juristic persons to deliver goods and/or render services to our clients and in the ordinary course of our business. The nature of the personal information which we process, depends on the type of service we render to each client, as well as the legislative requirements to be adhered to by us.

    2. We are obliged to process personal information in accordance with the provisions of the Protection of Personal Information Act, no. 4 of 2013 (‘the POPI Act’). This document constitutes our policy and notice to declare our company’s commitment to comply with the POPI Act when processing personal information and special personal information, as defined and addressed below. Evermine has implemented reasonable measures to ensure that processing of personal information is aligned with the requirements of the POPI Act.

    3. By providing us with your personal information, you agree to the terms of this Privacy Policy and authorise us to process such information as set out herein.

    4. This Privacy Policy and Notice applies to all parties with whom we interact, including but not limited to individual clients, employees, service providers, visitors to our offices, and other users of our services (“you”).

    5. This policy and notice is available on our website https://www.evermine.co.za/ www.everminetimberhomes.co.za and may be reviewed and updated by Evermine from time to time.

 

  1. DEFINITIONS

In this Policy, unless the context otherwise requires, the following words and expressions shall have the meanings assigned to them hereunder:

  1. “Child” means a person under the age of 18 years;

  2. “Data subject” means the natural or juristic person to whom personal information relates, such as an individual member, policyholder or an entity that provides Evermine with products or services;

  3. “Information Officer” means the head of a private body once appointed the information officer must be registered with the South African Information Regulator established under POPIA prior to performing his or her duties. Deputy Information Officers can also be appointed to assist the information officer;

  4. “Deputy Information Officer” means the person to whom any power or duty conferred or imposed on an Information Officer in terms of POPIA has been delegated;

  5. “Information Regulator” means the Regulator established in terms of Section 39 of POPIA;

  6. “Operator” means a person processing personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party e.g. a third party service provider that has contracted with Evermine to shred documents containing personal information.

  7. “Processing” means any operation or activity or any set of operations, whether by automatic means or not, concerning personal information, including:

  1. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;

  2. dissemination by means of transmission, distribution or making available in any other form; or products and legal matters relating to those products; or

  3. merging, linking, as well as restriction, degradation, erasure or destruction of information.

    1. “Responsible party” means a public or private body or any other person which, alone or in conjunction with others determines the purpose of and means for processing personal information.

    2. “Person” means a natural person or a juristic person;

    3. “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to—

  1. information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, wellbeing, disability, religion, conscience, belief, culture, language and birth of the person;

  2. information relating to the education or the medical, financial, criminal or employment history of the person;

  3. any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other assignment to the person;

  4. the biometric information of the person;

  5. the personal opinions, views or preferences of the person;

  6. correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;

  7. the views or opinions of another individual about the person and;

  8. the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

    1. “Private body” means a natural person who carries or has a carried on any trade, business or profession, but only in such capacity;

  1. a partnership which carries or has carried any trade, business or profession;

  2. any former or existing juristic person but excludes a public body.

    1. “Public body’’ means any department of state or administration in the national or provincial sphere of government or any municipality in the local sphere of government; or

any other functionary or institution when exercising a power or performing a duty in terms of the constitution in terms of the constitution; or

exercising a public power or performing a public function in terms of any legislation.

  1. “Special personal information” means personal information concerning -

  1. the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a data subject; or

  2. the criminal behaviour of a data subject to the extent that such information relates to the alleged commission by a data subject of any offence; or

  3. any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings.

 

  1. PERSONAL INFORMATION THAT WE MAY COLLECT

    1. During the course of the rendering of our services and/or during the ordinary course of our business we request, receive, store and record personal information of data subjects. We collect and record only the minimum personal information that is required for us to attend to the relevant matter and may include the information stipulated in clauses 3.2 to 3.6 below.

    2. General identification and contact information

      1. This may include but is not limited to your name; address; e-mail and telephone details;

    3. Identification numbers issued by government bodies or agencies

      1. This includes but is not limited to Identity number; passport number; tax number; or driver’s or another license number.

 

  1. FROM WHO DO WE COLLECT THE PERSONAL INFORMATION?

    1. We may collect or obtain your personal information:

      1. directly from you;

      2. in the course of our business relationship with you;

      3. in the course of delivering goods and/or rendering services to you;

      4. when you visit and/or interact with our website or our social media platforms;

    2. We may record personal information about you such as records of your communications and interactions with us, including, but not limited to, your attendance at events or at interviews in the course of applying for a job with us.

    3. When you contact us by email, other means of electronic communication, telephone, post, or telefax, we collect, store, use and keep record of certain personal information that you disclose to us. This includes details such as your name, address, telefax number, mobile phone number and email communication data. By providing us with your personal information, you authorise us to process such information as set out herein.

 

  1. PROCESSING OF PERSONAL INFORMATION

    1. We process personal information primarily to render services to our clients and/or in the ordinary course of our business. We restrict the processing of personal information to data which is sufficient for the fulfilment of the primary purpose for which it was collected.

    2. We may also process personal information during the course of various activities, including but not limited to –

      1. the rendering of services to clients;

      2. the operating of our business;

      3. for audit and record keeping purposes;

      4. to deal with requests and enquiries about personal information held by us and to update this information, when advised by you;

      5. should you apply for employment at our company, to process your application;

      6. comply with the law and specifically fraud prevention and the combatting of money laundering;

      7. in connection with and to comply with legal and regulatory requirements or when it is otherwise required by law;

      8. For safety and security purposes;

      9. for statistical purposes and for internal management and management reporting purposes, including but not limited to: conducting internal audits, conducting internal investigations, implementing internal business controls, providing central processing facilities, for insurance purposes and for management reporting analysis.

    3. We primarily use your personal information only for the purpose for which it was originally or primarily collected. We will use your personal information for a secondary purpose only if such purpose constitutes a legitimate interest for you or for us and is closely related to the original or primary purpose for which your personal information was collected.

 

  1. WHEN WILL WE PROCESS YOUR SPECIAL PERSONAL INFORMATION?

    1. Insofar possible, we will not process special information.

 

  1. WHEN AND HOW WE WILL PROCESS THE PERSONAL INFORMATION OF CHILDREN

    1. We shall not process personal information of children.

 

  1. SECURITY

    1. We take appropriate and reasonable technical, physical, legal and organisational measures, to ensure that our systems are secure, our records are stored securely, access to our office / systems / records are controlled and that records are safely destroyed.

    2. The internet is an open system, therefore the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your personal information that is in our possession, we cannot guarantee the security of any information transmitted using the internet and we cannot be held liable for any loss of privacy occurring during the course of such transmission.

    3. Should a breach occur despite our strict security measures being in place, we will immediately investigate the breach, ascertain how it occurred and take all steps necessary to rectify the relevant area of exposure. We will ascertain which data has become vulnerable as a result and notify you if the breach may affect you and assist you to minimize any potential damages that you may suffer as a result.

 

 

  1. RETENTION OF PERSONAL INFORMATION

    1. We take reasonable steps to ensure that the personal information we process is reliable for its intended use, and as accurate and complete as is necessary to carry out the purposes described in this Privacy Policy. We will retain personal information for the period necessary to fulfil the purpose outlined in this Privacy Policy unless a longer retention period is required or permitted by other applicable law. We will keep your personal information for as long as:

      1. The law requires us to keep it;

      2. A contract between yourself and Evermine requires us to keep it;

      3. You have consented to us keeping it;

      4. We are required to keep it to achieve the purposes listed in this Privacy Policy;

      5. We require it for our lawful business purposes.

    2. We may keep your personal information even if you no longer have a relationship with us, if the law permits / requires it.

 

  1. SHARING INFORMATION / DISCLOSING OF PERSONAL INFORMATION TO THIRD PARTIES

    1. We undertake to use your personal Information only for the purpose for which the information is essential and not to share or further process your personal information without your consent.

    2. In certain circumstances we must however share personal information with third parties.

    3. Please note that in certain circumstances,

      1. we may process personal information in order to transfer and/or share same to/with our service providers and operators as part of our business operations. We aim to have agreements in place with our service providers to ensure that the personal information that we remain responsible for, is safeguarded by our service providers. Anyone to whom we pass on your personal information, will be required by us to treat your information with the same level of protection as we are obliged to do. Our service providers may include, but is not limited to, the following:

      2. External third-party service providers, such as IT Systems, support and hosting service providers; printing; banks and financial institutions that service our accounts; third party claim administrators; document and records management providers; consultants; and similar third-party vendors and outsourced service providers that assist us in carrying our business activities and/or in the rendering of our goods / services.

      3. we release account and other personal information to third parties when we believe that such release is appropriate to comply with the law; to enforce our client agreements and other agreements; or to protect the rights, property or safety of our company and our clients. We will inform you when we decide to do so and will share only what is reasonably needed for those purposes.

      4. South African legislation allows for the disclosure of personal information to law enforcement or other agencies without your consent. In circumstances where we are required to disclose information because we are legally obliged to do so, we will first consider the legitimate interests of all concerned.

    4. We may need to transfer your personal information to another country for processing or storage of data or when it is otherwise required by virtue of the nature of the services rendered to you. This will be done only in limited circumstances and in strict adherence of the requirements of the POPI Act and other relevant legislation.

    5. In addition to the above, we may share personal information as may be required with the following parties / in the following instances:

      1. where it is necessary for the purposes of, or in connection with, actual or threatened legal proceedings or establishment, exercise or defence of legal rights;

      2. We may also collect and share Personal Information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies) as we believe to be necessary or appropriate in order to -

        1. To comply with applicable law, including laws outside your country of residence;

        2. To comply with legal process;

        3. To respond to requests from public and government authorities including public and government authorities outside your country of residence;

        4. To enforce our terms and conditions / agreement between us and a client / employee / service provider;

        5. To protect our rights, privacy, safety or property, and/or that of you or others; and

        6. To allow us to pursue available remedies or limit our damages.

 

  1. INFORMATION OFFICERS AND DEPUTY INFORMATION OFFICERS

    1. Information Officers and Deputy Information Officers in Evermine are appointed according to the legal and regulatory requirements and will fulfil their regulatory obligations to protect personal information in Evermine. The information officer and deputies are responsible for:

      1. Encouraging compliance with the conditions for lawful processing of personal information;

      2. Attending to requests and complaints made by data subjects in terms of POPIA and PAIA;

      3. Assisting the regulator with any investigation relating to Evermine’ POPIA and PAIA compliance;

      4. An Information Officer is the custodian of any activity relating to the processing of personal information and if any of the provisions of POPIA is breached, he or she could ultimately be held liable for the transgression;

      5. Ensuring that Privacy Notices for internal and external purposes are developed and published;

      6. Ensuring that Evermine makes it convenient for data subjects to update their personal information or submit POPIA related complaint to the company;

      7. Liaising and working with the Information Regulator in relation to ongoing investigation, arising issues, reporting and any other related matter.

    2. The Information Officer for Evermine is:

      1. LIZETTE GUNTENSPERGER – email: lifestyle@evermine.co.za

 

  1. ACCESS TO AND AMENDMENT OF PERSONAL INFORMATION HELD BY US

    1. You can contact our Information Officer and/or Deputy Information Officer should you-

      1. wish to access any personal information held by us and require the purpose for us holding it;

      2. wish to amend / destroy any personal information held by us;

      3. have any queries about this notice.

      4. need further information about our privacy practices.

    2. We will take all reasonable steps to confirm your identity before providing details of your personal information to you. There may be a reasonable charge for providing any information so requested.

    3. Please contact us to update your personal information whenever your details change.

 

  1. WE MAY AMEND OUR PERSONAL INFORMATION PRACTICES AND POLICIES AND REVIEW THIS NOTICE FROM TIME TO TIME.

 

Valid from:

July 2021

bottom of page