Privacy Policy
In Terms of Section 18 of POPIA

PRIVACY POLICY AND NOTIFICATION AS CONTEMPLATED IN SECTION 18

OF THE PROTECTION OF PERSONAL INFORMATION ACT, ACT 4 OF 2013

BY ACCESSING AND USING PREFERENCE CAPITAL’S WEBSITE OR ANY OF PREFERENCE CAPITAL’S PRODUCTS, THE PERSON USING OR ACCESSING PREFERENCE CAPITAL’S WEBSITE OR PRODUCTS/THE DATA SUBJECT, CONFIRMS AND AGREES THAT HE/SHE/IT HAS READ PREFERENCE CAPITAL’S PRIVACY POLICY AND NOTIFICATION SET OUT IN THE DOCUMENT BELOW, THAT HE/SHE/IT UNDERSTANDS AND ACCEPTS THE TERMS AND CONDITIONS OF THE PRIVACY POLICY AND CONSENTS TO THE PROCESSING OF HIS/HER/ITS PERSONAL INFORMATION BY PREFERENCE CAPITAL AS SET OUT IN PARAGRAPH 16 OF, AND AS FURTHER PROVIDED IN, THIS PRIVACY POLICY. IF SUCH PERSON/THE DATA SUBJECT IS NOT PREPARED TO AGREE AS STATED ABOVE AND TO PROVIDE THE AFORESAID CONFIRMATION AND CONSENT, THE DATA SUBJECT MUST IMMEDIATELY CEASE USING AND ACCESSING THE WEBSITE AND PREFERENCE CAPITAL’S PRODUCTS.

PAR. NO. | HEADING OF PARAGRAPH
  1. DEFINITIONS AND INTERPRETATION
  2. RECORDAL
  3. THE CONTACT INFORMATION
  4. COLLECTION OF PERSONAL INFORMATION
  5. SOURCES OF COLLECTION OF PERSONAL INFORMATION
  6. PURPOSES OF COLLECTION OF PERSONAL INFORMATION
  7. IS THE SUPPLY OF THE PERSONAL INFORMATION BY A DATA SUBJECT VOLUNTARY OR MANDATORY?
  8. THE CONSEQUENCES OF FAILURE TO PROVIDE THE PERSONAL INFORMATION TO PREFERENCE CAPITAL
  9. THE FOLLOWING LAWS ARE AUTHORISING OR REQUIRING THE COLLECTION OF PERSONAL INFORMATION BY PREFERENCE CAPITAL
  10. CROSS BORDER TRANSFER OF PERSONAL INFORMATION
  11. RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL INFORMATION COLLECTED BY PREFERENCE CAPITAL
  12. NATURE OR CATEGORY OF PERSONAL INFORMATION COLLECTED BY PREFERENCE CAPITAL
  13. RIGHT OF ACCESS TO AND RIGHT TO RECTIFY OR CORRECT PERSONAL INFORMATION
  14. RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL INFORMATION
  15. RIGHT TO LODGE A COMPLAINT TO THE INFORMATION REGULATOR AND THE CONTACT DETAILS OF THE INFORMATION REGULATOR
  16. CONSENT BY DATA SUBJECT | FORM A: CONSENT BY DATA SUBJECT
  17. DISCLAIMER
  18. AVAILABILITY OF THIS PRIVACY POLICY
DEFINITIONS AND INTERPRETATION

In this Privacy Policy the following words and/or terms shall have the meanings ascribed to them below and it shall be interpreted as provided herein:
1.1 “PrefCap” means Preference Capital (Pty) Ltd, registration number: 2015/168311/07, trading as Preference Capital;
1.2 “Preference Capital’s PAIA Manual” means the manual compiled by PrefCap as provided in terms of Section 51 of PAIA, which manual appears on PrefCap’s website, and which is available at its place of business at the street address stated in paragraph 3 of this Privacy Policy;
1.3 “Client” means a Person who previously was a client or is an existing client or is a potential client of PrefCap;
1.4 “Contractor” means any Person who has entered into an agreement with a PrefCap to provide a service similar to that of an Employee, to PrefCap;
1.5 “Data Subject” means any Person to whom Personal Information relates, including but not limited to, Clients, Employees, Contractors, Operators and Suppliers, other Persons and third parties, as the context may indicate;
1.6 “Employee” means any natural Person who is employed by PrefCap and receives or is entitled to receive remuneration, including a natural Person who conducts the business of PrefCap and the directors of PrefCap;
1.7 “Information Officer” means the duly appointed information officer of PrefCap as provided in terms of POPIA, whose details are contained in paragraph 3 of this Privacy Policy;
1.8 “Information Regulator” means the Information Regulator as established in terms of Section 39 of POPIA;
1.9 “Operator” means a Person who Processes Personal Information for a Responsible Party (including PrefCap where appropriate) in terms of a contract or mandate, without coming under the direct authority of that party;
1.10 “PAIA” means the Promotion of Access to Information Act, Act 2 of 2000 and all rules and regulations issued in terms thereof;
1.11 “Person” means any natural or juristic person, partnership, joint venture, trust, entity, association or body (whether incorporated or not) and public body, as the context may indicate;
1.12 “Personal Information” means personal information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to: (a) information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; (b) information relating to the education or the medical, financial, criminal or employment history of the person; (c) any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person; (d) biometric information of the person; (e) personal opinions, views or preferences of the person; (f) correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; (g) the views or opinions of another individual about the person; and (h) the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person, but excludes information about an individual who has been dead for more than 20 years;
1.13 “POPIA” means the Protection of Personal Information Act, Act 4 of 2013 and all regulations, applicable rules, guidance notes and codes issued in terms thereof;
1.14 “the/this Privacy Policy” means the policies and notification as set out in this document;
1.15 “Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information including (a) the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use; (b) disseminating by means of transmission, distribution or making available in any other form or (c) merging, linking, as well as restriction degradation, erasure or destruction of information, and “Process” shall be construed accordingly;
1.16 “Responsible Party” means a public or private body (including PrefCap) or any other person which, alone or in conjunction with others, determines the purpose of and means for Processing Personal Information;
1.17 “Special Personal Information” means any Personal Information of a data subject, concerning (a) the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a Data Subject; or (b) the criminal behaviour of a Data Subject to the extent that such information relates to (i) the alleged commission by a Data Subject of any offence; or (ii) any proceedings in respect of any offence allegedly committed by a Data Subject or the disposal of such proceedings;
1.18 “Supplier” means any Person who has entered into an agreement with a PrefCap to provide goods or services to such PrefCap;
1.19 In this Privacy Policy, any reference to:
1.19.1 the singular shall include the plural and vice versa;
1.19.2 any one gender shall include the other genders, as the case may be;
1.19.3 any statute, regulation, legislation or other law is a reference to the version of that statute, regulation, legislation or law in force at the time of publication of this Privacy Policy as amended or re-enacted thereafter;
1.19.4 the words “include” or “including” means “include without limitation” or “including without limitation”. Use of the words ‘’include’’ or including” is for illustration or emphasis only and when followed by specific examples, it must not be interpreted as limiting the meaning of the general wording preceding it.

2. RECORDAL

2.1 This Privacy Policy applies to PrefCap as a Responsible Party and, amongst others, provides the detail of the information prescribed in terms of Section 18 of POPIA;
2.2 PrefCap strives to safeguard the security of and to protect Personal Information collected by it by taking appropriate, reasonable, technical and organisational measures to prevent loss of, damage to or unauthorised destruction of such Personal Information and unlawful access to or Processing of Personal Information. Any compromise of data integrity or confidentiality will be reported to a Data Subject by email to enable the Data Subject to protect its own interest and PrefCap will provide the Data Subject with all reasonable assistance in this regard. PrefCap further implemented processes and procedures to ensure that risks pertaining to such Personal Information are identified and recorded and that appropriate security measures are implemented to mitigate such risks;
2.3 PrefCap shall ensure that all agreements entered into with Operators provide that the Operators are obliged to comply with POPIA and PAIA at all times;
2.4 By enquiring about PrefCap’s products and services or completing the online application form, a Client and/or Data Subject will be required to provide PrefCap with certain Personal Information and PrefCap will collect Personal Information of Data Subjects, including collecting it through Operators, the use of cookies and tracking technologies;
2.5 PrefCap is required to ensure that Personal Information is accurate and maintained in a secure environment for no longer than is necessary for achieving the purposes for which PrefCap has collected the Personal Information or subsequently Processed the Personal Information. PrefCap generally retains Personal Information collected by it in accordance with the timeframes set out in any relevant legislation which applies to the Personal Information collected. PrefCap may however need to retain Personal Information for longer e.g. where PrefCap is required to do so in accordance with legal, regulatory, tax or accounting requirements, or dealing with complaints, legal challenges or current or prospective litigation, dispute resolution or disciplinary or incapacity proceedings;
2.6 PrefCap strives to ensure the security of Personal Information collected by it by taking reasonable measures to prevent the destruction, unlawful access and loss of such Personal Information;
2.7 PrefCap may amend this Privacy Policy from time to time and any amendment shall become effective on the date of publication of such amendment on PrefCap’s website or as otherwise determined by PrefCap. It remains the obligation of all Data Subjects and Clients to regularly familiarise themselves with the latest version of this Privacy Policy;
2.8 This Privacy Policy should be read in conjunction with PrefCap’s PAIA Manual.

3. CONTACT INFORMATION

The following is the contact information of PrefCap as Responsible Party:

Name: Preference Capital (Pty) Ltd, registration number: 2015/168311/07, trading as Preference Capital;
Postal address: Private Bag X02, Highlands North, Johannesburg, Gauteng, 2037;
Street address: Mazars House, 54 Glenhove Road, Melrose Estate, Johannesburg, Gauteng, 2196;
Telephone number: 011 883 2897;
Name and electronic mail address of the Information Officer of PrefCap as authorised by the head of PrefCap (Chief Executive Officer): Jason Sostak – jason@prefcap.co.za.

4. COLLECTION OF PERSONAL INFORMATION

PrefCap collects the following Personal Information:
4.1 information required to identify a Person, including names, identity and registration numbers, obtained from Data Subject directly or from the Companies and Intellectual Property Commission, copies of identity documents, constitutional documents, including registration certificates, memorandums of incorporation, letters of authority and trust deeds, founding statements and partnership agreements, telephone and cell phone numbers and e-mail addresses;
4.2 financial records and information including, financial statements, management accounts and copies of bank account statements;
4.3 information to determine a Person’s creditworthiness and to conduct a credit assessment, including credit bureau information, Deeds Office information and bank codes;
4.4 information required for purposes of PrefCap’s agreement with a Client (including invoices), a Supplier, a business associate and an Employee or Contractor as well as information pertaining to related directors, members, trustees and shareholders, resolutions, minutes of meetings, security registers, share certificates, title deeds, bond documentation, records relating to the appointment of officials, auditors, tax records, personnel records and information, correspondence and contracts and records regarding assets and liabilities;
4.5 information to determine if a Person has the legal capacity to act, including marriage certificates, birth certificates, Deeds Office information and constitutional documents;
4.6 information required for statistical purposes, market and other research, marketing in general and to improve a PrefCap’s services or communication with its Clients and other Persons, including IP addresses, information obtained through the use of cookies and tracking technologies, information relating to the routing, duration and time of electronic communications on electronic communication networks, information collected through web browsers, search terms used, web pages accessed, information pertaining to visits to PrefCap’s website, including the number of visits, average time spent on the website, pages viewed, other websites, the type of web browser used and information collected through social networking services (which social networking services may collect information on its own, subject to its own privacy policies and practices), lists of the products and services in which an interest is expressed when accessing PrefCap’s website, personal or professional interests, demographics, experiences with PrefCap’s products;
4.7 information required for purposes of litigation, disciplinary and incapacity proceedings;
4.8 information required in terms of legislation.

5. SOURCES OF COLLECTION OF PERSONAL INFORMATION

5.1 PrefCap shall, as far as possible, always collect Personal Information about a Data Subject directly from the Data Subject, except as otherwise provided in terms of POPIA;
5.2 If PrefCap collects Personal Information from a source other than directly from the Data Subject, it shall ensure that such collection is done as prescribed by law;
5.3 Where PrefCap does not collect the Personal Information directly from the Data Subject, the sources from which PrefCap collects the Personal Information are as follows and the following shall apply:
5.3.1 the Data Subject’s auditors;
5.3.2 the Data Subject’s bankers and other financial institutions with which the Data Subject has or had a relationship;
5.3.3 credit bureaux;
5.3.4 CIPC;
5.3.5 the Deeds Offices;
5.3.6 the Data Subject’s debtors;
5.3.7 social media platforms, emails, letters, telephone calls, newspapers, electronic search engines, websites, cookies, tracking technologies, applications and surveys;
5.3.8 PrefCap’s business associates and service providers;
5.3.9 government institutions;
5.3.10 the members of the group of entities that form part of the PrefCap Group of companies of which PrefCap forms part;
5.3.11 the Data Subject’s spouse, dependants, partners, employer, a joint applicant or account holder and other similar sources or related Persons;
5.3.12 Persons the Data Subject has authorised to share his/her/its Personal Information, such as a Person that makes a travel booking on his/her/its behalf, or a medical practitioner for insurance purposes;
5.3.13 attorneys, tracing agents, debt collectors and other Persons that assist with the enforcement of agreements;
5.3.14 payment processing services providers, merchants, banks and other Persons that assist with the processing of customers’ payment instructions, such as card scheme providers (including VISA or MasterCard);
5.3.15 insurers, brokers, other financial institutions or other organisations that assist with insurance and assurance underwriting, the providing of insurance and assurance policies and products and the assessment of insurance claims;
5.3.16 law enforcement and fraud prevention agencies, and other Persons tasked with the prevention and prosecution of crime;
5.3.17 regulatory authorities, industry ombudsmen, government departments, and local and international tax authorities;
5.3.18 qualification information providers;
5.3.19 trustees, executors or curators appointed by a court of law;
5.3.20 courts of law and tribunals;
5.3.21 marketing list providers.

6. PURPOSE OF COLLECTION OF PERSONAL INFORMATION

The following are the Purposes for which Personal Information is being collected and Processed by PrefCap:
6.1 to provide and maintain the products and services offered by PrefCap and its subsidaries;
6.2 to identify a Person;
6.3 to conduct risk, credit and affordability assessments and credit scoring and to develop credit scoring models and tools;
6.4 to determine if a Person is creditworthy and/or if PrefCap should enter into an agreement or relationship with a Person;
6.5 to draft, complete, give effect to and/or perform in terms of all agreements and documentation relating to a Person’s agreements and relationship with the PrefCap;
6.6 to determine if a Person has the requisite legal capacity to act;
6.7 to enforce PrefCap’s rights and to use in the event of a dispute in dispute resolution proceedings or in litigation, disciplinary or incapacity proceedings;
6.8 to communicate with Persons;
6.9 to comply with tax requirements;
6.10 to comply with labour related requirements;
6.11 to comply with the requirements of the law, court order or applicable code of conduct;
6.12 to store the Personal Information securely and to comply with record keeping and reporting requirements;
6.13 to conduct market and other research;
6.14 to engage with a Person for marketing purposes, including direct marketing;
6.15 to compile statistics;
6.16 to provide Clients with products and services, to notify Clients about changes or developments to such products and services and to improve PrefCap’s website, products and services;
6.17 to respond to inquiries and/or complaints or Process requests in relation to Personal Information;
6.18 to use during PrefCap’s customer care processes and procedures;
6.19 to update PrefCap’s records about Clients and related matters;
6.20 to maintain internal record keeping including to retain Personal Information in a central data base;
6.21 to prevent, detect and report fraud and other criminal action;
6.22 to comply with credit reporting obligations;
6.23 to use in relation to competitions, surveys and promotions;
6.24 to evaluate the effectiveness of PrefCap’s marketing and for research, training and statistical analysis with the aim of improving PrefCap’s services; and
6.25 to make PrefCap’s website easier to use and to provide Persons with access to the website or specific parts thereof; and
6.26 to evaluate and/or negotiate a merger, acquisition, restructuring, reorganization, dissolution, or other sale or transfer of some or all of PrefCap’s assets, whether as a going concern or as part of bankruptcy, liquidation, business rescue or similar proceeding, in which Personal Information held by PrefCap may be part of the assets transferred;
6.27 to use in litigation, dispute resolution proceedings or labour disputes and to generally protect PrefCap’s rights;
6.28 for any related purposes,
on condition that Processing is necessary to conclude or perform under a contract PrefCap has with a Data Subject or to provide a solution to a Client, the law requires or permits such Processing, such Processing is required to protect or pursue a Client’s, PrefCap’s or a third party’s legitimate interest or the Data Subject or a competent person, if the Data Subject is a child, has consented thereto, and PrefCap will only further Process Personal Information or Personal Information of children or Special Personal Information as specifically provided in PAIA or the law.

7. IS THE SUPPLY OF THE PERSONAL INFORMATION BY A DATA SUBJECT VOLUNTARY OR MANDATORY?

7.1 The supply of Personal Information by the Data Subject as required by PrefCap is voluntary, subject to the provisions of paragraph 8 below;
7.2 Where a Client provides or has to provide PrefCap with Personal Information of third parties, such Client must take steps to inform the third party that the Client needs to disclose the third party’s Personal Information to PrefCap, and the Client must identify PrefCap to such third party. Unless otherwise advised in writing by the Client, PrefCap will accept that the third party did not object to PrefCap Processing the third party’s Personal Information and PrefCap will Process the third party’s Personal Information in accordance with this Privacy Policy.

8. THE CONSEQUENCES OF FAILURE TO PROVIDE THE PERSONAL INFORMATION TO PREFCAP

Should a Person or Client fail or neglect to provide any Personal Information to PrefCap as requested, it may cause PrefCap to refuse to enter into a business or other relationship with such Person or a Client and/or may prevent PrefCap from complying with its obligations in terms of the law.

9. THE FOLLOWING LAWS ARE AUTHORISING OR REQUIRING THE COLLECTION OF PERSONAL INFORMATION BY PREFCAP:

9.1 Deeds Registries Act, Act No. 47 of 1937;
9.2 The Criminal Procedures Act, Act No. 51 of 1977;
9.3 The Labour Relations Act, Act No. 66 of 1995;
9.4 Employment Equity Act, Act No. 55 of 1998;
9.5 The Basic Conditions of Employment Act, Act No. 75 of 1997;
9.6 Compensation for Occupational Injuries and Diseases Act, Act No. 130 of 1993;
9.7 Occupational Health and Safety Act, Act No. 85 of 1993;
9.8 Competition Act, Act No. 89 of 1998;
9.9 Insolvency Act, Act No. 24 of 1936;
9.10 The Companies Act, Act No. 61 of 1973;
9.11 The Companies Act, Act No. 71 of 2008;
9.12 Unemployment Insurance Act, Act No. 63 of 2001;
9.13 Value Added Tax Act, Act No. 89 of 1991;
9.14 Skills Development Act, Act No. 97 of 1998;
9.15 Skills Development Levies Act, Act No. 9 of 1999;
9.16 Trademarks Act, Act No. 194 of 1993;
9.17 Income Tax Act, act No. 58 of 1962.

10. CROSS BORDER TRANSFER OF PERSONAL INFORMATION

PrefCap intends to transfer Personal Information to the following third party countries or international organisations and the level of protection afforded to the Personal Information by those third party countries or international organisations:
10.1.1 PrefCap’s service providers situated or with facilities in countries outside South Africa, in respect of the storage or retention of electronic information and data;
10.1.2 PrefCap’s business associates in countries outside South Africa, in respect of business opportunities in such countries;
10.1.3 Other third parties, if the relevant transaction or situation requires cross-border Processing;
10.1.4 PrefCap’s bankers which are international organisations,
10.1.5 the transfer otherwise complies with the provisions of POPIA;
but all of the above will only be done if the relevant service provider, business associate, other third party or banker, is subject to a law, binding corporate rules or a binding agreement which provide an adequate level of protection as envisaged in POPIA or if a Data Subject consents to the transfer of its Personal Information to third parties in foreign countries or as otherwise provided in POPIA.

11. RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL INFORMATION COLLECTED BY PREFCAP

PrefCap may disclose Personal Information to the following third parties:
11.1 PrefCap’s shareholders, subsidiaries and other entities forming part of the group of entities of which PrefCap is a member;
11.2 PrefCap’s insurers, underwriters and insurance brokers;
11.3 PrefCap’s auditors and other professional advisers (including legal advisers);
11.4 judicial, regulatory, law enforcement and prosecution bodies (including applicable ombudsmen and tax authorities);
11.5 government authorities;
11.6 courts, tribunals, dispute resolution bodies and disciplinary or disability forums;
11.7 the general public as approved by a Data Subject;
11.8 employment verification agencies;
11.9 tracing agents, debt collectors and other Persons assisting PrefCap to enforce its rights;
11.10 Credit bureaux;
11.11 PrefCap’s bankers;
11.12 Client’s bankers, auditors and/or other advisers;
11.13 PrefCap’s business associates;
11.14 PrefCap’s Employees and Contractors;
11.15 PrefCap’s service providers and Suppliers, including payment processing service providers and Persons who provide PrefCap with technical support and assistance in respect of its website, Persons that provide back-office services, Persons that provide hosting services or who track PrefCap’s website’s activities and analytics, and Persons engaged to market and/or distribute PrefCap’s products and/or services;
11.16 a third party that may acquire all or part of PrefCap’s business, assets or shares, or that may succeed PrefCap in carrying on all or a part of its business, whether by merger, acquisition, reorganisation or otherwise;
11.17 Persons authorised by a Data Subject;

12. NATURE OR CATEGORY OF PERSONAL INFORMATION COLLECTED BY PREFCAP

12.1 In respect of Clients, security providers, service providers, Suppliers business associates – Personal Information collected by PrefCap directly from them, including Personal Information collected from a third party acting for or on behalf of PrefCap, Personal Information collected from a third party and records of Personal Information generated by PrefCap relating to them, including transactional records, financial records, bank details including bank account numbers and products utilised, bank account statements operational records, databases, records regarding information technology, marketing records, internal and external correspondence, product records, statutory records, internal policies and procedures, supervisory body related records, securities and equities, records held by their officials, shareholder Personal Information, name, identity number, race, nationality, language, gender, telephone number, addresses, e-mail addresses, IP addresses, domain names, biometric special information, vehicle registration, information of their representatives, surveillance records, contracts, location information and information held by third parties including information obtained from credit bureaux, Deeds Offices and the Companies and Intellectual Property Commission, business name, business type and how long a business has been in operation, personal views and preferences and the views of others about them;
12.2 In respect of Employees and Contractors – Personal Information of Employees and Contractors including personal records and information collected from Employees and Contractors, records collected from a third party relating to an Employee or Contractor, employment history, conditions of employment, employment contracts, agreements with Contractors and other related records, internal evaluation records and other internal records, photographs, video material, records of disciplinary and incapacity proceedings, financial records, financial history, correspondence relating to Employees or Contractors, training schedules, -records and -material, qualifications, experience, curriculum vitae, psychometric records, medical history and information, health and disability information, biometric information, pension and provident fund information, bank details, tax and financial information, contracts, beneficiary information, vehicle registration, performance records, payroll records, electronic access records, physical access records, surveillance records, geo location, GPS location, social media profiles and information, personal views and preferences, health and safety records, background checks, criminal records, employment history, application forms, family members’ Personal Information, medical and disability information, Personal Information acquired for processing travel documents, children’s Personal Information including birth certificates and identity numbers, children’s medical information and disability information and children’s information for processing of travel documents;
12.3 In respect of visitors – Personal Information collected including names, identity number and other Personal Information, physical access records, electronic access records, scans and photographs, surveillance records and biometric information;
12.4 In respect of marketing, research and statistics – See paragraph 4.6 above.

13. RIGHT OF ACCESS TO AND RIGHT TO RECTIFY OR CORRECT PERSONAL INFORMATION

13.1 PrefCap shall take reasonably practicable steps to ensure that Personal Information held by it is complete, accurate, not misleading and is updated when necessary;
13.2 A Data Subject has a right of access to its Personal Information held by PrefCap on condition that the requirements for access have been met, that the request is made in the form prescribed by PAIA (as set out in PrefCap’s PAIA Manual) and addressed to PrefCap at its address or e-mail address as stated in paragraph 3 above;
13.3 A Data Subject has the right to submit a request for access to records and Personal Information, on condition that he/she/it has provided to PrefCap, acceptable proof of his/her/its identity and after payment of any fee required by law (if applicable) as set out in Annexure 2 to PrefCap’s PAIA Manual;
13.4 PrefCap will provide access to a Data Subject, to the requested Personal Information or access to its records regarding a Data Subject’s Personal Information on condition that the requirements of PrefCap’s PAIA Manual, POPIA, PAIA and any other relevant legislation (if any) have been met and the prescribed fees as set out in Annexure 2 of PrefCap’s PAIA Manual, have been paid;
13.5 A Data Subject is entitled to request access to Personal Information of third parties on condition that he/she/it has complied with the requirements for access as provided in PAIA and that he/she/it has paid the reasonable fees as determined by PrefCap, set out in Annexure 2 to PrefCap’s PAIA Manual;
13.6 If a public body lodges a request for access to records or Personal Information, the public body must comply with the provisions of PAIA and/or POPIA, and must amongst others, provide sufficient detail to enable PrefCap to determine if such request is in the public interest, as required in terms of the law;
13.7 PrefCap will respond to a request for access to records or Personal Information, within a reasonable time as determined in view of the particular circumstances prevailing at the time;
13.8 A Data Subject has the right to request PrefCap to rectify or correct or delete Personal Information about the Data Subject in PrefCap’s possession or under its control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully or to destroy or delete a record of Personal Information about the Data Subject that PrefCap is no longer authorised to retain as provided in POPIA, by addressing a written request in the form prescribed by POPIA, to PrefCap at the addresses referred to in paragraph 3 of this Privacy Policy. On receipt of the abovementioned request from a Data Subject, PrefCap shall as soon as reasonably practicable, deal with the request as provided in terms of POPIA.

14. RIGHT TO OBJECT TO THE PROCESSING OF PERSONAL INFORMATION

14.1 A Data Subject has the right to object to the Processing of Personal Information collected by PrefCap, as provided in section 11(3) of POPIA, on reasonable grounds relating to his/her/its particular situation or for purposes of direct marketing other than as provided in Section 69 of POPIA, by addressing a written objection in the form prescribed by POPIA, to PrefCap at the addresses referred to in paragraph 3 of this Privacy Policy;
14.2 A Data Subject who wishes to object to the Processing of his/her/its Personal Information, must take cognisance of the consequences of failure to provide the Personal Information to PrefCap as set out in paragraph 8 of this Privacy Policy;
14.3 On receipt of an objection as envisaged in paragraph 14.1, PrefCap shall deal with the objection as provided in terms of POPIA.

15. RIGHT TO LODGE A COMPLAINT TO THE INFORMATION REGULATOR AND THE CONTACT DETAILS OF THE INFORMATION REGULATOR:

15.1 A Data Subject has a right to lodge or submit to the Information Regulator, in the form and manner prescribed in terms of POPIA, a complaint regarding an alleged interference with or violation of the protection of Personal Information of a Data Subject;
15.2 The Information Regulator’s contact details are as follows:

JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
PO Box 31533, Braamfontein, Johannesburg, 2017
Telephone number: +27 (0)10 023 5200
Complaints e-mail address: complaints.IR@ justice.gov.za
General enquiries e-mail address: inforeg@ justice.gov.za

16. CONSENT BY DATA SUBJECT
16.1 PrefCap Processes Personal Information as set out in PrefCap’s PAIA Manual and in line with the requirements of POPIA, PAIA and other relevant legislation. In particular, PrefCap strives to comply with the conditions for lawful Processing of Personal Information as provided in Section 4 of POPIA and as set out in PrefCap’s PAIA Manual;
16.2 Each Data Subject is reminded to familiarise him-/her-/itself with the provisions of PrefCap’s PAIA Manual, POPIA, PAIA and the law and to obtain his/her/its own independent advice (including legal advice) should he/she/it so require;
16.3 PrefCap will accept that a Data Subject has familiarised him-/her-/itself of the provisions of PrefCap’s PAIA Manual, POPIA, PAIA and the law and exercised its right to obtain independent advice as stated in paragraph 16.2 above or that the Data Subject has willingly, without any coercion, dispensed with the necessity to familiarise him-/her-/itself of the provisions of PrefCap’s PAIA Manual, POPIA, PAIA and/or the right to obtain such advice;
16.4 Each Data Subject, by accessing and/or using PrefCap’s website, voluntarily consents to PrefCap collecting and Processing his/her/its Personal Information as provided in this Privacy Policy and PrefCap’s PAIA Manual;
16.5 Each Data Subject hereby specifically consents that PrefCap may perform a credit search on its credit records at any registered credit bureau and to PrefCap requesting and obtaining credit information pertaining to such Data Subject from any credit reporting agency or institution for the purpose of concluding any transaction, and contacting, requesting and obtaining information (for the avoidance of doubt this includes any and all information held on a Data Subject’s profile by any registered credit bureau, including Compuscan Information Technologies (Pty) Ltd (“Compuscan”), including payment profile information) from any credit bureau, including Compuscan (a registered credit bureau), to perform an assessment of the Data Subject’s behaviour, profile, payment patterns, indebtedness, whereabouts and creditworthiness, in any format (including in pdf, xml or raw data string) available from any credit bureau, including Compuscan and to continuously access the Data Subject’s information from such credit bureau, including Compuscan for as long as the Persons acting on behalf of the Data Subject may have a relationship with the Data Subject or the Data Subject may have a relationship with PrefCap or for as long as otherwise provided by law (whichever is the longest). PrefCap may monitor a Data Subject’s payment behaviour by researching his/her/its records at any registered credit bureau and may make any reasonable enquiries to verify and research any details provided by a Data Subject to PrefCap and PrefCap may make any reasonable enquiries to verify and research any details provided by a Data Subject to PrefCap;
16.6 PrefCap may access information obtained in any format, including online, batch and raw xml string and use information and data obtained from any registered credit bureau; PrefCap may record and transmit details (including Personal Information) in respect of a Data Subject’s conduct and performance in respect of his/her/its obligations in terms of any agreement with or concerning the Data Subject;
16.7 PrefCap may submit the Data Subject’s information, including payment profile and default information and any other relevant information as allowed by the National Credit Act, to any credit bureau including Compuscan and may allow any credit bureau including Compuscan to release the information for lawful purposes;
16.8 PrefCap may obtain and disclose any of information of a Data Subject if necessary or if it may be of benefit to him/her/it or where PrefCap is legally compelled to do so, or where it is in the public interest to disclose such information, or where the interests of PrefCap require the obtaining and/or disclosure of such information;
16.9 the credit bureau may use the information provided to it in the normal course of its business and it may be accessed by credit providers and any other registered credit bureau and that this consent may be disclosed to any credit bureau;
16.10 If a Data Subject wants PrefCap not to collect and/or Process his/her/its Personal Information, he/she/it must immediately cease accessing and/or using PrefCap’s website and PrefCap’s systems. Should a Data Subject wish to withdraw any consent previously given by him/her/it (including the consent contained herein), he/she/it must notify the Information Officer thereof in writing. A Data Subject who wishes that PrefCap should not collect or Process his/her/its Personal Information or who wishes to withdraw any consent previously given by him/her/it, must take cognisance of the consequences of failure to provide the Personal Information to PrefCap, as set out in paragraph 8 of this Privacy Policy;
16.11 Insofar it may be necessary, each Data Subject hereby specifically consents to PrefCap Processing his/her/its Personal Information for the purpose of direct marketing by means of, amongst others, any form of electronic communication including automatic calling machines, facsimile machines, WhatsApp messages, SMS’s or e-mail, on condition that PrefCap complies with the law in this regard;
16.12 The form prescribed by POPIA for a Responsible Party to apply for consent of a Data Subject for the Processing of Personal Information for the purpose of direct marketing (Form 4), is reproduced on the next page of this Privacy Policy and it shall be deemed that the form has been signed on behalf of PrefCap and submitted to and signed by or on behalf of each Data Subject using or accessing PrefCap’s website and/or products.

FORM 4: CONSENT BY DATA SUBJECT

17. DISCLAIMER
17.1 PrefCap shall not be liable for any losses incurred or damages suffered by anyone (including Data Subjects) where data was provided by a Person to PrefCap through PrefCap’s website or through the internet;
17.2 PrefCap’s website may contain links or references to other third parties’ websites which are not the property of or under PrefCap’s control. This Privacy Policy does not apply to such third parties’ websites and PrefCap shall not be liable for the Processing practices and/or privacy policies of such third parties and/or their websites or the cookies that those websites may use;
17.3 If a Person posts content to or comment on another party’s posts on a user forum on PrefCap’s website, such Person’s views will be available to all persons who has access to such forum. If a Person publishes any Personal Information on such forum, PrefCap will have no control over how such Personal Information may be used or Processed. PrefCap does not accept any liability in respect of such Personal Information and PrefCap shall be entitled to remove any posts it considers inappropriate;
17.4 No Data Subject shall have any claim against PrefCap in respect of any disclosure of its Personal Information as envisaged in this Privacy Policy and each Data Subject indemnifies PrefCap against any loss or liability as a result of PrefCap acting in terms of any consent and/or authorisation granted as envisaged in this Privacy Policy.

18. AVAILABILITY OF THIS PRIVACY POLICY
This Privacy Policy (as updated from time to time) is available on PrefCap’s website (https://www.prefcap.co.za/) and at its principal place of business during normal business hours (08H30 to 16H30 on normal business days i.e. all weekdays excluding Saturdays, Sundays, official public holidays and other days when PrefCap’s place of business is not open for business as a consequence of restrictions imposed by government e.g. in terms of lockdown regulations as a result of the Covid 19 pandemic).