PRIVACY NOTICE

 

This privacy notice (“Privacy Notice”) applies to how Empisa collects, uses and processes the user’s personal information when he/she uses any of Empisa’s services, the website, and any applications.

 

 

  1. Introduction and scope

 

  • This Privacy Notice, which must be read together with the Terms, sets out the basis on which any Personal Information (defined in paragraph 2 below) collected from or provided by the user, will be collected, used, stored and processed by Empisa when the user uses the website and/or the services. Unless defined elsewhere, terms in this Privacy Notice shall bear the same meaning ascribed to it in the Terms.

 

  • Empisa is committed to protecting and respecting the user’s privacy. It strives to ensure that its use of the Personal Information is lawful, reasonable, and relevant to its business activities.

 

  • By using the website or otherwise agreeing to the Terms, the user agrees to be bound by this Privacy Notice and, by agreeing to this Privacy Notice, the user hereby expressly consents and agrees that Empisa may collect, receive, record, organise, collate, store, update, change, retrieve, read, process, use and share the user’s Personal Information as set out in this Privacy Notice. Any one or more of the aforesaid actions constitutes “Processing” of the Personal Information.

 

  • Should the user not agree with this Privacy Notice or is concerned about any aspect as it relates to the Personal Information, the user must immediately cease use of the website.

 

  • This Privacy Notice applies to Empisa, and its successors-in-title and the user who browses, uses, accesses, refers to, views and/or downloads the information made available by Empisa on the Website (“Content”) and/or makes any information available to Empisa via the Website.

 

  • This Privacy Notice does not apply to other third-party websites, products or services, linked to, from, or advertised on the Website.

 

 

  1. Defining Personal Information

 

  • “Personal Information” includes information the user provides to Empisa when the user signs up to the website or is otherwise uploaded by the user onto the website, or automatically when the user visits the website or use Empisa’s services. Personal information does not include de-identified or anonymous information. Empisa may also collect mainly analytical data, including from cookies, web beacons and the user’s browser directly. The user may be requested to provide the following information to Empisa when the user signs for the Services, though same is not a complete list:

 

  • Business details, including but not limited to, name of the business, industry, location, services provided, registration number, VAT registration number; and

 

  • Certificates, including but not limited to, CIPC certificate, tax clearance certificate, B-BBEE certificate/affidavit, letter of good standing, and

 

  • Contact information, including but not limited to, telephone number, e-mail address, physical and postal address and the business’ website details; and

 

  • Contact information for business’ point of contact, technical advisor and sales representative.

 

  • Financial and tax information and records.

 

  • Other information which might be Personal Information may include:

 

  • “Access Device and Device event information”: Empisa may collect information such as the user’s IP address, unique device identifier, the nature of the Access Device which the user used to access the website (e.g. a tablet or smart phone), the geographic location from which the user accessed the website (i.e. the geographic location of the Access Device), hardware model and settings, operating system type and version, browser language, system activity, crashes;

 

  • “log information”: When the website is used, Empisa may automatically collect and store certain information in server logs (i.e. the web servers automatically record and maintain a log of their activities when users access the website , which may include the user’s “site activity information”, such as details of how, when and for how long the user accessed the website, what links the user went to, what content the user accessed, the amount of content viewed and the order of that content and the amount of time spent on the specific content;

 

  • “profile information”: Empisa may collect and process information and data usage per profile to make targeted recommendations to that profile when logged in to using the website;

 

  • “location information”: Empisa may use various technologies to determine the user’s actual location, such as geographical data from the Access Device (which is usually based on the GPS or IP location).

 

  • Some of the information that Empisa receives is Personal Information, and some is non-personal information that becomes personal. In some circumstances Empisa will de-identify, anonymise or segregate information so that it may make use of it in aggregate form without treating it as Personal Information.

 

 

  1. When will Personal Information be processed?

 

  • In addition to paragraph 4 below, Personal Information may be processed by us in several ways, including, when:

 

  • the user accesses, browses or make use of the Website, and/or the Services;

 

  • the user streams, accesses or make use of the content;

 

  • Empisa provides Services to the user;

 

  • the user contacts Empisa, by email or telephonically;

 

  • Empisa carries out demographic research; and

 

  • the user submits his/her Personal Information to Empisa for any other reason, or authorise third parties to do so.

 

 

  1. How Personal Information will be collected

 

  • Empisa collects the user’s Personal Information in various ways, namely actively from the user, passively from the user’s Access Device when the Website is used or from Empisa’s affiliates and third-party service providers.

 

  • Active collection:

 

  • the instances set out in paragraph 3 above.

 

  • If the user contacts Empisa, it may keep a record of that correspondence.

 

  • Collection from the Access Device

 

  • Empisa passively collects some of the user’s Personal Information from the Access Device which is used to access the Website using various technological means, for instance, using server logs to collect and maintain log information.

 

  • Empisa also uses cookies and anonymous identifiers which enable its computer system to recognise the user when he/she visits the website to distinguish the user from other users and to improve Empisa’s service to the user, to make the website more user-friendly, as well as to give the user a more personalised experience.

 

  • A cookie is a small piece of data (an alphanumeric identifier) which Empisa’s computer system transfers to the Access Device through its web browser when the user visits the Website, and which is stored in the user’s web browser. When the user visits the Website, the cookie allows the site to recognise the user’s browser. Cookies may store user preferences and other information.

 

  • The user may disable the use of cookies by configuring his/her browser to refuse all cookies or to indicate when a cookie is being sent. However, should the user elect to do so, he/she may not be able to enjoy all of the features and functionality of the Website.

 .

  • The information which Empisa may passively collect from the Access Device may include the user’s identifying information, contact details, Device and Device event information, site activity information, log information, location information, and any other information which the user permit Empisa, from time to time, to passively collect from the Access Device.

 

 

  1. Use of Personal Information

 

  • Empisa uses the information collected to provide, maintain, and improve the services, to develop new services, and to protect itself, its services and its users. Empisa constantly strives to improve its users’ experience, and it therefore also uses the information collected to offer more relevant information and content.

 

  • The use of Personal Information may relate or be required to:

 

  • to retain and make available to the user information on the Website;

 

  • to establish and verify the user’s identity on the Website;

 

  • fulfil the user’s requests for certain Services;

 

  • diagnose and deal with technical issues and support queries and other user queries, such as problems with the server, determine the optimal and fastest route for the Access Device to use in connecting with the website, and administer, maintain and secure the website;

 

  • detect, prevent or deal with actual or alleged fraud, security or the abuse, misuse or unauthorised use of the website and/or contravention of this Privacy Notice;

 

  • provide the user with the latest information about the services, subject to the user’s communications preferences;

 

  • to communicate with the user and maintain records of such communications, including to inform the user about any changes to the website and services or any other changes;

 

  • compile non-personal statistical information about browsing habits, click patterns and access to the website;

 

  • improve the website, analyse trends and administer the website, including requesting feedback on content and the services;

 

  • fulfil any contractual obligations Empisa may have;

 

  • improve the user’s experience and the overall quality of the services;

 

  • for security, administrative and legal purposes; and

 

  • other activities not specifically mentioned which are lawful, reasonable, relevant to Empisa’s business activities and the minimum necessary and adequate in order for it to provide the website and the services.

 

  • In certain circumstances and subject to the user’s preferences as indicated when he/she provided the relevant Personal Information, the user agrees that Empisa may also make his/her Personal Information available to Empisa’s affiliates, members, or strategic/industry partners (“Partners”) for them to use. Such use by a Partner shall be in accordance with this Privacy Notice, to the extent applicable.

 

 

  1. Sharing of Personal Information

 

  • Empisa will not intentionally disclose any of the Personal Information to third parties, except:

 

  • where the user has granted permission to do so;

 

  • for the purposes of Empisa’s legitimate business interests, or

 

  • where Empisa is required to do so in terms of applicable law or regulation.

 

  • The user hereby expressly agrees that his/her Personal Information may be shared under the following circumstances:
    • with affiliates, agents, advisers, service providers and suppliers which have agreed to be bound by this Privacy Notice;

 

  • with Empisa’s employees, contractors and agents if and to the extent that they need to know that information in order to process it and/or to provide services for or to Empisa, such as site hosting, development and administration, technical support, marketing services and other support services;

 

  • in order to enforce or apply the Terms;

 

  • in order to protect Empisa’s rights, property or safety or that of other users, employees, contractors, agents and any other third party;

 

  • in order to mitigate any actual or reasonably perceived risk to Empisa, other users, employees, contractors, agents or any other third party; and

 

  • with governmental agencies, exchanges and other regulatory or self-regulatory bodies if Empisa is required to do so by law or if Empisa reasonably believes that such action is necessary.

 

  • Empisa may use the Personal Information to compile profiles for statistical purposes, provided that the profiles or statistical data cannot be linked back to the user by a third party.

 

  • Empisa will obtain the user’s permission before disclosing his/her Personal Information to any third party for any other purpose.

 

  1. Acceptance

 

  • The user may not use any of Empisa’s services or visit the website unless he/she accepts this Notice.

 

  1. Storage and transfer of your Personal Information

 

  • The Personal Information is stored on Empisa’s servers and/or on third party servers.

 

  • Empisa reserves the right to transfer to and/or store the Personal Information on servers in a jurisdiction other than where it was collected, and such jurisdiction may not have comparable data protection legislation.

 

  • If the location that Personal Information is transferred to does not have substantially similar laws which provide for the protection of Personal Information, Empisa will take reasonably practicable steps to ensure that the Personal Information is adequately protected in that jurisdiction.

 

  1. Security

 

  • Although absolute security cannot be guaranteed on the Internet, Empisa takes reasonable technical and organisational security measures to protect the Personal Information against accidental or intentional manipulation, loss, misuse, destruction or against unauthorised disclosure or access to the information that it processes online.

 

  • While Empisa cannot ensure or warrant the security of any Personal Information provided to it, it will continue to maintain and improve these security measures over time in line with legal and technological developments.

 

  • Empisa will take reasonable, practicable steps to ensure that the persons to whom the Personal Information may be disclosed in terms of this Privacy Notice have implemented, and maintained, the appropriate technical and organisational measures aimed at preventing unauthorised access to, or disclosure of the Personal Information.

 

 

  1. Retention of the Personal Information

 

  • Empisa may retain all Personal Information that it collects so long as it remains necessary for the purposes for which it was collected unless there is a valid technical, legal or business reason for it to delete, destroy or de-identify it.

 

  • Further, Empisa may keep some of the Personal Information for as long as it is required by law, a code of conduct or reasonably required for lawful purposes related to its functions and activities; or for evidentiary purposes or where the user agrees to Empisa keeping it for a specific period.

 

  1. Keeping the Personal Information updated and correct

 

  • To the extent required by law, Empisa will take steps to ensure that the Personal Information is accurate, complete, not misleading, and up to date having regard to the purpose for which the information was collected or used.

 

  • The user must inform Empisa if he/she believes that any information collected is incorrect, incomplete, misleading or out of date.

 

  • The user may request that the Personal Information be deleted if it is no longer required for the purposes for which it was collected or required by Empisa in terms of any applicable law.

 

  1. Third party sites

 

  • Empisa is not responsible for the privacy practices of a third-party site to which there may be a link on the Website, and/or any content on the website.

 

  • Empisa advises the user to read the terms and conditions, as well as the privacy Notice of each site which the user visits and to determine his/her privacy settings in accordance with his/her personal preferences.


Direct marketing

 

  • When the user uses the website, and/or the services he/she may receive marketing communications from Empisa.

 

  • The user may refuse to accept, require Empisa to discontinue, or pre-emptively block any approach or communications from Empisa if that approach or communication is primarily for the purpose of direct marketing (“direct marketing communications”).

 

  • The user may opt out of receiving direct marketing communications from Empisa at any time by requesting it (in any manner, whether telephonically, electronically, in writing or in person) to desist from initiating any direct marketing to the user.

 

  • If the user has opted-out, Empisa may send him/her written (which may include electronic writing) confirmation of receipt of the opt-out request, and not send him/her any further direct marketing communications.

 

  • The user may (in terms of the Consumer Protection Act, 2008) register a pre-emptive block against direct marketing communications. If he/she does so, Empisa will not send him/her direct marketing communications unless he/she has expressly consented to receiving direct marketing communications from Empisa.

 

  1. Changes to this Privacy Notice

 

  • Empisa change this Privacy Notice from time to time.

 

  • The user hereby agrees to review the Privacy Notice whenever he/she visits the website, for any amendments. Save as expressly provided to the contrary in this Privacy Notice, the amended version of the Privacy Notice shall supersede and replace all previous versions thereof.

 

  • Empisa will not use or disclose Personal Information provided to it pursuant to this Privacy Notice in ways other than the ones contemplated above, without informing the user and providing him/her with the opportunity to consent to such modified conditions concerning the use and disclosure of his/her Personal Information.

 

  1. CPA, POPI and other laws

 

  • If this Privacy Notice or any provision in this Privacy Notice is regulated by or subject to the Consumer Protection Act, 68 of 2008 (“Consumer Protection Act”) the Protection of Personal Information Act, 4 of 2013 (“POPI”) or other laws, it is not intended that any provision of this Privacy Notice contravenes any provision of the Consumer Protection Act, POPI or such other laws. Therefore, all provisions of this Privacy Notice must be treated as being qualified, to the extent necessary, to ensure that the provisions of the Consumer Protection Act, POPI and such other laws are complied with.

 

  • No provision of this Privacy Notice:

 

  • does or purports to limit or exempt Empisa from any liability (including, without limitation, for any loss directly or indirectly attributable to our gross negligence or willful default or that of any other person acting for or controlled by it) to the extent that the law does not allow such a limitation or exemption;

 

  • requires the user to assume risk or liability for the kind of liability or loss, to the extent that the law does not allow such an assumption of risk or liability; or

 

  • limits or excludes any warranties or obligations which are implied in this Privacy Notice by the Consumer Protection Act (to the extent applicable), POPI (to the extent applicable), or other applicable laws or which Empisa gives under the Consumer Protection Act (to the extent applicable), POPI (to the extent applicable), or other applicable laws, to the extent that the law does not allow them to be limited or excluded.

 

 

  1. Governing law

 

  • The contents of this Privacy Notice shall be governed by South African law.

 

  • If any provision of this Privacy Notice is judged to be illegal, void or unenforceable due to applicable law or by order of a court of competent jurisdiction it shall be deemed deleted and the continuation in full force and effect of the remainder of the provisions will not be prejudiced.