POPIA Policy
WE APOLOGISE FOR THE TYPOGRAPHIC ERRORS. IT IS RECEIVING OUR URGENT ATTENTION.
Policy to comply with the Act on the Protection of Personal Information (No 4 of 2013)
1. Introduction
- Definition:
- “Pool Sure Services” refers to The Deurspring Company trading as Pool Sure Services.
- Aim:
- To effect compliance with the Act on the Protection of Personal Information (No 4 of 2013)within the mission and the scope of the operations of and services provided by Pool Sure Services to customers, services provided to Pool Sure Services by service providers, and employees of Pool Sure Services.
- Purpose:
- To regulate the gathering, processing, and destruction of the subject data (the data subject) by Pool Sure Services (Responsible Party) to:
- Establish what personal information we need,
- Establish how the relevant personal information can be obtained and protected,
- Establish what and how personal information can be shared with third parties, and
- Establish what and how the information will be destroyed.
- To regulate the gathering, processing, and destruction of the subject data (the data subject) by Pool Sure Services (Responsible Party) to:
- Definition:
2. Customers and Service providers
- Description of Data subjects in this section:
- Data subjects refer to persons we dealt with regarding maintenance, pool services or persons providing services to us.
- Existing data subjects (persons we had contact with for work purposes before 30 June 2021)
- Personal information of existing data subjects will be treated as if gathered with consent.
- An opt-out option will be provided for these customers.
- New data subjects
- Potential data subjects must permit Pool Sure Services to document personal information.
- Personal information of new data subjects will be entered into our database of clients on request for an inspection, proposal, or quote for work.
- Personal information will remain in the database till the data subject request Pool Sure Services to destroy or change the information.
- Data subjects referred
- Referred clients or individuals will be informed of the referring source from which we obtained personal information.
- The personal information of referred clients will be entered into the database on request for an inspection, proposal, or quote for work.
- Personal information will remain in the database till the data subject request Pool Sure Services to destroy or change the information.
- Use of information of data subjects:
- Personal information of data subjects is gathered with the sole purpose of quoting, doing work quoted for, invoicing, build a record for future work, for sharing information about pool maintenance and specials run by Pool Sure Services.
- Personal information of data subjects can be shared between staff members, subcontractors and knowledgeable others (i.e. representatives of suppliers) to complete and inspect projects.
- Personal information of data subjects will also be used to follow up on payment and recover costs.
- Additional information may be gathered and used for demographic profiling for strategic management of the business.
- Information gathered:
- The following information will be gathered on job cards, quotes and invoices to do business:
- Name and Surname
- Street address (Number, Street, Suburb) including the name of complex and unit number where applicable.
- Phone number and alternative number
- E-mail address
- Work done
- Other information that may come to our attention that will not be recorded in our formal systems includes:
- banking details via Proof of payment or invoices
- banking details for the purpose of re-funds
- information via e-mail signatures.
- contact details of workers i.e gardeners, domestic workers and tenants.
- The following information will be gathered on job cards, quotes and invoices to do business:
- Process of the gathering of information:
- On receiving a request per phone, the client will be informed that we document the detail given in paragraph 4 a (I to iv) above. “Can you please give me your contact details?” will be considered as sufficient information as it implies willingness from the client to provide us with personal detail.
- On quotes and invoices, the following will be added to obtain written consent by accepting the quote. “Pool Sure Services use personal information to do business, information sharing with the data subjects and strategic planning. Do you agree that Pool Sure Services may use the above information for such purposes? Yes/No“
- For this purpose, quotes should indicate that quotes must be accepted in writing by sending a signed copy of the quote to Pool Sure Services via e-mail, SMS, or WhatsApp.
- Existing data subjects, whose information was obtained prior to the deadline of 30 June, will be informed about Pool Sure Services’ data and the purposes for which Pool Sure intends to use it. An opportunity to opt-out will be provided.
- Data will be kept for seven (7) years according to SARS requirements and the relevant acts on financial information.
- Description of Data subjects in this section:
3. Employees
- Description of Data subjects in this section:
- Data subjects refer to people in full or part-time employment of the company.
- Use of information of data subjects:
- “Personal information of the data subjects is gathered with the sole purpose of managing their employment rights and responsibilities and career advancement.
- Information gathered:
- The following information will be gathered for HR purposes:
- Name and Surname
- Street address (Number, Street, Suburb)
- Phone number
- E-mail address
- Next of kin
- Phone number of next of kin.
- Application information
- Employment Contract
- ID number or Passport number (and copies)
- Gender
- Race
- Language preference
- Banking details
- Tax number
- The following information will be gathered for HR purposes:
- Process of the gathering of information:
- On appointment as an employee, the data subject will be required to fill in a form giving consent to gather and store the data subject’s personal information.
- Data will be kept for seven (7) years after the termination of employment through retirement, resignation, retrenchment, or dismissal per requirements of SARS and the relevant acts on financial information.
- The data subject requests:
- Change of information on request of the data subject will be done as soon as possible on www.payspace.com and hard copies.
- Destroying information by deleting it from online databases will be done in line with paragraph 6 d above.
- Description of Data subjects in this section:
4. Storage and Security
- Storage and Security measures:
- Data will be stored as follows:
- In the database of www.bitrix24.com in the case of customers and service providers, and www.payspace.com in the case of employees (cloud-based storage) for personal detailsSalary informationTax and UIF information
- In the company OneDrive (cloud-based storage)
- In hardcopy in the personnel file of the employee
- Security will consist of
- Security software
- Cloud storage
- Locked safe at the business address.
- Method of destroying information:
- Information will be destroyed by deleting information on computers and the manual shredding and recycling hard copies on request of the data subject, or when Pool Sure Services deems it unnecessary to keep the information any longer per paragraph 6 d.
- Storage and Security measures:
5. Organisational structure
- Information Officer:
- The staff member responsible for compliance issues will act as Information Officer for the company.
- The Information Officer is accountable to the directors of the company.
- Role and responsibility of the Information Officer
- Promote and ensure compliance with the Act mentioned in paragraph 1.
- Deal with a request of data subjects about their personal information.
- Provide information to and collaborate with the Information Regulator concerning investigations or enquiries.
- Other responsibilities may be required to ensure compliance
- Information Officer: