Smartcall POPI Terms and Conditions

SMARTCALL POPI TERMS AND CONDITIONS

DATA PROTECTION & PRIVACY SCHEDULE

IN RELATION TO

SMARTPHONE (PTY) LTD T/A SMARTCALL (PTY) LTE ta SMARTCALL (PTY) LTE. Referred to in these terms as SMARTPHONE (PTY) LTD

 

TABLE OF CONTENTS

DATA PROTECTION & PRIVACY SCHEDULE

  1. INTERPRETATION
  2. INTRODUCTION
  3. APPOINTMENT
  4. CONSENT
  5. SMARTPHONE’S (PTY) LTD OBLIGATIONS
  6. DATA PROTECTION
  7. DATA PROTECTION
  8. AMENDMENT

DATA PROTECTION & PRIVACY SCHEDULE

1. INTERPRETATION

1.1. Clause headings in this DATA PROTECTION & PRIVACY SCHEDULE (“DPPS”) are inserted for convenience only and shall not be used in its interpretation.
1.2. The provisions of SMARTPHONE (PTY) LTD’s INTERPRETATION SCHEDULE relating to interpretation shall apply and the expressions defined in SMARTPHONE (PTY) LTD’s INTERPRETATION SCHEDULE shall bear the meanings assigned to them therein.
In this DPPS, unless the context clearly indicates a contrary intention, the following words and expressions shall bear the meanings stated opposite them and cognate words and expressions shall bear similar meanings –

1.3.1. CONSENT – any voluntary, specific and informed expression of will in terms of which permission is given for the processing of PERSONAL INFORMATION
1.3.2. CUSTOMER- the Customer of YOU, who for the purpose of this DPPS will be referred to as the DATA SUBJECT
1.3.3. DATA SUBJECT – the person to whom PERSONAL INFORMATION relates
1.3.4. DPPS – this DATA PROTECTION & PRIVACY SCHEDULE together with its schedules and annexures
1.3.5. OPERATOR AND/OR SMARTPHONE (PTY) LTD – a person who processes PERSONAL INFORMATION for a Responsible Party in terms of a contract or mandate, without coming under the direct authority of that party
1.3.6. PARTIES – SMARTPHONE (PTY) LTD and YOU
1.3.7. PERSONAL INFORMATION – information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to –
a) information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
b) information relating to the education or the medical, financial, criminal or employment history of the person;
c) any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
d) the biometric information of the person;
e) the personal opinions, views or preferences of the person;
f) correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
g) the views or opinions of another individual about the person; and
h) the name of the person if it appears with other PERSONAL INFORMATION relating to the person or if the disclosure of the name itself would reveal information about the person
1.3.8. POPIA – Protection of PERSONAL INFORMATION Act, 2013 (Act No. 4 of 2013)

 

2. INTRODUCTION

2.1. SMARTPHONE (PTY) LTD is in the process of aligning our business practices to comply with POPIA.
2.2. In order for SMARTPHONE (PTY) LTD to provide the Services to YOU in accordance with the AGREEMENT, YOU will need provide SMARTPHONE (PTY) LTD with PERSONAL INFORMATION pertaining to the DATA SUBJECT.
2.3. This DPPS set out SMARTPHONE (PTY) LTD and YOUR rights and obligations as to the protection of YOUR and the DATA SUBJECT’s PERSONAL INFORMATION.
2.4. It is of utmost importance to SMARTPHONE (PTY) LTD that when YOU visit SMARTPHONE (PTY) LTD’s IT Platforms YOU are put at ease that the PERSONAL INFORMATION and privacy of YOU and YOUR CUSTOMER is of great importance to SMARTPHONE (PTY) LTD.
2.5. It is important for YOU to note the fact that when YOU and YOUR Customers submit PERSONAL INFORMATION on SMARTPHONE (PTY) LTD’s IT Platform, they –
2.5.1. consent to SMARTPHONE (PTY) LTD collecting, processing and storing such PERSONAL INFORMATION;
2.5.2. consent to SMARTPHONE (PTY) LTD using all information collected from and recorded from YOU for legitimate reasons in compliance with the POPIA.
2.5.3. supply such PERSONAL INFORMATION to SMARTPHONE (PTY) LTD of its own accord and free will;
2.5.4. consent to providing such information to SMARTPHONE (PTY) LTD;

2.5.5. warrants that PERSONAL INFORMATION provided to SMARTPHONE (PTY) LTD is correct and that such PERSONAL INFORMATION is provided to SMARTPHONE (PTY) LTD by an individual possessing the necessary authority from YOU and YOUR Customers.

 

3. APPOINTMENT

3.1. Subject to this DPPS, YOU, as the Responsible Party, hereby appoints SMARTPHONE (PTY) LTD, as the Operator, to provide the Services to YOU.
3.2. In providing the Services to YOU, SMARTPHONE (PTY) LTD will Process PERSONAL INFORMATION belonging to the DATA SUBJECT.
3.3. The Parties hereby confirm that each Party will comply with its obligations in terms of POPIA, with regard to the appointed as set out in 3.1 and 3.2 and this DPPS.

 

4. CONSENT

4.1. Section 11 (1)(a) and (b) (CONSENT, JUSTIFICATION AND OBJECTION) of POPIA states –
“11 (1) PERSONAL INFORMATION may only be processed if –
(a) the DATA SUBJECT or a competent person where the DATA SUBJECT is a child consents to the Processing;
(b) Processing is necessary to carry out actions for the conclusion or performance of a contract to which the DATA SUBJECT is a Party”.
4.2. In light of POPIA and its Regulations, YOU hereby confirm and warrants to SMARTPHONE (PTY) LTD that YOU have entered into an agreement and/or contract with the DATA SUBJECT, in terms of which agreement and/or contact the DATA SUBJECT has Consented to SMARTPHONE (PTY) LTD –
4.2.1. acting as the Operator on behalf of YOU; and
4.2.2. Possessing PERSONAL INFORMATION of the DATA SUBJECT on behalf of YOU.
4.3. In light of 4.2, ANNEXURE 2 – DATA SUBJECT CONSENT sets out proposed wording to be used by YOU, in agreements and/or or contracts with the DATA SUBJECT.

 

5. SMARTPHONE’S (PTY) LTD OBLIGATIONS

5.1. SMARTPHONE (PTY) LTD will –
5.1.1. only process PERSONAL INFORMATION –
5.1.1.1. reasonably required in connection with the performance of its obligations under the Agreement; and
5.1.1.2. in accordance with YOUR written instructions;
5.1.2. comply with all reasonable procedures and processes notified by YOU to SMARTPHONE (PTY) LTD from time to time;
5.1.3. not Process or transfer any PERSONAL INFORMATION outside of South Africa without YOUR prior written consent, which consent shall not be unreasonably withheld.
5.2. Accordingly, YOU hereby instruct SMARTPHONE (PTY) LTD to take such steps in the Processing of PERSONAL INFORMATION on YOUR behalf as is reasonably necessary for the performance of SMARTPHONE (PTY) LTD’s obligations under the Agreement.
5.3. Should SMARTPHONE (PTY) LTD receive any request from a DATA SUBJECT pertaining to the DATA SUBJECT’s PERSONAL INFORMATION or any other request relating to YOUR obligations under POPIA, SMARTPHONE (PTY) LTD will –
5.3.1. immediately notify YOU; and
5.3.2. provide full co-operation and assistance to YOU in relation to any such request including, without limitation, providing YOU with –
5.3.2.1. full details of any such request;
5.3.2.2. any PERSONAL INFORMATION it holds in relation to a DATA SUBJECT in a form specified by YOU within ten (10) days of receipt of the request from a DATA SUBJECT or as otherwise stipulated by YOU or as set out in POPIA.
5.4. SMARTPHONE (PTY) LTD will –
5.4.1. immediately provide YOU with full details of any complaint or allegation that SMARTPHONE (PTY) LTD or YOU are not complying with POPIA or if SMARTPHONE (PTY) LTD becomes aware of any fact or matter that would mean that SMARTPHONE (PTY) LTD or YOU were not complying with POPIA;
5.4.2. immediately provide YOU with full details of any systemic issue relating to SMARTPHONE (PTY) LTD’s IT systems or processes that would mean that SMARTPHONE (PTY) LTD would not able to comply with POPIA; and
5.4.3. assist YOU in taking any action that YOU deem appropriate to deal with such complaint or allegation or non- compliance including without limitation immediately providing YOU with any PERSONAL INFORMATION SMARTPHONE (PTY) LTD holds in relation to a DATA SUBJECT.
5.5. SMARTPHONE (PTY) LTD will not subcontract any of its obligations to Process PERSONAL INFORMATION on YOUR behalf to any third party unless –
5.5.1. SMARTPHONE (PTY) LTD has obtained YOUR prior written consent, which consent shall not be unreasonably withheld or delayed; and
5.5.2. the proposed subcontractor has entered into a contract with YOU, substantially on the same terms and conditions contained in this DPPS.

 

6. DATA PROTECTION

6.1. Section 21 (1) of POPIA states –
“A Responsible Party must, in terms of a written contract between the Responsible Party and the Operator, ensure that the Operator which Processes PERSONAL INFORMATION for the Responsible Party establishes and maintains the security measures referred to in Section 19”.
6.2. Section 19 of POPIA states –
“(1) A Responsible Party must secure the integrity and confidentiality of PERSONAL INFORMATION in its possession or under its control by taking appropriate, reasonable technical and organisational measures to prevent –
(a) loss of, damage to or unauthorised destruction of PERSONAL INFORMATION; and
(b) unlawful access to or processing of PERSONAL INFORMATION.
(2) In order to give effect to subsection (1), the Responsible Party must take reasonable measures to –
(a) identify all reasonably foreseeable internal and external risks to PERSONAL INFORMATION in its possession or under its control;
(b) establish and maintain appropriate safeguards against the risks identified;
(c) regularly verify that the safeguards are effectively implemented; and
(d) ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.
(3) The Responsible Party must have due regard to generally accepted information security practices and procedures which may apply to it generally or be required in terms of specific industry or professional rules and regulations.”
6.3. SMARTPHONE (PTY) LTD will ensure that adequate levels of protection mechanisms are in place will take appropriate technical, physical and organisational security measures designed to protect against unauthorised access, or unlawful processing of the PERSONAL INFORMATION against accidental or unlawful destruction, or loss, or damage to the PERSONAL INFORMATION and shall Process such PERSONAL INFORMATION and/or special personal data or information only in connection with the performance of its Services as set out in the Agreement and in this DPPS.
6.4. The technical and organisational security measures SMARTPHONE (PTY) LTD will implement will include, as a minimum standard of protection –
6.4.1. information security management systems;
6.4.2. physical security;
6.4.3. access control;
6.4.4. security and privacy enhancing technologies;
6.4.5. awareness;
6.4.6. training and security checks in relation to SMARTPHONE (PTY) LTD’s personnel;
6.4.7. incident and response management;
6.4.8. business continuity;
6.4.9. audit controls; and
6.4.10. due diligence.
6.5. SMARTPHONE (PTY) LTD will –
6.5.1. ensure that it has all appropriate technical and organisational measures in place, to ensure and protect the PERSONAL INFORMATION accessed or Processed by SMARTPHONE (PTY) LTD, against unauthorised or unlawful Processing or loss or destruction or damage to PERSONAL INFORMATION;

6.5.2. take all reasonable steps to ensure the reliability of its personnel that will have access to the PERSONAL INFORMATION processed as part of the Services; and
6.5.3. establish and maintain security measures to secure the integrity and confidentiality of any PERSONAL INFORMATION that it processes for YOU.
6.6. In the event that SMARTPHONE (PTY) LTD becomes aware of any security breach that results in the unauthorised use or access to the DATA SUBJECT’s PERSONAL INFORMATION, SMARTPHONE (PTY) LTD will advise YOU immediately.
6.7. See SMARTPHONE (PTY) LTD’s Security Policy here

 

7. TERMINATION

7.1. On expiry or termination of the Agreement for whatever reason, SMARTPHONE (PTY) LTD shall forthwith cease to use or process any PERSONAL INFORMATION of a DATA SUBJECT and shall, at YOUR option –
7.1.1. return, in a format and on storage media that YOU may reasonably specify, all PERSONAL INFORMATION that SMARTPHONE (PTY) LTD (or its subcontractors) have electronically stored (or that is under their possession or control) and upon YOUR confirmation of receipt of the PERSONAL INFORMATION delete or destroy the PERSONAL INFORMATION, in such manner as YOU may reasonably request, including destroying relevant copies and back-ups; or
7.1.2. delete or destroy the PERSONAL INFORMATION, in such manner as YOU may reasonably request, including destroying relevant copies and back-ups.

 

8. AMENDMENT

8.1. SMARTPHONE (PTY) LTD reserves the right, in SMARTPHONE (PTY) LTD’s sole discretion, to amend this DPPS at any time, in any way and from time to time in order to accommodate amendments to South African Legislation or to meet the changing needs of the organisation.
8.2. SMARTPHONE (PTY) LTD will publish the amended DPPS on SMARTPHONE (PTY) LTD’S IT PLATFORM.
8.3. These amendments shall come into effect immediately once published on SMARTPHONE (PTY) LTD’S IT PLATFORM

ENGAGE WITH US