Last updated 02 August 2021
What is this?
When you interact with us, you share Personal Information that we use to make available and improve our services to you. We respect your privacy and are committed to protecting your Personal Information. We want to be transparent with you about how we collect and use your Personal Information in making available (i) our website at www.lumico.co.za (the Site) and (ii) any related services as described in any agreement we have with you (collectively, the Services).
Who we are and how to contact us
Who we are
How to contact us
You can contact us by emailing firstname.lastname@example.org if you have any questions, comments or concerns regarding our use of your Personal Information.
Your rights relating to your Personal Information
Under certain circumstances, by law, you have the right to:
- Request access to, and receive a copy of, your Personal Information and check if we are lawfully processing it.
- Report incomplete or inaccurate information, and request the correction of the Personal Information that we hold about you.
- Object to the processing of your Personal Information.
- Request that any or all of your Personal Information is deleted or removed if there is no longer a lawful reason for us to process it.
- Request the transfer of your Personal Information that you initially provided consent for us to use or where we have used this information to perform a contract with you.
- Withdraw your consent for us to process your Personal Information.
If you want to exercise any of the rights described above, please contact us by sending an email to email@example.com.
You will not have to pay a fee to request whether or not we hold personal information about you. However, if you require a record or a description of the Personal Information that we hold, including information about any third parties that we have shared or who have access to your Personal Information, we may charge a reasonable fee before we are able to comply with your request. We will communicate the exact fee before complying with your request.
We may need to request specific information from you to help us confirm your identity and your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it.
Marketing and communications preferences
We would like to send you information about our products and services, and those of our clients, which may be of interest to you. We will only send you marketing messages if you are a customer of ours, or a customer of our clients, or when you opt in to receiving these messages.
If you have consented to receive such marketing from us, you can opt out at any time by clicking on the “UNSUBSCRIBE” button at the bottom of the email.
Information collected by us
Why do we collect your Personal Information?
We will only use your Personal Information for the purposes for which we collected it, as listed below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose that you provided the Personal Information to us, or to our clients.
In respect of each of the purposes for which we use your Personal Information, POPIA requires that we have a legal basis for that use. Most commonly, we will rely on one of the following legal bases:
- Where we have your specific consent to carry out the processing for the Purpose in question (Consent).
- Where we need to perform a contract we are about to enter into or have entered into with you (Contractual Necessity).
- Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (Legitimate Interests).
- Where we need to comply with a legal or regulatory obligation (Compliance with Law).
What Personal Information we collect and how we use it
In the course of providing the Services, we collect the following personal information, either when it is provided to us by you, where we derive it from your use of the Services, or when it is provided to us through a third party
- Identity Data (First name, surname, company name, trading name): We use this to authenticate you as a customer and to keep a record of the Personal Information that we process.
- Contact details (telephone number, email address, physical address): We use this to communicate with you.
- Summaries of conversations: We use this data that you provide to us when you report a problem or ask a question in respect of our Services or when you request further services from us. If you contact us, we may keep a record of that correspondence. We use this to provide more information about the Services or help resolve issues experienced using the Services.
- Marketing preferences: We use this to determine whether and how we communicate with you to promote our Services or those of our clients.
We only collect Personal Information, on the terms set out in this policy, of children under the age of 18 with the explicit consent from their parent or guardian. If you are a parent or guardian of a child under the age of 18 who has provided consent for our collection of their Personal Information, you can at any time request us to tell you what we have about the minor child and also ask us to delete it at any time. We will ask you to prove your relationship to the child and, if you do so, you may (subject to applicable law) request access to and deletion of that child’s personal data.
Personal Information About Other Individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on their behalf and has agreed that you can: (i) give consent on their behalf to the processing of their personal data; (ii) receive on their behalf any data protection notices; and (iii) give consent to the transfer of their personal data.
What happens if you do not provide necessary Personal Information?
Where we need to process your Personal Information either to comply with law, or to perform the terms of a contract we have with you, and you fail to provide that data when requested, it may affect the quality and level of service that we can provide to you. This may range from a lack of personalisation, and simple convenience, all the way to not technically being able to provide a service. In this case, we may have to stop you using our Services. We will notify you if this is the case at the time.
Information we collect automatically
You can typically remove or reject cookies through your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the settings, help tools or edit facility). Many browsers are set to accept cookies until you change your settings.
With whom do we share your Person Information
The table below describes who we share your Personal Information with, what we share and why we share it.
Why we share it
We use a range of partners in order to provide our Services to you. These partners include those that:
● enable us to manage our workflows;
● process our accounting transactions;
● manage our communications;
● collect and store data; and
● facilitate payments.
Our lawyers, bankers, auditors, BEE advisors, and insurers, provide consultancy, banking, legal, insurance and accounting services.
Regulators and other authorities
Authorities may require reporting of processing activities in certain circumstances
Our analytics providers will use this information for the purpose of evaluating your use of our Site, compiling reports on Site activity and providing other services relating to Site activity and internet usage. Our analytics providers may also transfer this information to third parties where required to do so by law, or where such third parties process the information on our analytics providers’ behalf.
We use all reasonable efforts to ensure that people who we share or transfer your Personal Information to hold it subject to appropriate safeguards and controls. Whenever we transfer your Personal Information out of South Africa to third parties, we ensure that a similar degree of protection is afforded to it by those third parties, either through our agreements with them, or through the laws relating to the protection of personal information in the country where the respective service provider is located.
How we keep your Personal Information secure
We have put in place procedures to deal with any actual or suspected Personal Information breach. We will notify you and help guide you through steps to mitigate any damage and stay better protected. In the event of any such breach, we have systems in place to work with the Information Regulator. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of breaches affecting your Personal Information.
We do our best to protect your personal data through various security measures. If you would like more information about the security measures we adopt, please email us at firstname.lastname@example.org.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the Internet is not entirely secure. For this reason, we cannot guarantee the security or integrity of any Personal Information that is transferred from you or to you via the Internet.
How long we store your Personal Information.
We will only retain your Personal Information for as long as we reasonably need to use it for the purposes set out above, that is, for as long as you remain a customer of ours, unless a longer retention period is required by law (for example for regulatory purposes).
We keep all of your personal information only as long as we need it for the purpose for which you gave us consent and as long as it is legally required if the latter requires us to keep it longer. We have policies in place which we review regularly to ensure that we do not hold on to unnecessary personal information.
If you feel that your complaint has not been adequately resolved, POPIA gives you the right to contact the Information Regulator. You can contact the Information Regulator at email@example.com.