Privacy Policy
This document was last updated on 29 September 2022.
- process your personal information, which Slyce Online undertake to process strictly in accordance with this privacy policy.
- authorise Slyce Online, its Associates, our Service Providers and other third parties to Process your Personal Information for the purposes stated in this policy.
- “Data Subject” means the person to whom personal information relates.
- “Information Officer or Compliance Officer” means the Information Officer or Compliance Officer who has been appointed by Slyce Online.
- “Person” means a natural or a juristic person.
- “Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
- “Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including –
- the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
- Dissemination by means of transmission, distribution or making available in any other form; or
- Merging, linking, as well as restriction, degradation, erasure or destruction of information.
- “Responsible Party” means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information.
- “Associates” means Slyce Online CC shareholders, subsidiaries and the directors, employees and consultants of Slyce Online or of any of its subsidiaries.
- “Account” means the unique account created for you to access and use our Services.
- “Account Information” means your Personal Information we capture when you sign up for our Services, such as your name, identity or registration number, contact details and physical address for purposes of creating an Account for you.
- “Device” means any electronic device that can access and use the Services, such as a computer, cell phone or a digital tablet.
- “Cookie” means a small file that is placed on your device when you visit a website. In this Policy, a reference to a “Cookie” includes analogous technologies such as web beacons and clear Graphic Interchange Format files (“GIFs”).
- “Operator” means any person or entity that Processes Personal Information on behalf of the Responsible Party.
- “POPIA” means the Protection of Personal Information Act 4 of 2013.
- “Sensitive Personal Information” means Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.
- “Service Provider” means third party providers of various services whom we engage, including, but not limited to, providers of information technology, communication, file storage, data storage, copying, printing, accounting or auditing services, counsel, experts, investigators, correspondent attorneys, translators, taxation consultants and our insurers and professional advisors;
- “Website” means any website operated, or maintained, by us or on our behalf.
Introduction
The Protection of Personal Information Act, 4 of 2013, (POPIA) regulates and controls the collection, use, transfer, and processing of an individual or legal entity’s personal information.
In terms of POPI Act, a “Responsible Party” (in this case Slyce Online) has a legal duty to process a “Data Subject’s Personal information” in a lawful, legitimate, and responsible manner.
In terms of POPIA, all persons who collect, manage, process, transfer, store and/or retain personal information, whether held under a document, record or in any other format has a responsibility to process such information in accordance with the provisions housed under the POPI Act.
To discharge this duty, Slyce Online requires the data subjects expressed and informed permission to process its personal information.
Collection of Personal information
We may collect or obtain Personal Information about you:
- directly from you;
- in the course of our relationship with you;
- in the course of providing services to you or your organisation;
- when you make your Personal Information public;
- when you visit and/or interact with our Website or our various social media platforms;
- when you register to use any of our services;
- when you interact with any third-party content or advertising on our Website; or
- when you visit our offices.
We may also receive Personal Information about you from third parties (e.g., law enforcement authorities).
In addition to the above, we may create Personal Information about you such as records of your communications and interactions with us, including, but not limited to, your attendance at events or at interviews in the course of applying for a job with us, subscription to our newsletters and other mailings and interactions with you during the course of our digital marketing campaigns.
We use your Personal Information in accordance with our Terms and Conditions that we have entered into with you for the access to and use of our Services. We collect your Personal Information directly from you when you sign up to use our Services and/or when we on-board you to open an Account for you and/or when you make use of our web forms (to provide to us your name and contact details). We will only use your Account Information to administer your Account and provide the Services to you.
We do not use your Personal Information for any other purpose than to allow you to use our Services. We may also use your Personal Information to provide and maintain our Services (including the monitoring of our Services and to manage your Account).
We do also use other information (which is not Personal Information) for purposes such as data analysis, identifying usage trends, determining the effectiveness of and to evaluate and improve our services and your experience.
We also collect some information from you using a computer cookie. A computer cookie is a small piece of data stored on your device by our websites when you use or access the websites. The purpose of a cookie is to identify specific users and improve your web browsing experience. Our website uses cookies to give you a personalised experience that suits your online behaviour, which include personalising content and advertisements, providing social media features and to analyse our traffic. We may also from time to time share non-personal information about your use of our websites and with our social media, advertising and analytics partners. You may change your cookie preferences at any time and/or block or disable cookies, but this may cause you to experience difficulties on our website as some functionality relies on the information.
When you access any of our Services, we may collect certain Usage Data automatically from you, including but not limited to, the type of Device you use, your Device’s unique ID, the IP address of your mobile Device, your mobile Device’s operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data. This does not include any Personal Information.
What is the Purpose of the Collection of Personal Information?
We will Process your Personal Information in the ordinary course of the business of providing IT Support and related services. We will primarily use your Personal Information only for the purpose for which it was originally or primarily collected. We will use your Personal Information for a secondary purpose only if such purpose constitutes a legitimate interest and is closely related to the original or primary purpose for which the Personal Information was collected. We may subject your Personal Information to Processing during the course of various activities, including, without limitation, the following:
The purpose for the collection of a Data Subject’s personal information by Slyce Online is to enable us to:
- operating our business;
- comply with lawful obligations, including all applicable, tax and financial legislation (including compliance with any, Consumer Protection Act, the Financial Intelligence Centre Act 38 of 2001 (FICA), the National Credit Act, 34 of 2005 (NCA);
- give effect to a contractual relationship as between the Data Subject and Slyce Online and to ensure the correct administration of the relationship;
- facilitate various operational functions;
- transfer of information to our Service Providers and other third parties; and / or
- recruitment; and
- perform data analyses and to share personal information with third parties for data analyses; and
- to manage and protect the legitimate interests of Slyce Online, the Data Subject or a third party.
All personal information which the data subject provides to Slyce Online will only be used for the purposes for which it is collected.
We may process your Personal Information for relationship management and marketing purposes in relation to our services (including, but not limited to, Processing that is necessary for the development and improvement of our IT Support and related services), for accounts management, and for marketing activities in order to establish, maintain and/or improve our relationship with you and with our Service Providers. We may also analyse your Personal Information for statistical purposes.
We may process your Personal Information for internal management and management reporting purposes, including but not limited to: conducting internal audits, conducting internal investigations, implementing internal business controls, providing central processing facilities, for insurance purposes and for management reporting analysis.
We may Process your Personal Information for safety and security purposes.
Consequences of Withholding Consent or Personal Information
Slyce Online will not be able to assist the data subject with its requirements or provide it with the requested services should the data subject withhold or refuse to provide Slyce Online with the required consent and/or personal information.
Storage, Retention, and Destruction of Information
All personal information which the data subject provides to Slyce Online will be held and/or stored securely and held for the purpose for which it was collected, as reflected herein. The data subject’s personal information will be stored electronically in a centralised database and will be accessible to authorised personnel within Slyce Online. Where appropriate, some information may be retained in hard copy. In either event, storage will be secure and audited regularly to confirm the safety and the security of the information.
Once the data subject’s personal information is no longer required, i.e., since the purpose for which the information was held has been completed, such personal information will be safely and securely stored for a period of 5 (five) years per FICA (the Financial Intelligence Centre Act 38 of 2001). Thereafter, all the data subject’s personal information will be permanently destroyed.
Right to Object
In terms of section 11(3) of POPIA the data subject has the right to object in the prescribed manner to Slyce Online processing the data subject’s personal information. On receipt of the data subject’s objection, Slyce Online will place a hold on any further processing of the data subject’s information until the cause of the objection has been resolved.
How do I control my information?
You have the right to request a copy of the Personal Information we hold about you. To do this, simply contact us at the numbers / addresses as provided in this Privacy Notice and specify what information you require. This will require positive identification to enable us to verify your identity and it might be subject to a fee, as is contemplated by section 23 of the POPI Act.
Updating or Correction of Personal Information Provided to Slyce Online
The Data Subject has a right to request for their personal information to be updated, corrected, or deleted. Slyce Online will require a copy of the data subject’s Identity Document to confirm their identity before making changes to personal information Slyce Online may hold. The data subject is encouraged to provide us with accurate and up-to-date personal information.
What Type of Personal Information is Collected?
The type of information that Slyce Online may be required to collect includes:
- Data subject’s contact name and identity, email addresses, contact telephone numbers, Internet Protocol addresses (IP addresses), cookie identifiers.
- Demographic Information: gender; date of birth / age; nationality; salutation; title; and language preferences;
- Identifier Information: passport or national identity number; utility provider details; bank statements; tenancy agreements;
- Contact Details: correspondence address; telephone number; email address; and details of your public social media profile(s);
- Finance Agreements, Contracts and other legal documents required in the provision of finance facilities, lease agreements and IT contracts
- Bank account details, authorised signatory details, information relating to power of attorney arrangements.
- Any information that the data subject provides to Slyce Online relating to other parties or that other parties provide to Slyce Online in relation to the data subject. Before disclosing information about another party to Slyce Online, consent should be first be given by that party.
- Information which the data subject has consented Slyce Online to make use of. For example, IT information, backups, credentials and network blueprints.
- Slyce Online may collect CCTV images at their office locations, for security reasons and to help prevent fraud or crime.
- Attendance Records: details of meetings and other events organised by or on behalf of Slyce Online that you have attended;
- Data Relating to Your Visits to Our Website: your device type; operating system; browser type; browser settings; IP address; language settings; dates and times of connecting to a Website; and another technical communications information;
- Employer Details: where you interact with us in your capacity as an employee of an organisation, the name, address, telephone number and email address of your employer, to the extent relevant; and
- Content and Advertising Data: records of your interactions with our online advertising and content, records of advertising and content displayed on pages displayed to you, and any interaction you may have had with such content or advertising (including, but not limited to, mouse hover, mouse clicks and any forms you complete).
How and When is Information Collected from the Data Subject?
Slyce Online collects information of a data subject in the following ways, including but not limited to:
- When an account is set up online via the Slyce Online website or via email
- When logging tickets with our helpdesk – telephonically, in person or via email
- When the data subject requests or consents to be added to Slyce Online’s marketing database
- When the data subject uses the Slyce Online website
- When the data subject or other parties give Slyce Online information verbally or in writing. This may be in the format of onboarding documents, through correspondence with us, or lodging a complaint or query.
How Does Slyce Online Use And Process The Data Subject’s Information?
Slyce Online makes use of and processes data subject’s information in various ways to comply with South African legal obligations. Ways in which the data subject’s information may be made use of are:
- Slyce Online may use the data subject’s personal information for matters such as confirming identify, to help in the processing of an application for one of our services or to improve the data subject’s customer experience with Slyce Online.
- To manage and administer the data subject’s account.
- To process transactions for example invoicing, or where a refund is due to the data subject, the data subject’s banking details will be used.
- To contact the data subject by telephone, text message, email, post, or social media, or other means but not in a way that is contrary to the instruction of the data subject, legitimate interest or contrary to law.
- To recover debt that the data subject may owe, and to manage and respond to a complaint or appeal that the data subject may have.
- To conduct marketing activities such as direct marketing (should it not be objected by the data subject to be used) and research, including customer surveys, analytics, and related activities.
To carry out strategic planning and business portfolio management. This could include compiling and processing the data subject’s information for audit, statistical or research purposes (including, in some instances, making data anonymous) to help Slyce Online understand trends in its customer behaviour and to understand risk better, including providing management information, operational and data risk management.
To protect Slyce Online’s business reputation, resources, and equipment, to manage network information and security (developing, testing, and auditing our websites) and other systems, dealing with accidental events, unlawful or malicious actions that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal data, and the security of the related services.
To comply with the data subject’s information rights, to establish the data subject’s identity and to comply with laws and regulations concerning the prevention of money laundering, fraud, and terrorist financing. As a result, Slyce Online may need to disclose information to government and other statutory bodies.
To manage and administer legal and compliance matters within Slyce Online, including compliance and regulatory, legislative, and voluntary codes of practice to which Slyce Online are committed.
The Data Subject is responsible for maintaining the confidentiality of their username, password, banking details and any other security information provided to or chosen by the Data Subject.
Slyce Online Encourages Data Subjects To:
- Use strong passwords and wherever possible, multi factor authentication
- Not share account login details with any person; and
- Change their password on a regular basis.
The Data Subject has a duty for access and computer restriction, or other electronic devices used to access the internet, to any person. The Data Subject shall be liable for any work or quotes authorised placed using their details, by a third party, regardless of whether the third party gained access to the data subject’s electronic device(s) without the necessary informed consent.
Fraudsters may send invoices to users purporting to originate from Slyce Online or make other requests for payment. If there is ever any reason to doubt the authenticity of an invoice with the name of Slyce Online on it or any payment communication, the Data Subject should enquire if the request is authorised and request Slyce Online to confirm if it is a valid invoice.
Does Slyce Online share the Data Subject’s information with Third Parties?
Slyce Online will only share information with a certain number of other parties and only as necessary. Examples of information sharing include:
Statutory and regulatory bodies and law enforcement authorities. These bodies include but are not limited to the following: The Information Regulator (South Africa), Financial Intelligence Centre (FIC), SARS, police authorities, and other designated authorities in connection with combating financial and other serious crime.
Companies that provide support services for the purposes of protecting Slyce Online’s legitimate interests. Data Subjects personal information remains protected when being used by service providers and it is used for the purpose it is shared for. Slyce Online’s service providers includes marketing and market research companies, IT and telecommunication service providers, software development contractors, data processors, banking institutions, document storage and destruction companies, debt collection agencies, computer maintenance contractors, auditors, and other consultants, including legal advisers.
We only share your Personal Information with our service providers and contractors in order to render the Services to you and the Personal Information that we share with them is limited to the minimum amount they require to perform the contracted Services. We do not share your Personal Information with any other third party.
We may disclose your Personal Information to our Associates and Service Providers, for legitimate business purposes, in accordance with applicable law and subject to applicable professional and regulatory requirements regarding confidentiality.
In addition, we may disclose your Personal Information:
- if required by law;
- legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
- third party Operators (including, but not limited to, data processors such as providers of data hosting services and document review technology and services), located anywhere in the world;
- where it is necessary for the purposes of, or in connection with, actual or threatened legal proceedings or establishment, exercise or defence of legal rights;
- to any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including, but not limited to, safeguarding against, and the prevention of threats to, public security;
- to any relevant third-party acquirer(s), in the event that we sell or transfer all or any portion of our business or assets (including, but not limited to, in the event of a reorganisation, dissolution or liquidation); and
- to any relevant third-party provider, where our website uses third party advertising, plugins or content.
If we engage a third-party Operator to Process any of your Personal Information, we recognise that any Operator who is in a foreign country must be subject to a law, binding corporate rules or binding agreements which provide an adequate level of protection similar to POPIA. We will review our relationships with Operators we engage and, to the extent required by any applicable law if force, we will require such Operators to be bound by contractual obligations to:
- only Process such Personal Information in accordance with our prior written instructions; and
- use appropriate measures to protect the confidentiality and security of such Personal Information.
Sensitive Personal Information
Where we need to Process your Sensitive Personal Information, we will do so in the ordinary course of our business, for a legitimate purpose, and in accordance with applicable law.
Why do we retain your Personal Information?
We will retain your Personal Information for as long as you are a customer or for up to five years in accordance with our accounting principles. We will retain and use your Personal Information only to the extent necessary to provide the Services and comply with our legal obligations to resolve disputes and enforce our agreements and policies.
Our service does not address anyone under the age of 18 and we do not knowingly collect Personal Information from anyone under this age.
Accordingly, we continuously review our security controls and related processes to ensure that your Personal Information in our possession or under our control remains secure. All platforms, hardware and software used for this purpose is of a very high, internationally recognised, standard and chosen in part because of adherence to global data protection laws or guidelines.
We do not accept any liability for malicious hacking of our databases to obtain Personal Information, despite our concerted and diligent efforts to protect said Personal Information breaches. We will immediately notify you of a breach, as is required by section 22 of the POPI Act.
International Transfer of Personal Information
We may transfer your Personal Information to recipients outside of the Republic of South Africa.
Personal Information may be transferred outside of the Republic of South Africa provided that the country to which the data is transferred has adopted a law that provides for an adequate level of protection substantially similar to POPIA, the Operator/third party undertakes to protect the Personal Information in line with applicable data protection legislation and the transfer is necessary in order to provide the legal and other related services that are required by Slyce Online’s clients.
Data Security
We implement appropriate technical and organisational security measures to protect your Personal Information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.
Where there are reasonable grounds to believe that your Personal Information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the relevant regulator and you, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs us that notifying you will impede a criminal investigation.
Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Information that is in our possession, we cannot guarantee the security of any information transmitted using the internet and we cannot be held liable for any loss of privacy occurring during the course of such transmission.
We must, in terms of section 19 of the POPI Act, secure the integrity and confidentiality of your Personal Information that is in our possession or under our control, by taking appropriate, reasonable technical and organisational measures to prevent the loss of, damage to or unauthorised destruction of your Personal Information and unlawful access to, or Processing of, Personal Information.
Data Accuracy
The Personal Information provided to Slyce Online should be accurate, complete and up-to-date. Should Personal Information change, the onus is on the provider of such data to notify Slyce Online of the change and provide Slyce Online with the accurate data.
Data Minimisation
Slyce Online will restrict its processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.
Your Legal Rights
You may have rights under the South African and other laws to have access to your Personal Information and to ask us to rectify, erase and restrict use of your Personal Information. You may also have rights to object to your Personal Information being used, to ask for the transfer of Personal Information you have made available to us and to withdraw consent to the use of your Personal Information.
Cookies And Similar Technologies
We may Process your Personal Information by our use of Cookies and similar technologies.
When you visit our Website, we may place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law. We use Cookies to record information about your device, your browser and, in some cases, your preferences and browsing habits. We may Process your Personal Information through Cookies and similar technologies, in accordance with our Cookie Policy.
Direct Marketing
We may Process your Personal Information for the purposes of providing you with information regarding services that may be of interest to you. You may unsubscribe for free at any time.
If you currently receive marketing information from us which you would prefer not to receive in the future, please email us using the details provided below.
Information Officer Contact Details
Should you have any questions pertaining to personal data being collected, stored, shared, or processed by Slyce Online, or if you wish to exercise any of your data rights, queries can be directed to the Slyce Online Information Officer:
Telephone: +27 (10) 590 6337
Email: info@slyce.co.za