- Cookie(s) means a small text file (up to 4KB) created by a website that is stored in the user’s computer either temporarily for that session only OR for a period with a reasonable expiry date OR permanently on the hard disk (persistent cookie). Cookies provide a way for the website to recognise you and keep track of your preferences.
- Data means information in electronic format.
- Data Subject means the person to whom personal information relates to.
- IP Address means a unique address that identifies a device on the Internet or local network.
- Personal Information means information relating to you or any other living person or existing legal entity, including but not limited to –
- information relating to the race, gender, sex, pregnancy, marital status, nationality, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
- information relating to the education or the medical, financial, criminal or employment history of the person;
- any identifying number, symbol, e-mail address, physical address, telephone number or other particular assignment to the person;
- correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
- the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person, provided that such information is not in the public domain in the same or in a different format or held by a public body and publicly accessible.
- POPIA means the Protection of Personal Information Act 4 of 2013.
- Regulator means the Information Regulator.
- GapRisk, “we”, “us”, “our” means GapRisk.
- Traffic Data means any data processed for the purpose of the conveyance of a communication on an electronic communications network in respect of the communication and included data relating to the routing, duration or time of a communication.
- User means a person who uses a computer and/or device to access this website.
- De-Identify means to delete any information that identifies a data subject or which can be used by a reasonably foreseeable method to identify, or when linked to other information, that identifies the data subject.
- Web browser means an application used to access and view this website. Well known web browsers include Google Chrome, Mozilla Firefox, Internet Explorer, Edge and Safari.
- Third Party means any affiliated party that we need to share your personal information with, in order to process your personal information for the purpose intended for the product and/or services you signed up for.
2. COLLECTION OF YOUR PERSONAL INFORMATION
We collect and process your personal information mainly to provide you with access to our services and products, to help us improve our offerings to you and for certain other purposes explained below.
The type of information we collect will depend on the purpose for which it is collected and used. We will only collect information that we need for that purpose.
We collect information directly from you where you provide us with your personal details, for example when you purchase a product from us or when you submit enquiries to us or contact us. Where possible, we will inform you what information you are required to provide to us and what information is optional.
3. USE OF YOUR PERSONAL INFORMATION AND DISCLOSURE THEREOF
GapRisk collects and uses your personal information to deliver the services you have requested. GapRisk may also contact you from time to time via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
GapRisk does not sell, rent or lease its customer lists to third parties.
In addition, GapRisk will share data with trusted partners to help us provide you with value added services, send you email or postal mail or provide customer support. All such third parties are prohibited from using your personal information except to provide these services to GapRisk and you as our client, and they are required to maintain the confidentiality of your information according to these privacy terms.
Our third-party affiliations are partners we have agreements with pertaining to a specific service(s) or product(s) you have signed up for. Your personal information will be used only for the purpose for the third-party to provide the contracted service or product to you and your family.
Additionally, each of these affiliated companies may make use of additional third-parties, which should be listed under their specific Privacy Policies.
We may also be required to use your personal information to comply with legal and regulatory requirements or industry codes to which we subscribe or which apply to us, or when it is otherwise allowed by law (for example to protect GapRisk’s interests).
4. INFORMATION SECURITY
We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorised access and use of personal information. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your personal information is secure.
Our security policies and procedures cover all aspects of Information Security amongst others;
- Physical security;
- Device & Network security;
- System Access;
- Secure communications;
- Security in contracting out activities or functions;
- Retention and disposal of information;
- Governance and regulatory issues;
- Investigating and reacting to security incidents.
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information, that we remain responsible for, is kept secure.
If for any reason we may need to transfer your personal information to another country for processing or storage, we will ensure that anyone to whom we pass your personal information onto, agrees to treat your information with the same level of protection as we are obliged to.
Wherever personal information is transmitted electronically to you or to a third party, the document is password protected to safeguard your information from any unauthorised access.
Where it is determined that a reasonable period has passed and we no longer are required to retain your information for the purposes for which it was collected, our Data Retention Policy requires us to either destroy, or if that is not possible, to implement data masking of the personal information that we maintain of you.
5. CORRECTION OF AND ACCESS TO PERSONAL INFORMATION
In certain cases, you have the right to object to the processing of your personal information. You also have the right to ask us to update, correct or delete your personal information. You may do this by contacting us at the numbers/addresses provided below.
You also have the right to know what personal information we hold about you. If you wish to receive a copy, please complete a form called a “Personal Information Request Form” downloadable here and specify the information you would like.
In all cases, we will take all reasonable steps to confirm your identity before making changes to or providing the personal information we may hold about you.
Please note that we are entitled to charge a legally allowable fee for this service and will let you know what it is at the time of your request. The general cost can also be viewed on our PAIA Manual which is also located on this website.
GapRisk makes use of Google Analytics, which is one of the most widespread and trusted analytics solutions on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page.
You have the option to opt-out or disable cookies at any time on your computer or browser. Be aware that disabling cookies may affect the functionality of the website. Disabling cookies will usually result in also disabling certain functionality and features of the site. Therefore, it is recommended that you do not disable these.
To disable cookies in the most popular browsers, please follow these links:
7. YOUR ACCEPTANCE AND CONSENT
If you do not agree to all the terms and conditions, please do not continue to use the website.
9. HOW TO CONTACT US
If you have questions about this policy or believe we have not adhered to it, or need further information about our privacy practices or wish to give or withdraw consent, exercise preferences or access or correct your personal information, please contact us at the following numbers/addresses:
10. INFORMATON REGULATOR
Their contact details are:
The Information Regulator (South Africa)
JD House, 27 Stiemens Street
P.O Box 31533
General enquiries: email@example.com.
Complaints (complete POPIA/PAIA form 5)
Should your PAIA request be denied or there is no response from a public or private
bodies for access to records you may use this email address to lodge a complaint:
Should you feel that your personal information has been violated,
you may use this e-mail address to lodge a complaint: