Legal Navigation Menu
The Protection of Personal Information Act
The purpose of The Protection of Personal Information Act 4 of 2013 (hereafter ‘the Act’) is to give effect to the constitutional right to privacy. This is achieved by safeguarding personal information (PI) when processed by a responsible party, Aluma Capital (Pty) Ltd (hereafter ‘the FSP’), subject to justifiable limitations that are aimed at balancing the right to privacy against other rights, particularly the right of access to information; and protecting important interests, including the free flow of information within the Republic of South Africa and across international borders.
The Act regulates the manner in which PI may be processed, by establishing conditions, in harmony with international standards, that prescribe the minimum threshold requirements for the lawful processing of PI. Furthermore, it provides persons with rights and remedies to protect their PI from processing that is not in accordance with the Act.
It is important, however, to realise that the Act does not aim to stem the free flow of information. Its aim is to encourage such flows, but in a secure and responsible manner, finding a balance with the above-mentioned constitutional values. All Financial Services Providers (FSPs) are required to develop and implement a Privacy Policy (hereafter ‘Policy’) that informs existing and prospective clients how they process PI through various activities which could include collecting, receiving, recording, storing, updating, using, transferring or erasing PI.
The FSP is committed to protecting existing and prospective client’s privacy and will ensure that their PI is used appropriately, transparently, and according to applicable law.
Aluma Captial (Pty) Ltd is a leading diversified Asset and Fund Manager as well as an independent FSP offering holistic financial planning. We operate on a category 1 and category 2 licence.
PI is information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including but not limited to: (i) information relating to race, gender, marital status, ethnicity or social origin, age, disability; (ii) an identifiable number, email address, physical address, telephone number, identification number, location information, online identifier; (iii) biometric information; (iv) personal preferences, views or opinions; (v) correspondence of a private or confidential nature; (vi) and a name if it appears with other PI relating to you or if disclosing your name itself will reveal information about you. Therefore, any information about human beings or companies will be deemed to be PI and must be protected by the FSP.1Processing the PI of a child is strictly prohibited, unless such child is legally competent or is assisted by a competent person.
The FSP is responsible for the lawful processing of PI in accordance with the conditions described under chapter 3 of the Act, these principles include:
- Accountability;
- Processing limitation;
- Purpose specification;
- Further processing limitation (information should only be processed for the reason it was originally collected);
- Information quality;
- Openness;
- Security safeguards; and
- Data subject participation.
The type of information collected will depend on the need(s) and will be processed for that specific purpose. Where possible, the FSP will inform the individual as to the information they are required to provide and what information is optional. The FSP may, with explicit consent, supplement the information that is provided with information they receive from other providers to offer a personalized and streamlined experience.
When an individual elects to engage with the financial proposal(s) being offered from the said service providers, these providers may require additional information as they will be subject to the same privacy regulations as this FSP.
From time to time the FSP will collect PI from trusted third parties, in which case it will ensure that the individual has provided consent for their PI to be disclosed to the FSP.
The FSP does not collect PI when using cookies as these are used to obtain information about when and how individuals use the FSP’s website. A cookie is a small text file that is stored on a computer and it holds information such as the identity of the computer or device that was used to access the website, the server address, domain name, the time and date that the website was visited, pages, product and documentation that the individual accessed or viewed as well as the internet browser that was used The FSP uses cookies so that it can provide a more personalised service, communication and products by better understanding its prospective and existing client base and their browsing behaviour to improve their website Internet browsers generally accept cookies automatically, but this setting can be changed to stop accepting them – you can also delete cookies manually. However, no longer accepting cookies or deleting them will prevent individuals from accessing certain aspects of the FSP’s website where cookies are necessary. For more information about cookies go to www.allaboutcookies.org.
The FSP may monitor and record any telephone call that occurs between themselves and an existing or prospective client made to or from their call centre. These calls are recorded to improve service delivery, record the individuals details to update them and or to meet any regulatory requirement The FSP will not sell your PI and no PI will be disclosed to anyone except as provided for in this Policy.
1Information that does not need to comply with the Act is personal information:
- Processed in the course of a purely personal or household activity;
- That has been de-identified to the extent that it cannot be re-identified again;
- Processed by or on behalf of the state and involving national security or the prevention and detection of criminal activities and offences;
- For exclusively journalistic purposes;
- Solely for the purpose of literary or artistic expression;
- Processed by certain government offices;
- Processed by courts.
2‘Consent’ means any voluntary, specific, and informed expression of will in terms of which a data subject agrees to the processing of personal information relating to him or her.
3Refer to Condition 4 (section 15 of POPI).
The FSP will only use PI for the purposes which it was collected and agreed to. This may include:
- Providing products or services and carrying out requested transactions;
- For underwriting purposes;
- Assessing and processing claims;
- Conducting credit reference searches or verification;
- Confirming and verifying an individual’s identity;
- For credit assessment and credit management;
- For purposes of claims history;
- For the detection and prevention of fraud, crime, money laundering or other malpractice;
- Conducting market or customer satisfaction research;
- For audit and record keeping purposes;
- In connection with legal proceedings;
- Maintaining and constantly striving to improve customer relationships;
- Providing individuals with communications regarding the FSP and regulatory matters that may affect you as a client or prospective client;
- Complying with legal and regulatory requirements or when it is otherwise allowed by law.
The FSP will try its utmost to keep the PI collected as accurate, complete, and up to date as necessary for the purposes defined in this Policy, however, it may request you to update your PI.
The FSP may disclose PI to the providers whose services or products clients elect to utilise, and there are agreements in place to ensure that the said providers comply with the FSP’s privacy terms and conditions.
Under certain circumstances the FSP may be required to disclose your PI if required to do so by law or in response to valid requests by public authorities, for example, a court or a government agency.
Furthermore, the FSP may disclose PI if it believes in good faith that such an action is necessary to:
- To protect and defend the rights and property of the FSP;
- To prevent or investigate possible wrongdoing in connection with a service provided;
- To protect the personal safety of users of the services provided or the general public at large;
- To protect against legal liability.
The Act requires the FSP to adequately protect the PI held and avoid unauthorised access and use of PI. The FSP will continuously review their security controls and processes to ensure that PI is secure.
However, because no method of internet transmission or electronic storage is completely secure the FSP cannot guarantee its absolute security.
If the FSP needs to transfer PI to another country for processing or storage they will ensure that any party to whom the PI is passed onto will treat this information with the same level of protection as required from this FSP.
-
• You have the right to enquire from the FSP (at no cost) whether they hold your PI (this information will only be provided once adequate proof of identity has been furnished);
• where necessary, request the correction or deletion of your PI;
• object to, restrict or limit the processing of your PI; and
• object to using your PI for purposes of direct marketing.
The FSP can be contacted and relevant information can be obtained on the numbers or addresses listed below:
Information officer | |
Telephone number | |
Fax number | |
Postal address | |
Physical address | |
Email address | |
Website |
Please note that the FSP may amend this Policy from time to time. Please check the website periodically to inform yourself of any changes.