popi Privacy Statement

Our Privacy Statement in line with the implementation of Protection of Personal Information Act of 2013

INTRODUCTION

 You have a constitutional right to privacy which requires your personal information to be protected. Your trust is invaluable to our company and we will therefore treat your information as if it were our own, protecting it at all times.

The purpose of this statement is to outline how Murron Wealth Management collects, uses, shares and processes your personal information in line with this Act.

When we refer to processing of personal information, this includes any activity in which the information is handled, from the time that it is collected, up to the time that the information is destroyed, regardless of manual or automated processing.

 

 OUR PRIVACY PROMISE TO YOU

 We undertake to enforce compliance with the Act at all times.  Process your personal information lawfully and not to infringe unnecessarily on your privacy.

The purpose of the requested information will be explained to you and will include the following dependent on the type of service you require:

  • name
  • gender
  • marital status
  • nationality
  • age
  • language preference
  • date of birth
  • education information
  • employment and income details
  • financial and criminal history
  • tax and ID numbers
  • email address, physical address and telephone numbers
  • medical history and existing medical conditions

You will be asked to provide us with consent to process your personal information.

We will stop processing your personal information if you withdraw your consent.

All personal information will be collected directly from you unless:

  • the information is of public record or
  • you consented to the collection of your personal information from a third party
  • the information to be collected is necessary for the maintenance of law and order, court proceedings or national security
  • the information is being collected to comply with a legal obligation i.e. SARS and the Financial Intelligence Centre

Where we do not seek consent, the processing of your personal information will be due to a legal obligation placed upon us.

We will retain your records for the minimum period required by law unless either party terminates the relationship.

We will destroy your records as soon as reasonably possible after the expiry of the period we are legally obliged to hold the records.

 

YOUR RIGHTS

 You may withdraw your consent at any time in writing.  This can be directed to leigh@murron.co.za.

Where we process your information without consent to protect a legitimate interest you have the right to object to such processing.

You are entitled to lodge a complaint regarding our application of POPI with the Information Regulator.

 

INFORMATION OFFICER

 Our Information Officer is currently Leigh Howell who is a member of our management team.  She can be contacted on leigh@murron.co.za or (043) 721 0778. Her duties and responsibilities include:

  • ensuring compliance with POPI
  • developing, implementing, monitoring and maintaining our compliance manual
  • ensuring adequate safety measures and standards exist
  • ongoing staff training to be held regularly including internal awareness sessions
  • working with the Information Regulator when investigations arise

 

SECURITY MEASURES

 In order to secure the integrity and confidentiality of the personal information in our possession, we operate the following security safeguards:

  • our business premises where computer systems are held remain protected by access control, alarms and armed response
  • all users terminals and systems are password protected and staff are compelled to update their passwords on a regular basis
  • hardcopy records are converted into electronic copy, saved onto our secure server, and the hard copy is immediately destroyed. 
  • all staff have signed a confidentiality agreement that forms part of their employment contract
  • our Office 365 email infrastructure must comply with industry standard security safeguards
  • we have outsourced our IT management and website maintenance to third party providers to ensure our infrastructure complies with the act at all times
  • security safeguards must be monitored and continually updated on a regular basis to identify new risks or vulnerable areas i.e. firewalls and antivirus applications
  • profiles and privileges of staff who leave our employ are immediately terminated

 

 

SECURITY BREACHES

 Should we find that your personal information has been accessed or acquired by an unauthorized person, we will notify you immediately.  The notice will include the below information to allow you to protect yourself from any potential harm and mitigate risk:

  • a description of the consequences of the breach
  • details of the actions we have taken to address the breach
  • the identity of the person (if known to us) who may have acquired your personal information

We will also contact the Information Regulator where required in terms of the act.

 

UPDATING YOUR PERSONAL INFORMATION

 You are entitled to request, update, ask us to destroy or delete your personal information at any time. This instruction must be received in writing from the email address we have on record for you.

 

SPECIAL PERSONAL INFORMATION

 Special rules apply to the collection and use of additional information such as your religious or philosophical beliefs, your race or ethnic origin, your trade union membership, your political persuasion, your health or sex life, your biometric information, or criminal behaviour.

It is very unlikely that we will ever have to request this type of information, but should it be necessary we will ensure you understand the validity of the request.

 

PROCESSING YOUR SPOUSE, DEPENDENTS, BENEFICIARIES OR CHILDRENS INFORMATION

 We will act in good faith that you have received prior permission to provide us with the personal information of the above specified persons.

Should you require us to process personal information on these persons and they are under the age of 18 both parents / legal guardians will be contacted before any information is released to you.

Should you require us to send personal information on these persons and they are over the age of 18 we will contact them directly for consent before any information is released to you.

 

DIRECT ELECTRONIC COMMUNICATION FROM OUR OFFICE

 From time to time we will communicate with you through a bulk electronic email facility.  This is necessary under the following conditions:

  • notice of annual medical aid plan changes and rate increases
  • yearend tax deadlines to maximize your tax concession to investments
  • important industry information we feel will add value to your financial planning
  • change in product policy conditions or endorsements

We will immediately stop sending out communication of this nature should you:

  • request us in writing to OPT OUT from receiving emails of this nature in future
  • Your email address has changed and you have not notified us of your new updated address

Please understand that should you not wish to receive import communications of this nature it may lead to us having to terminate our business relationship due to the advice risk of not keeping you informed.

 

TRANSFERRING YOUR PERSONAL INFORMATION OUSTIDE OF SOUTH AFRICA

 You agree that we can transfer your personal information outside of SA:

  • if you reside abroad and have provided us with an email address that is hosted outside of SA
  • where required to conclude or manage any offshore product. Your information will be sent to our SA based contracted provider who will then send your information onto their international based company, at this point you will be protected under their privacy conditions

 

OFFENCES AND PENALTIES

 Serious penalties apply for contravening the POPI regulations from massive fines to imprisonment of up to 10 years.