POPIA

This Privacy Notice applies to the following companies in the ICTS group of companies:

 

  • INVESTMENT CONSULTING & TRUSTEE SERVICES (PTY) LIMITED (Registration number: 1996/000948/07) [“ICTS”]
  • ICTS LEGAL SERVICES (PTY) LIMITED (Registration number: 2018/060090/07) [“Legal Services”]
  • MOTSWEDI EMERGING MANAGER STRATEGISTS (PTY) LIMITED (Registration number: 2011/006602/07) [“Motswedi”]
  • ICTS TRACING SERVICES (PTY) LIMITED (Registration number: 2008/008464/07) [Tracing Services”]

 

  • WHAT IS THIS NOTICE FOR?

We know that you care about your personal information and how it is used, and we want you to trust that the ICTS Group uses your personal information carefully. Protection of personal information by the ICTS Group is part of our overall protection of you as a client, service provider or other person interacting with the ICTS Group.

This Privacy Notice will help you understand what personal information the ICTS Group collects, why we collect it and what we do with it.

  • IF YOU HAVE QUESTIONS

If you have any questions about how your personal information is treated, please send these to the relevant Information Officer whose details are below.

DETAILS OF THE INFORMATION OFFICERS OF THE ICTS GROUP:

INVESTMENT CONSULTING & TRUSTEE SERVICES (PTY) LIMITED

Mr. David Weil:

E-mail:                                  weild@icts.co.za

Telephone:                         082 445 8852 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

 

ICTS LEGAL SERVICES (PTY) LIMITED

Ms Leanne van Wyk:

E-mail:                                  vanwykl@icts.co.za

Telephone:                         087 330 5627 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

 

ICTS TRACING SERVICES (PTY) LIMITED

Mr Trevor Glassock:

E-mail:                                  glassockt@icts.co.za

Telephone:                         087 330 5627 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

 

MOTSWEDI EMERGING MANAGER STRATEGISTS (PTY) LIMITED

Mr Mark Davids:

E-mail:                                  davidsm@motswedi.co.za

Telephone:                         083 222 9913 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

 

Our Deputy Information Officers are:

Ms Robynne Kriek           [ICTS Death Benefit Investigation and Distribution Services]

E-mail:                                  kriekr@icts.co.za

Telephone:                         087 330 5601 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

 

Ms Toni Cantin                 [ICTS Trustee Training]

E-mail:                                  cantint@icts.co.za

Telephone:                         087 702 3821 (daytime hours).

Street address:                 Block D, Country Club Estate Office Park, 21 Woodlands Drive, Woodmead, Sandton, 2080

Postal address:                 PO Box 65939, Benmore, 2010

  • MEANING OF WORDS

We have tried to keep this Privacy Notice as simple as possible, but if you’re not familiar with terms, such as personal information, processing or special personal information, then you can read about these terms first in Annexure A.

  • WHY DO WE USE YOUR PERSONAL INFORMATION?

The ICTS Group uses your personal information for the following purposes:

  1. Mainly to provide you with our services, which are:

 

  • Tracing of members and beneficiaries of our clients, which are retirement funds, insurers and share incentive schemes, in order to enable these members and beneficiaries to receive any benefit that is due to them in terms of the rules of the fund/scheme.

 

  • Providing independent trustee services to our retirement fund clients.

 

  • Providing asset management services to our retirement fund and medical scheme clients.

 

  • Providing investment consulting services to our retirement fund and medical scheme clients.

 

  • Providing legal consulting services and training services to our clients, which are retirement funds, fund administrators, principal officers, trustees, members and other related parties.

 

  • Providing trustee training services.

 

  • Providing death benefit investigation and distribution services.

 

  • Providing a digital knowledge platform service specially tailored to the employee benefits industry.

 

  1. To comply with our legal and regulatory duties, such as our B-BB EE certification.

 

  1. To comply with our contractual obligations to our clients and service providers.

 

  1. To direct, control and oversee the operations, administration and investments of the ICTS Group and to comply with duties set out in the Companies Act and other relevant law.

 

  1. To manage requests for information and complaints related to the ICTS Group.

 

 

  • WHAT SORT OF PERSONAL INFORMATION DO WE COLLECT?

We may process the following categories of Personal Information about you –

  • personal details: name; and photograph;

 

  • demographic information: gender; date of birth / age; nationality; title; and language preferences;

 

  • identifier information: passport or national identity number; bank statements;

 

  • contact details: correspondence address; telephone number; email address; and details of your public social media profile(s)

 

  • instruction details: details of individuals engaging the services of ICTS either in their personal capacity or on behalf of an institution; Personal Information included in correspondence, documents, evidence or other materials that we Process in the course of providing our services;

 

  • attendance records: details of meetings and other events organised by or on behalf of ICTS that you have attended;

 

 

  • consent records: records of any consents you may have given, together with the date and time, means of consent and any related information;

 

  • payment details: billing address; payment method; bank account number or credit card number; invoice records; payment records; SWIFT details; IBAN details; payment amount; payment date.

 

 

  • data relating to your visits to our Website: your device type; operating system; browser type; browser settings; IP address; language settings; dates and times of connecting to a Website; and other technical communications information;

 

  • employer details: where you interact with us in your capacity as an employee of an organisation, the name, address, telephone number and email address of your employer, to the extent relevant; and

 

 

  • content and advertising data: records of your interactions with our online advertising and content, records of advertising and content displayed on pages displayed to you, and any interaction you may have had with such content or advertising (including, but not limited to, mouse hover, mouse clicks and any forms you complete).

 

Sensitive Personal Information

Where we need to Process your Sensitive Personal Information, we will do so in the ordinary course of our business, for a legitimate purpose, and in accordance with Data Protection Laws. Sensitive Personal Information is described in POPIA as –

  • Bank account numbers or details;
  • Information relating to children (under 18); and
  • Special Personal Information, which includes
  • sensitive demographic information – such as your race or ethnicity;
  • medical information – such as information about your physical or mental health;
  • sexual information – such as information about your sex life or sexual orientation;
  • Biometric information – such as information from any personal identification technique based on a person’s physical, physiological, or behavioural characteristics, such as their fingerprint, retina, voice, blood type, or DNA.
  • criminal information – such as information about your commission or alleged commission of any offence or about any related legal proceedings;
  • employment information – including your membership of a trade union; and
  • beliefs – including your political or religious beliefs.

 

  • WHO DO WE COLLECT YOUR PERSONAL INFORMATION FROM?

Sometimes we collect your personal information from you, but we do not always collect your personal information directly from you. For example, we collect personal information about prospective employees from former employers, or about prospective service providers from third parties.

We rely on the following justifications not to collect personal information directly from you (a data subject):

  • It’s necessary to carry out actions for a contract with the data subject;
  • It complies with an obligation imposed by law on us;
  • It protects the legitimate interest of the data subject; or
  • It’s necessary to pursue the legitimate interests of the ICTS Group or a third party to whom the information is supplied.

For more information about the specifics of our activities where we collect personal information from persons other than the persons themselves and the justifications we rely on to do so, please ask the relevant company Information Officer for the company’s Data Protection Policy.

 

  • WHO DO WE GIVE YOUR PERSONAL INFORMATION TO?

 

We may disclose your Personal Information to our Associates and Service Providers, for legitimate business purposes, in accordance with applicable law and subject to applicable professional and regulatory requirements regarding confidentiality. In addition, we may disclose your Personal Information –

 

  • if required by law;

 

  • to legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation*;

 

  • if required in terms of our agreements with clients and service providers;

 

 

  • to third party Operators (including, but not limited to, data processors such as providers of data hosting services and document review technology and services), located anywhere in the world, subject to the conditions set out below;**

 

  • where it is necessary for the purposes of, or in connection with, actual or threatened legal proceedings or establishment, exercise or defence of legal rights;

 

 

  • to any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including, but not limited to, safeguarding against, and the prevention of threats to, public security;

 

  • to any relevant third-party acquirer(s), in the event that we sell or transfer all or any portion of our business or assets (including, but not limited to, in the event of a reorganization, dissolution or liquidation).

 

*If we are required to report a breach or suspected breach of security of your personal information, we will report this to the Regulator in terms of section 22 of POPIA by using FORM SCN1, which is available on the Regulator’s website at POPIACompliance@inforegulator.org.za.

 

**If we engage a third-party Operator to Process any of your Personal Information, we recognise that any Operator who is in a foreign country must be subject to a law, binding corporate rules or binding agreements which provide an adequate level of protection similar to POPIA. We will review our relationships with Operators we engage and, to the extent required by any applicable law if force, we will require such Operators to be bound by contractual obligations to –

 

  • only Process such Personal Information in accordance with our prior written instructions; and

 

  • use appropriate measures to protect the confidentiality and security of such Personal Information.

 

  • WHAT DO WE RELY ON TO USE YOUR PERSONAL INFORMATION?

Many times, the ICTS Group rely on justifications, other than your consent, to use your personal information to do what we need to do. In some instances, the ICTS Group do rely on your consent, for example where you specifically agree that we may process your personal information. But often the ICTS Group will rely on one of the following grounds to use your personal information:

  • It’s necessary to carry out actions for a contract with the data subject
  • It complies with an obligation imposed by law on the ICTS Group,
  • It protects the legitimate interest of the data subject; or
  • It’s necessary to pursue the legitimate interests of the ICTS Group or a third party to whom the information is supplied.

For more specific information about the grounds we rely on to use your personal information, please request the relevant company’s Data Protection Policy from the company’s Information Officer.

 

  • TRANSFERRING YOUR PERSONAL INFORMATION OUTSIDE SOUTH AFRICA

The ICTS Group may transfer your personal information outside of South Africa, for example because one of our service providers uses cloud storage or processing based in other countries. However, we will always make sure that we protect your personal information as required by POPIA if your personal information leaves the country.

 

  • SECURITY MEASURES FOR YOUR PERSONAL INFORMATION

 

  • We implement appropriate technical and organisational security measures to protect your Personal Information that is in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.

 

  • Where there are reasonable grounds to believe that your Personal Information that is in our possession has been accessed or acquired by any unauthorised person, we will notify the Regulator and you, unless a public body responsible for detection, prevention or investigation of offences or the Regulator informs us that notifying you will impede a criminal investigation. We are required to inform the Regulator in terms of Section 22 of POPIA of any breach or suspected breach of security regarding your Personal Information.

 

 

  • Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Information that is in our possession, we cannot guarantee the security of any information transmitted using the internet and we cannot be held liable for any loss of privacy occurring during the course of such transmission.

 

  • HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION?
  • We will keep your personal information for as long as is necessary to achieve the ICTS Group’s purposes. After that, we will destroy it if we are no longer authorised or required to keep it in terms of law, agreements, consent or our companies’ respective Data Protection Policies.

 

  • We will only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer. In this regard, please refer to our Retention Policy, which is on our website (icts.co.za).

 

 

  • YOUR LEGAL RIGHTS

You may have rights under the South African and other laws to have access to your Personal Information and to ask us to rectify, erase and restrict use of your Personal Information. You may also have rights to object to your Personal Information being used, to ask for the transfer of Personal Information you have made available to us and to withdraw consent to the use of your Personal Information.

  • COOKIES AND SIMILAR TECHNOLOGIES

 

  • We may Process your Personal Information by our use of Cookies and similar technologies.

 

  • When you visit our Website we may place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law. We use Cookies for important reasons, such as identifying registered members (users who registered to our site), where applicable. They are also used to monitor and analyze the performance, operation and effectiveness of our service providers’ platforms.

 

 

  • DIRECT MARKETING

 

  • We may Process your Personal Information for the purposes of providing you with information regarding services that may be of interest to you. You may unsubscribe for free at any time.

 

  • If you currently receive marketing information from us which you would prefer not to receive in the future please email us at enquiries@ICTS.co.za

 

  • IF YOU WANT TO COMPLAIN ABOUT HOW WE HAVE USED YOUR PERSONAL INFORMATION

Please contact the relevant company’s Information Officer on the details set out above.

You can also complain to the Information Regulator using the following details:

Physical address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

 

Postal address: P.O. Box 31533, Braamfontein, Johannesburg, 2017

 

Complaints email: complaints.IR@justice.gov.za

 

General enquiries email: inforeg@justice.gov.za.

 

Please only complain to the Information Regulator about issues that are related to personal information or accessing information. If you are complaining about something else, you may need to approach a different regulator or Ombud.

 

  • IF YOU NEED MORE INFORMATION ABOUT HOW WE USE YOUR PERSONAL INFORMATION

You can always ask for our Data Protection Policy or Promotion of Access to Information Manual. You can ask the relevant company’s Information Officer to provide you with the document(s). This is usually done by email.