Personal Information Act (“POPI Act”)
All individuals who provide Personal Information, such as associates, job applicants, employees, retirees, clients, training providers, government, SETA’s, and others.
All methods of contact, including in person, written documentation, electronically mail, via the Internet, newsletters, telephone, or facsimile.
MPI Holdings (PTY) Ltd. has in place reasonable commercial standards of technology and operational security to protect all information provided by clients. All reasonable steps will be taken to secure all clients personal information. Authorised staff, who are responsible for the maintenance of any Special Personal Information submitted or received, are required to maintain the confidentiality of such information.
Clients undertake not to divulge their usernames and passwords to any other person. Any person, business or entity who delivers or attempts to deliver any unauthorised, damaging, or malicious code or attempts to gain unauthorised access to the company website shall be held criminally liable, and in the event that the company should suffer any damage or loss, civil damages will be claimed.
4. Limitation of Liability
In no event shall the Service Provider (MPI Holdings (PTY) Ltd.) be liable to the client for any damages, whether direct, indirect, incidental, or consequential arising out of the performance of the signed agreement by both parties.
Service Provider (MPI Holdings (PTY) Ltd.) shall not be liable for any loss of profits, goodwill, business, clients, contracts, revenue, the use of money, contractual penalties imposed by third parties, anticipated savings, or information; or any special, indirect, or consequential loss and such liability is excluded whether it is foreseen, foreseeable, known or otherwise.
Refers to the company, MPI Holdings (PTY) Ltd. and its authorized third parties, which determine the purposes and means of processing of Personal Information.
Refers to any associate or third person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity.
General Business Purpose
Defined as the Processing of Personal Information for an activity related to the commercial operations of the company. This could include, but is not limited to, sales and marketing, research, and development operations; protecting intellectual property; provision of services; internal operations; information technology and general employment matters.
Data processing for general purposes includes, but is not limited to maintaining files, conducting Training needs analysis and skills audits, various submissions, payroll processing, conducting performance reviews, and intra-company communications.
Defined as any information related to an identified or identifiable person.
E.g., ID/ Passport number, Phone number, Email address, Physical address, etc.
Defined as a legal person, or any other entity that processes Personal Information on behalf of the Responsible Party, under its control. In this context, the Operator may be a payroll preparation firm that works on behalf of the company, under the company’s control. The company requires Operators to protect the privacy, confidentiality, and security of the Personal Information.
Defined as any operation or any set of operations performed upon Personal Information, whether or not by automatic means, such as collection, submissions, recording, organisation, storage, adaption or alteration, retrieval, consultation, disclosure by transmission, dissemination, alignment, or combination, blocking, deletion or destruction.
Special Personal Information
Defined as a subset of Personal Information that refers to Religious/ Philosophical beliefs, Ethnic origin, Health/ Sex Life, Biometric data, Criminal record, Disability Status and Salary/ Wages, etc.
Defined as any legal person, public authority, agency, or any other entity other than the Data Subject, the Responsible Party, the Operator, and the persons who, under direct authority of the Responsible Party or the Operator, are authorised to process the Personal Information. E.g., Training Providers and SETA’s etc.
Use of Personal Information
General business operations authorised individuals within MPI Holdings (PTY) Ltd. may occasionally utilize and/or transfer Personal Information for necessary General business purposes. Specifically Personal Information may be used as follows:
To identify a Data Subject personally.
To communicate with a Data Subject (directly or indirectly).
To comply with Human Resource requirements.
To comply with government legislations; and
To provide manage the business effectively.
Integrity of Personal Information
MPI Holdings (PTY) Ltd. will take reasonable steps that Personal Information and Special Personal Information are:
Obtained directly from the Data Subject whom the Personal Information relates.
Obtained and processed fairly and lawfully by the company for General business purposes.
Relevant to and no more revealing than is necessary for General business purposes; and
Updated to maintain accuracy, while information is under control of the company and kept only for long as reasonably necessary.
MPI Holdings (PTY) Ltd. informs Data Subjects about the purposes for which Personal information is collected and used. In certain situations, Personal Information may be rendered anonymous so that the names of the Data Subjects are not known by Operators.
9. Access to Personal Information
MPI Holdings (PTY) Ltd. takes steps to make sure that the Personal Information it uses is correct and will allow Data Subjects reasonable access to Personal Information about themselves during normal working hours and upon request and will be allowed to update and/or correct any inaccurate information.
10. Procedure for Assessing Personal Information
Questions about Personal Information and/or authorisation to access such information are to be directed to Data Subject’s Human Resource manager. Unauthorised access may be grounds for disciplinary actions.
11. Security of Personal Information
MPI Holdings (PTY) Ltd. will take reasonable precautions to protect Personal Information loss, misuse, unauthorised access, disclosure, alteration, and destruction and will direct its associates with responsibility for handling physical documents containing personally identifiable information for such documents (1) must be stored in locked file cabinets when not in use (2) must not left unsecured in plain view when in use.
12. Transfer of Personal Information
Subject to this policy, MPI Holdings (PTY) Ltd. may occasionally transfer Personal Information for necessary General business purposes, in compliance with country-of-origin regulations. Electronic documents containing personally identifiable information will only be shared with associates who are authorized to process such information and have a need to know such information. The company will direct its associates with responsibility for handling electronic documents containing Personal information that such electronic documents must be password protected when stored on the Company’s information systems or servers that are backed up.
A Data Subject may not opt out of transfer of Personal Information which is transferred by MPI Holdings (PTY) Ltd. to a Third Party for the following purposes:
Meeting applicable legal requirements.
MPI Holdings (PTY) Ltd. expects its associates, employees, and partners to maintain the trust placed in the Company by those Data Subjects who provide personal information to the Company. MPI Holdings (PTY) Ltd. may periodically audit privacy compliance, and where necessary, will extend by contract its privacy policies and information protection practices to the Company’ business relationships.
Annual assessments will be performed on processes and systems for the evaluation of the security protection and privacy of personally identifiable data.
15. Procedure for Inquiries, Complaints and Opt-Out
A Data Subject may contact their local human resources manager or the Company’s Compliance Officer with inquiries or complaints regarding the processing of Personal Information or to opt out of the transfer of Personal Information.
17. Information Subject to Other Policies