The Protection of Personal Information – Customer Privacy Notice
GAPP-Partners Global and its subsidiaries, GAPP-Partners UK , GAPP-Partners SA, GAPP-Partners CA (collectively, “GAPP-PARTNERS”, “us” and “we”) understand the importance of protecting your personal information and we value and respect it.
It applies to personal information that we collect from you physically or in a borderless digital environment during your interactions with us, whether online, including through our websites (including mobile sites), social media sites and mobile applications (collectively “Internet Services”) that link to this Privacy Statement, in writing or orally, or personal information that we may collect offline or receive from third parties.
2. Personal information we collect
GAPP-PARTNERS is subject to the Protection of Personal Information Act, No. 4 of 2013 (“POPIA”), of which the operative provisions came into effect on 1 July 2020. Public and private bodies have until 1 July 2021 to be fully compliant. “Personal information” is defined in POPIA as information relating to an identifiable, living, natural person and where it is applicable, an identifiable, existing juristic person, including but not limited to:
- information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
- information relating to the education or the medical, financial, criminal or employment history of the person;
- any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
- the biometric information of the person;
- the personal opinions, views or preferences of the person;
- correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
- the views or opinions of another individual about the person; and
- the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
Depending on how you interact with us, personal information we collect may include but without limitation:
- your name
- email address
- postal address
- telephone number (fixed or mobile)
- log-in and account information for authentication purposes and account access
- your gender and
- social media account information.
We may also collect other information that does not personally identify you. Such other information includes browser and device information, website and application usage data, IP addresses, demographic information such as marketing preferences, geographic location, home language, and information collected through cookies and other technologies or information that has been anonymised or aggregated. If we link this information with your personal information, we will treat such linked information as personal information.
You can choose not to provide personal information to us when requested. However, if this is necessary to provide you with our solutions, products and services, access to our Internet Services, or to perform administrative functions, we may be unable to do these things.
GAPP-PARTNERS may also where applicable, be subject to the General Data Protection Regulations 2016/679 of the European Union [‘EU’] (“GDPR”), which is the primary legislation dealing with the protection and regulation of personal information. If you are a natural person based in the EU, who wish to or have procured products or services offered by GAPP-Partners and in the process you have provided us with personal information in order to process your enquiry and/or transaction or contract, we will supplement our obligations as set out herein with additional aspects of GDPR, where appropriate and applicable, some of which are referred to under Section 10.
GAPP-PARTNERS may also where applicable, be subject to the Data Protection Act 2018 (“DPA 2018”), and the UK General Data Protection Regulation (“UK GDPR”) of the United Kingdom [‘UK’] (“GDPR”), which is the primary legislation dealing with the protection and regulation of personal information for citizens of the UK. If you are a natural person based in the UK, who wish to or have procured products or services offered by GAPP-Partners and in the process you have provided us with personal information in order to process your enquiry and/or transaction or contract, we will supplement our obligations as set out herein with additional aspects of the UK GDPR, where appropriate and applicable, some of which are referred to under Section 10.
4. Legal basis for processing your personal information
When we process your personal information in connection with the purposes set out in this Privacy Statement, we may rely on one or more of the following legal bases, depending on the purpose for which the processing activity is undertaken and the nature of our relationship with you:
- Our legitimate interests (or those of a third party with whom we share your personal information) for the purpose of managing, operating or promoting our business, including direct marketing, and transfers within the GAPP-PARTNERS Group of companies of personal information for business and administrative purposes, except where such interests are overridden by your interests or fundamental rights or freedoms which require protection of personal information.
- Where this is necessary to comply with a legal obligation on us, whether contractually or otherwise.
- To protect the vital interests of any individual.
- Where you have consented for such processing to take place.
5. Use of your personal information
We may use your personal information to:
- Enable you to effectively use and to improve our solutions, products and services, for example to:
- Perform administrative and business functions and internal reporting.
- Send administrative information to you.
- Obtain feedback from you about our services, products and solutions including through client satisfaction surveys, in which event, we will only use your personal information for the sole purpose of sending you a survey.
- Respond to your inquiries and fulfil requests by you.
- Assess the performance of our Internet Services and to improve their operation.
- Inform you about and provide you with our products, services and solutions.
- Update our records and keep your contact details up to date.
- We engage in these activities to manage our contractual relationship with you, to comply with our legal obligations, or for our legitimate business interests:
- Provide you with marketing materials and to personalise your experience with us, for example to:
- Send marketing communications to you.
- Enable you to subscribe to our newsletters and mailing lists.
- Enable you to register for GAPP-PARTNERS events, workshops and seminars.
- We engage in these activities with your consent or for our legitimate business interests:
- Achieve our business purposes and analyse information. For example, to:
- Establish, manage, and maintain our business relationship with you.
- Compile usage statistics for our Internet Services.
- Recruit staff.
- Process and respond to privacy requests, questions, concerns and complaints.
- Fulfil legal and contractual obligations.
- We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation and for our legitimate business interests.
6. Your rights as a data subject
As a data subject you have the right to have your personal information processed in accordance with the conditions for the lawful processing of personal information as referred to in Chapter 3 of POPIA, including the right-
- to be notified that:
- personal information about you is being collected as provided for in terms of section 18; or
- your personal information has been accessed or acquired by an unauthorised person as provided for in terms of section 22;
- to establish whether a responsible party holds personal information of you and to request access to your personal information as provided for in terms of section 23;
- to request, where necessary, the correction, destruction or deletion of your personal information as provided for in terms of section 24;
- to object, on reasonable grounds relating to your particular situation to the processing of your personal information as provided for in terms of section 11 (3) (a);
- to object to the processing of your personal information—
- at any time for purposes of direct marketing in terms of section 11 (3) (b); or
- in terms of section 69 (3) (c);
- not to have your personal information processed for purposes of direct marketing by means of unsolicited electronic communications except as referred to in section 69 (1);
- not to be subject, under certain circumstances, to a decision which is based solely on the basis of the automated processing of your personal information intended to provide a profile of you as provided for in terms of section 71;
- to submit a complaint to the Regulator regarding the alleged interference with the protection of your personal information as a data subject or to submit a complaint to the Regulator in respect of a determination of an adjudicator as provided for in terms of section 74; and
- to institute civil proceedings regarding the alleged interference with the protection of your personal information as provided for in section 99.
All references to sections above are to sections in POPIA.
7. Sharing your personal information
We may share your personal information for the purposes set out in this Privacy Statement (as applicable):
- With our subsidiaries for the purposes set out in this Privacy Statement. GAPP-PARTNERS is the party responsible for the management of jointly used personal information.
- With business partners with whom we offer co-branded services or engage in joint marketing activities.
- With service providers to provide operational services or facilitate transactions on our behalf, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, email delivery, data analytics and auditing.
- Where you consent to the sharing of your personal information.
- In connection with any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company.
- Where applicable, for credit reference, fraud prevention or business scoring agencies, or other credit scoring agencies.
- For debt collection agencies or other debt recovery organisations.
- For other legal reasons:
- We may share your personal information in response to a request for information by a competent authority in accordance with, or required by any applicable law, regulation or legal process;
- Where necessary to comply with judicial proceedings, court orders or government orders; or
- To protect the rights, property or safety of GAPP-PARTNERS, its business partners, you, or others, or as otherwise required by applicable law.
Any third parties with whom we share personal information are contractually required to implement appropriate data protection and security measures to protect personal information and are not permitted to use personal information for any purpose other than the purpose for which they are provided with or given access to personal information.
8. Security of your personal information
GAPP-PARTNERS is committed to protecting your personal information from accidental or unlawful destruction, damage, loss, alteration, unauthorised access or disclosure by using reasonable, appropriate, physical, administrative and technical safeguards and contractually requiring that third parties to whom we disclose your personal information do the same.
9. Cross border transfers
GAPP-PARTNERS may be required to fulfil its contractual obligations with you outside of South Africa and may transfer your personal information to countries where we do business or to international organisations in connection with the purposes identified above and in accordance with this Privacy Statement.
10. Your rights under data protection laws in the European Union (EU) and United Kingdom (UK)
GAPP-PARTNERS adheres to applicable data protection laws in the EU and UK, which provide you with certain rights relating to your personal information (if you are an EU or UK citizen), subject to any legal exceptions. Your rights include:
- The right to access personal information that we hold about you.
- The right to rectify inaccurate personal information we hold about you without undue delay, and considering the purposes of the processing, to have incomplete personal information about you completed.
- The right to ask us to erase your personal information (the right to be forgotten) without undue delay in certain circumstances.
- The right to restrict the processing of your personal information in certain circumstances.
- The right to receive your personal information from us in a structured, commonly used and machine-readable format and to transmit your personal information to a third party without obstruction (right to data portability) in certain circumstances.
- Where we process personal information based on your consent, you have the right to withdraw your consent at any time for future processing.
- Where we process your personal information based upon our legitimate interests or those of a third party, you have the right to object to the processing of your personal information at any time (including to any profiling).
- Where we process your personal information for direct marketing purposes, you have the right to object to processing of your personal information at any time, including profiling to the extent that it is related to such direct marketing.
- The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
You may lodge a complaint with the European Commission’s online complaint procedure (https://ec.europa.eu) or the United Kingdom’s Information Commissioner’s Office (https://ico.org.uk/) if you believe that your data protection rights relating to your personal information have been breached by GAPP-PARTNERS or that your personal information has been compromised in some way. You may contact us with requests, complaints or questions regarding these rights as set forth in the “How to contact us” section, below. Similarly, individuals in countries outside of the EU may exercise their rights under any applicable data protection laws by contacting us in accordance with the “How to contact us” section, below.
11. Cookies and Similar Technologies
- Enabling you to sign into our Internet Services;
- Authenticating you;
- Keeping track of information, you have provided to us;
- Improving your browsing experience;
- Customising our interactions with you;
- Storing and managing your preferences and settings;
- Compiling statistical data;
- Analysing the performance and usability of our Internet Services;
- Measuring traffic patterns for our Internet Services; and
- Determining which areas of our Internet Services have been visited.
These technologies collect information that your browser sends to our Internet Services including your browser type, information about your IP address (a unique identifier assigned to your computer or device which allows your PC or device to communicate over the Internet), together with the date, time and duration of your visit, the pages you view and the links you click. Our Internet Services may also contain web beacons or similar technologies from third party analytics providers, through which they collect information about your activities across our Internet Services to help us compile aggregated statistics.
12. Links to third party websites and applications
Our Internet Services may contain links to third party websites and applications. We are not responsible for and make no representations or warranties in relation to the privacy practices or content of any third-party websites and applications. Your use of such sites and applications is subject to the applicable third party privacy statement and is at your own risk.
Any additional privacy terms or policies will be made prominently available and published here.
13. Direct marketing
We may send you unsolicited direct marketing e-communications about our solutions, products and services. You can choose whether you wish to receive marketing e-communications from GAPP-PARTNERS by email, SMS, post and phone. You may opt out of receiving marketing materials from us at any time and manage your communication preferences by:
- Following the unsubscribe instructions included in each marketing email or SMS text message from us;
- GAPP-Partners Website; or
- Sending an email to the sender of the marketing communications; or writing to:
- Attn: Group Information Officer
- Email Address: info@GAPP-Partners.com
- Including your details and a description of the marketing material you no longer wish to receive from us.
- We will comply with your request as soon as is reasonably practicable.
If you opt out of receiving direct marketing related communications from us, we may still send you administrative messages as part of your ongoing use of our products, solutions and services, which you will be unable to opt out of. We do not provide your personal information to unaffiliated third parties for direct marketing purposes or sell, rent, distribute or otherwise make personal information commercially available to any third party.
14. Retaining your personal information
We will retain your personal information for as long as is necessary to fulfil the purpose for which it was collected unless a longer retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements. The criteria we use to determine retention periods include whether:
- We are under a legal, contractual or other obligation to retain personal information, or as part of an investigation or for litigation purposes;
- Personal information is needed to maintain accurate business and financial records;
- There are automated means to enable you to access and delete your personal information at any time;
- You have consented to us retaining your personal information for a longer retention period, in which case, we will retain personal information in line with your consent.
16. GAPP-Partners Information Officers
GAPP-Partners Information Officers have been appointed for each legal entity within the GAPP-Partners group.
- GAPP-Partners UK
- GAPP-Partners SA
- GAPP-Partners CA
- GAPP-Partners Nigeria
- GAPP=Partners USA
17. How to contact us
If you have any complaints, requests or questions about how your personal information is handled by GAPP-PARTNERS, you have a privacy concern or you wish to make a request or a complaint relating to your personal information, please contact us.
You can reach us at:
Att: Information Officer – Frank Eriksen-Miller COO
Any additional privacy terms or policies will be made prominently available and published here.
Artisans’ House, 7 Queensbridge, Northampton, Northamptonshire NN4 7BF United Kingdom
2023 © All rights reserved
Site Updated Nov 2023
+44 1604 246 702