Effectualness (Pty) Ltd | POPIA Privacy Policy
Introduction
This notice explains how we collect and use your personal information, following the requirements of art. 18 of the Protection of Personal Information Act (“POPIA”).
According to the Act “personal information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.
Brief Introduction of our business
At Effectualness we value and respect your privacy and we embrace your rights to data subject access rights, that’s why we lead by cybersecurity awareness as to when more people are in the know-how this contributes to reduced cyber-risks, whilst improving your business productivity and enhance your business in digital transformation by challenging your status quo, leading to fierce protection of your reputation from data exfiltration alongside with prevention of security incidents.
Business Operations Exclusive to South Africa Only
As a South African resident, South African law may provide you with certain rights about your personal information under the Protection of Personal Information Act (“POPIA”) and Promotion of Access to Information Act (“PAIA”).as well as the Consumer Protection Act Throughout this Privacy Notice you will find the information required by POPIA regarding the categories of personal information collected from you; the purposes for which we use personal information, and the categories of third parties your data may be shared with. This information is current as of the date of the Notice and is applicable in the 12 months preceding the effective date of the Notice.
As a South African resident, the POPIA and PAIA provide you with the ability to make inquiries regarding your personal information. Specifically, the degree to which the information is not already provided in this Privacy Notice, you have the right to request disclosure or action your personal information, including:
If your personal information is collected by us.
The specific pieces of personal information collected about you.
The ability to correct or delete certain personal information collected about you.
The ability to delete all the personal information collected about you, subject to certain exceptions.
To opt-in or opt-out of direct marketing to you.
To object to the processing of your personal information, or
Appeal any rejection of access to your personal information
You may submit a request regarding your rights under POPIA or PAIA by submitting a request through the following form our DSAR Intake Requests or by contacting us by email at privacy@effectualness.co.za
If we receive a POPIA request from you, we will first decision regarding the applicability of the law, and we will then take steps to verify your identity before responding. The steps to verify your identity may vary based on our relationship with you, but, at a minimum, it will take the form of confirming and matching the information submitted in the request with information already held by Effectualness (Pty) Ltd and/or contacting you through previously used channels to confirm that you submitted the request (i.e. confirming identity through the contact information that we have on file, and/or the contact information submitted to make the request).
The Effectualness (Pty) Ltd does not knowingly collect or process special personal information such as your religious or philosophical beliefs, race or ethnic origins, trade union memberships, political persuasion, health or sex life, or your criminal behaviour or biometric information.
If you have a comment, question, or complaint about how we are processing your personal information, we hope that you contact us via our Contact Page to allow us to resolve the matter. In addition, if you are located in the Republic of South Africa, you may submit a complaint regarding the processing of your personal information to the Information Regulator at the following link: https://www.justice.gov.za/inforeg/contact.html.
Third-Party Advertisers
We may allow other companies, called third-party ad servers or ad networks, to serve advertisements within the Service. These third-party ad servers or ad networks use technology to send, directly to your device, the advertisements and links that appear on the Service. They automatically receive your device ID and IP address when this happens. They may also use other technologies (such as cookies, JavaScript, or Web Beacons) to measure the effectiveness of their advertisements and to personalize the advertising content you see. You should consult the respective privacy policies of these third-party ad servers or ad networks for more information on their practices and for instructions on how to opt-out of certain practices. This Privacy Notice does not apply to them, and we cannot control their activities.
Information Storage and Security
We employ industry-standard and/or generally accepted security measures designed to secure the integrity and confidentiality of all information submitted through the Service. However, the security of information transmitted through the internet or via a mobile device can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data.
Users of the Service are responsible for maintaining the security of any password, user ID or other forms of authentication involved in obtaining access to password protected or secure areas of the Service. To protect you and your information, we may suspend your use of any of the Service, without notice, pending an investigation, if any breach of security is suspected.
External Links
The Service may contain links to other websites maintained by third parties. Please be aware that we exercise no control over linked sites and Effectualness (Pty) Ltd is not responsible for the privacy practices or the content of such sites. Each linked site maintains its own independent privacy and data collection policies and procedures, and you are encouraged to view the privacy policies of these other sites before providing any personal information.
You hereby acknowledge and agree that Effectualness (Pty) Ltd is not responsible for the privacy practices, data collection policies and procedures, or the content of such third-party sites, and you hereby release Effectualness (Pty) Ltd from any claims arising out of or related to the privacy practices, data collection policies and procedures, and/or the content of such third-party sites.
We strongly recommend that all external links are copied and scanned using Virus Totals URL Scanner for peace of mind every time this enhances security and creates a culture of cybersecurity awareness.
Children’s Privacy
The Service is not intended for children under the age of 18, and Effectualness (Pty) Ltd does not knowingly collect the personal information of children under the age of 18.
Changes to this Privacy Notice
Effectualness (Pty) Ltd reserves the right to modify this Privacy Notice from time to time so that it accurately reflects the regulatory environment and our data collection principles. When material changes are made to this Privacy Notice, Effectualness (Pty) Ltd will publish the revised Notice on our website. This Privacy Notice was last modified as of April 2021.
Contact Us
If you have any questions or comments about this Privacy Notice or the Service provided by Effectualness (Pty) Ltd, please contact us by way of email to privacy@effectualness.co.za for privacy related matters or via our contact page if you have general queries.
Information being collected
[POPIA, art. 18(1)(a)]We gather various types of information, including information that identifies or may identify you as an individual (“Personal Information”) as explained in more details below.
We may collect information directly from you where you provide us with your personal details, such as your name, last name, address, mobile number or e-mail information.
Websites may also collect certain information related to your device, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our website.
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally, identifiable information may include, but is not limited to:
1) Email address
2) First name and last name
3) Phone number, WhatsApp Number or Signal Number
4) Address information, Country, Province
5) Company or Organisation Name if you are a business owner or representing a company or organisation
6) Occupation or position in your company
7) Consent via our consent management system
Usage Data
Usage Data has been collected automatically when using the Service in the form of our website with its machine-learning and artificial intelligence integrations.
Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
Information from Third-Party Social Media Services
The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:
YouTube
Vimeo
If You decide to register through or otherwise grant us access to a Third-Party Social Media Service, We may collect Personal data that is already associated with Your Third-Party Social Media Service's account, such as Your name, Your email address, Your activities or Your contact list associated with that account.
You may also have the option of sharing additional information with the Company through Your Third-Party Social Media Service's account. If You choose to provide such information and Personal Data, during registration or otherwise, You are giving the Company permission to use, share, and store it in a manner consistent with this Privacy Policy.
Tracking Technologies and Cookies
We use cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:
Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse cookies, our Service may use Cookies.
Flash Cookies. Certain features of our Service may use local stored objects (or Flash cookies) to collect and store information about Your preferences or Your activity on our Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies. For more information on how You can delete Flash Cookies, please read "Where can I change the settings for disabling, or deleting local shared objects?" available at
Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Further information about managing cookies can found in your browser file or through sites such as https://www.cookielawinfo.com or https://www.allaboutcookies.org/.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Type: Session Cookies
Administered by: Us
Purpose: These cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
Cookies Policy / Notice Acceptance Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
Functionality Cookies
Type: Persistent Cookies
Administered by: Us
Purpose: These cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.
Name and address of responsible party
[POPIA, art. 18(1)(b)]The responsible party name is Avishkar Singh the CEO and registered information officer.
You can contact us as follows:
Registered & Postal Address (Online Business Only) | 67 Southbury Avenue, Eastbury, Durban, 4068 |
Office Smartphone | 081 376 9328 |
Email | info@effectualness.co.za |
Website URL | https://www.effectualness.co.za |
Information Officer (PAIA / POPIA) | Avishkar Singh (CEO) is the registered information officer in terms of POPIA and PAIA and his contact details are: avi@effectualness.co.za |
Purpose for collection
[POPIA, art. 18(1)(c) and (f)]We only process your personal information for the purposes explained to you in this Privacy Notice or agreed when we collected your personal information, in accordance with applicable laws.
We will use your personal information to:
- We collect personal information for the purposes set out in this notice or otherwise communicated to you,
- We collect personal information directly from you as required by the act when you interact with our website and its AI technologies and leading to purchase orders via such technologies whereby you contact us directly or provide us information through our website and its interactive forms and technologies.
- We may collect from and share your personal information with selected third parties which are the vendors who enable us to offer their products or services via our brand to ensure that we meet our responsibilities as a reseller of cyber solutions and cloud consultancy services.
- Sales enablement by way of ensuring your orders are processed and that your digital goods in the form of SaaS and other related services together with cloud consultancy services
- Regulatory Bodies and Regulatory reporting (if necessary and required by law)
- We collect personal information from and about you for the following purposes, but not limited to: Assess your specific individual or business requirements accurately, Deliver effective and personalised services to you that comply with applicable regulations, Carry out statistical and other analyses to identify potential markets and trends, evaluate and improve our business, Tell you about services and products available within our company and that of our international vendors
- Process your orders and manage your internal account and to verify and protect your identity
- Email you with personalized offers and/or newsletters
- Communicate with you via platforms like WhatsApp for Business, Signal and Video Conferencing
- Comply with relevant regulatory requirements, including monitoring and analysing your account for credit, fraud, compliance and other risk-related purposes as required by law.
- Collection of VISA or MasterCard for payments via our South African payment portal partner Yoco who has assured us of strict measures of securing your card details, however, we encourage the use of EFT payments whereby you are in control of your banking particulars.
- As otherwise allowed by law
We may also be authorized and/or required to collect and store your personal information in accordance with specific laws.
Consequences for failure to provide the information
[POPIA, art. 18(1)(d) and (e)]Provision of personal information is optional, but failure to disclose such information could prevent us from providing you with our cyber solutions products and services together with our cloud consultancy services.
Storage
We store personal information as required by law and ensure that your data is safeguarded when in use, in motion and at rest. We adopt the following features of the EU GDPR when it comes to storage: the storage of PI & PII at rest with strict control as imposed by the EU GDPR being: Accuracy, confidentiality & integrity (Article 5), Technical measures (Article 32), Organizational measures (Article 25), Data protection by design & by default (Recital 78). We also place the CIA Triad at the heart of our business model which stands for Confidentiality, Integrity and Availability. The CIA Triad is a model designed to guide policies for information security within an organization.
Our use of technology to follow your use of our website
We collect and examine information about visits to this website. We use this information to find out which areas of the website people visit most. This helps us to add more value to our services. This information is gathered in such a way that we do not get personal information about any individual or their online behaviour on other websites.
Cookies
Detailed Cookie information is in our Cookie Notice/Policy.At Effectualness (Pty) Ltd we take your privacy, and, your trust in us very seriously. This cookie notice provides you with information about how the Effectualness (Pty) Ltd uses “cookies”, or, similar technologies, on our websites and applications and other services (each, a “Service”) to enable us to understand how you interact with our products, to improve your experience, and to allow you to use certain features, such as sharing content via social networks or other communications channels. You can stop your browser from accepting cookies, but if you do, some parts of our website or online services may not work. We recommend that you allow cookies. In a proactive response to respecting your privacy our cookie management system has implemented an automatic block on intrusive cookies only to allow strictly necessary for our website to work. You are more than welcomed to opt for reject all when our cookie consent banner pops up in the middle of our home page and you can manage cookie settings on our home page header or footer area.
This notice also provides information about how third parties may use such technologies in association with the operation of our Cyber Solutions and Cloud Consulting Services.
1. ABOUT THIS COOKIE NOTICE
This cookie notice applies when you use any of our Services that refer or link to this notice. This notice may be supplemented by additional cookie notices, or terms provided on certain areas of the Cyber Solutions and Cloud Consulting Services or during our interactions with you.
With the exception of the cookies that are set by third parties, Effectualness (Pty) Ltd that owns or administers the Service, as identified therein, is the primary controller of your personal information provided to, or collected by or for, the Service.
2. USE OF COOKIES BY EFFECTUALNESS (PTY) LTD
Cookies are small text files that are placed on your computer by websites that you visit. Cookies are widely used in order to make websites and applications work, or work more efficiently, and help them remember certain information about you, either for the duration of your visit (using a “session” cookie) or for repeat visits (using a “persistent” cookie).
As detailed below, our use of cookies may involve the collection and use of your information, such as IP addresses, or other online mobile identifiers. For more information on our collection and use of this information please refer to our Privacy Policy, but for ease of reference, we have included the necessary disclosure here.
The cookies used on this website are as follows:
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.
They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not
allow these cookies then some or all of these services may not function properly.
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services,
such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Performance cookies:
- These are analytics and research cookies that allow us to count visits and measure traffic, so we can measure and improve the performance of our site. They also help us to know which pages are the most and least popular and see how visitors move around the site. This helps us to improve the way the website works and improve user experience. All information these cookies collect is aggregated and therefore anonymous. You can set your browser to block or alert you about these cookies. Blocking these cookies will not affect the service provided to you. See Section 4 of this notice for more information on how to manage the collection of this information, or, refer to your email browser or device instructions.
- Targeting cookies:
- These cookies are set by us and our advertising partners to record your visit to the website, the pages you have visited and the links you have followed. We, and our advertising partners, will use this information to make the website, and, the advertising displayed to you more relevant to your interests. You can set your browser to block or alert you about these cookies. Blocking these cookies will not affect the service provided to you, but will limit the targeted advertising that you will see, or limit our ability to tailor the website experience to your needs. See Section 4 of this notice for more information on how to manage the collection of this information, or, refer to your email browser or device instructions.
- Third-Party and Social Media Cookies:
- These cookies are set by a range of social media services that we have added to our websites that enable you to share our content with your colleagues, friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages that you see on other websites that you visit. If you do not allow these cookies you may not be able to use or see the social media sharing tools. See Section 4 of this notice for more information on how to manage the collection of this information, or, refer to your email browser or device instructions.
- Tracking Technologies Including Pixels, Script, Web Beacons/Gifs, Page Tags:
- These files, or, code may be included in our emails and mobile apps to record how you interact with us, to help us better analyse and improve our services to you. Again, you can block the cookies either through your browser or device settings, and these settings will apply to all cookies whether included on websites or in emails. However, in some instances, depending on your email or browser settings, the files may be automatically accepted (for example, when you've added an email address to your address book or safe senders list). See Section 4 of this notice for more information on how to manage the collection of this information, or, refer to your email browser or device instructions.
- Tracking Via Mobile Apps:
- When you use our mobile applications, we may record information unique to you that is associated with your device (such as the device ID and IP address), your activity within the App, and, your network location. This information is used to measure and improve the performance of our App, to help us to know elements that are the most and least popular, and, see how visitors move around the App itself. This helps us to improve the way the App works and improve user experience. See Section 4 of this notice for more information on how to manage the collection of this information, or, refer to your email browser or device instructions.
3. THIRD-PARTY COOKIES
Our third-party cookie list provides an overview of the performance, targeting, third party, and, social media domains your browser may contact as a result of a visit to our site, and our intended purpose for inclusion. Please note that the cookies and other technologies may change over time.
How to refuse the use of cookies
You can prevent your browser from accepting certain cookies, have the browser require your consent before a new cookie is placed in your browser, or block cookies altogether by selecting the appropriate settings on your browser privacy preferences menu.
The links below will help you find the settings for some common browsers (please note that we are not responsible for the content of external websites):
- Manage cookie settings in Chrome and Chrome Android and Chrome iOS
- Manage cookie settings in Safari and Safari iOS
- Manage cookie settings in Firefox
- Manage cookie settings in Internet Explorer
- Manage cookie settings in Opera
For all other browsers, or, for alternative advice, help may be sought by visiting www.allaboutcookies.org, or, via your device user manual, or, online help files. For information on how to opt-out of cookies set by our suppliers, please visit the applicable links listed in the table above.
4. THIRD PARTY WEB ADVERTISING SERVICES
Our Services may use Google Analytics, particularly within our marketing or free content sites, for the purposes of analyzing visitor/customer site interactions including interactions with our online marketing campaigns. For information about how Google processes the data collected please refer to the Google Privacy Policy.
You may opt-out of third party web advertising services that provide personalised advertising based on your online activity. You can also configure your web browser to delete and/or block the use of cookies for any third party (see Section 4 for further information).
Please note: Clicking the links above will redirect you to the appropriate third party website. We are not responsible for the content of external websites. Opting out of Advertising Cookies will not remove advertising from the pages you visit; instead it means the ads you will see may not be matched to your interests.
5. CHANGES
We will update this cookie notice from time to time. Any changes will be posted on this page with an updated revision date. If we make any material changes, we will provide notice through the Service or by other means.
6. CONTACT
If you have any questions, comments, complaints or requests regarding this cookie notice or our processing of your information, you can contact us via our policies page.
You may also lodge a complaint with the data protection authority in the applicable jurisdiction.
Third Parties
Third parties
We ask other organisations to provide support services to us. When we do this, they have to agree to our privacy policies if they need access to any personal information to carry out their services.
Our website may contain links to or from other websites. We try to link only to websites that also have high standards and respect for privacy, but we are not responsible for their security and privacy practices or their content. We recommend that you always read the privacy and security notices on these websites.
When we may reveal personal information without consent
We will not reveal personal information to anyone outside Effectualness or certain of our service providers without your permission, unless:
- we must do so by law or in terms of a court order
- it is in the public interest
- we need to do so to protect our rights
- there is a legitimate purpose for the sharing.
Marketing by email or social text messages via WhatsApp or Signal etc.
If you give us permission, we may use your personal or other information to tell you about products, services and special offers from us or our vendors that may interest you. We will do this by email or social text message (STM). If you later decide that you do not want us to do this, please contact us and we will stop doing so. This may be done by visiting our website and chatting to our AI BOT or by way of sending an email to privacy@effectualness.co.za or you can opt-out via our privacy portal: https://www.effectualness.co.za/dsar-intake-requests/
When we may reveal personal information without consent
We will not reveal personal information to anyone outside Effectualness or certain of our service providers without your permission, unless:
- we must do so by law or in terms of a court order
- it is in the public interest
- we need to do so to protect our rights
- there is a legitimate purpose for the sharing.
Our security practices
We are committed and obliged to implement all reasonable controls to safeguard access to your personal information.
Where third parties are required to process your personal information in relation to the purposes set out in this notice and for other legal requirements, we ensure that they are contractually bound to apply the appropriate security practices. All use of our website and transactions through it are protected by encryption (secret codes) in line with international standards.
We may share with or receive personal information from parties as set out above, where these parties reside outside of the Republic of South Africa.
Your rights to access information
You have the right to request access to the personal information we process about you. You may exercise this right by following the Promotion of Access to Information (PAIA) manual, available on our website.
If you have any questions regarding this, please let us know at privacy@effectualness.co.za.
International data transfers
[POPIA, art. 18(1)(g)]Personal Information we collect may be sent to third countries and processed by us there or in other countries. We will make sure that the recipient country is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection.
We will process your personal information in other countries in which our cyber solution and digital transformation vendors are located, either to carry out your instructions or for ordinary business purposes. These countries may not have the same level of protection. We will only process your personal information with your consent. If necessary, we will ask the party to whom we transfer your personal information to agree to our privacy principles, associated policies and practices.
Our vendors are as follows together with their applicable data privacy laws and link to their privacy policy:
Vendor | Location | Privacy Law Applicable | Privacy Policy |
Comodo Security Solutions | New Jersey, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.comodo.com/repository/privacy-policy.php?af=14971 |
eM Client | Czech Republic, EU | UK Data Protection Act 1998 The European Data Protection Directive 95/46/EC/ General Data Protection Regulation Act | https://www.emclient.com/docs/em-client-privacy-policy.pdf |
ImmuniWeb | Geneva, Switzerland, Non-EU State | Federal Act on Data Protection | https://www.immuniweb.com/pages/privacy.html |
Enter Srl t/a Imperius | Italy | General Data Protection Regulation Act | https://www.iperiusbackup.com/privacy-gdpr.aspx?lang=en |
NeuShield | Silicon Valley, California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.neushield.com/about/privacy/ |
Panda Security | Spain, EU | General Data Protection Regulation Act | https://www.pandasecurity.com/en/homeusers/media/legal-notice/#e10 |
Passware | Estonia, Europe | General Data Protection Regulation Act | https://www.passware.com/privacy/ |
Radix (Digital Transformation Partner) | India, | Personal Data Protection Bill | https://radixweb.com/privacy-policy |
Sectigo | New Jersey, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://sectigo.com/privacy-policy |
SentinelOne | Silicon Valley, California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.sentinelone.com/legal/privacy-policy/ |
Important acts of the US are: The California Consumer Privacy Act, Maine’s data privacy law, Nevada’s opt-out law, Vermont’s data broker law, Health Insurance Portability & Accountability Act
Fair and Accurate Credit Transactions Act, Children's Online Privacy Protection Act, Electronic Communications Privacy Act and Shield Act
We are in the progress of obtaining communication confirming that the security measures are similar to POPIA and the EU GDPR as we take defending your personal information and personally identifiable information very seriously.
Recipients or category of recipients of the information
[POPIA, art. 18(1)(h)(i)]We may share your information with third-party vendors, consultants and other service providers who we employ to perform tasks on our behalf. These companies may include (for example) our payment processing providers, website analytics companies, product feedback or help desk software providers, CRM service providers, email service providers and others.
Our vendors are as follows together with their applicable data privacy laws and link to their privacy policy:
Vendor | Location | Privacy Law Applicable | Privacy Policy |
Comodo Security Solutions | New Jersey, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.comodo.com/repository/privacy-policy.php?af=14971 |
eM Client | Czech Republic, EU | UK Data Protection Act 1998 The European Data Protection Directive 95/46/EC/ General Data Protection Regulation Act | https://www.emclient.com/docs/em-client-privacy-policy.pdf |
ImmuniWeb | Geneva, Switzerland, Non-EU State | Federal Act on Data Protection | https://www.immuniweb.com/pages/privacy.html |
Enter Srl t/a Imperius | Italy | General Data Protection Regulation Act | https://www.iperiusbackup.com/privacy-gdpr.aspx?lang=en |
NeuShield | Silicon Valley, California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.neushield.com/about/privacy/ |
Panda Security | Spain, EU | General Data Protection Regulation Act | https://www.pandasecurity.com/en/homeusers/media/legal-notice/#e10 |
Passware | Estonia, Europe | General Data Protection Regulation Act | https://www.passware.com/privacy/ |
Radix (Digital Transformation Partner) | India, | Personal Data Protection Bill | https://radixweb.com/privacy-policy |
Sectigo | New Jersey, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://sectigo.com/privacy-policy |
SentinelOne | Silicon Valley, California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.sentinelone.com/legal/privacy-policy/ |
Important acts of the US are: The California Consumer Privacy Act, Maine’s data privacy law, Nevada’s opt-out law, Vermont’s data broker law, Health Insurance Portability & Accountability Act
Fair and Accurate Credit Transactions Act, Children's Online Privacy Protection Act, Electronic Communications Privacy Act and Shield Act
We are in the progress of obtaining communication confirming that the security measures are similar to POPIA and the EU GDPR as we take defending your personal information and personally identifiable information very seriously.
The technology employed to run our business that will interact with your data:
Our technology partners are as follows together with their applicable data privacy laws and link to their privacy policy:
Internal Use Technology Partner | Purpose of technological use | Location | Privacy Law Applicable | Privacy Policy |
Axel Blockchain Cloud Storage | Website Cloud files (view/download) | Las Vegas, Nevada, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act Nevada’s opt-out law | https://www.axel.org/privacy-policy-for-axel-websites-and-applications/ |
Host Poco Web Hosting | Web Server for (Website Only) | Data Center, Long Island, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.hostpoco.com/privacy-policy.php |
Comodo Endpoint Security | Endpoint Security | New Jersey, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.comodo.com/repository/privacy-policy.php?af=14971 |
Neu Shield (Data Sentinel) | Mirror Shielding™ Boot Protection Disk Wipe Protection Cloud Drive Protection Revision History using Data Engrams™ File Lockdown Cloud Management One-Click Restore Large File Support | Silicon Valley, California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.neushield.com/about/privacy/ |
Cloud Flare - CDN | Minification, HTTP/2 Protocol ECC SSL over R3 SSL, DNS Security Cloud WAF, Image Optimization Browser Caching, WebSockets Load Balancing, Optimized Network Routing, Page Rules, AMP Real URL Rate Limiting | San Francisco, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.cloudflare.com/privacypolicy/ |
Ruby AI | Machine Learning, AI BOT | California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.ruby.com/privacy/ |
HubSpot | CRM, Workflow, Forms | Cambridge, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://legal.hubspot.com/privacy-policy |
JotForms | Online Forms | San Francisco, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.jotform.com/privacy/ |
OneTrust | Privacy, Security & Governance Tools | London, Non-EU (Brexit) | The Data Protection Act | https://www.onetrust.com/privacy/ |
Odoo | ERP Solution | Belgium, EU | General Data Protection Regulation Act | https://www.odoo.com/privacy |
Freshdesk | Ticketing | San Mateo, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.freshworks.com/privacy |
Google Drive | Operational Data (Non- PI/PII) for use as a cloud office suite then covered with ENC encryption technology | California, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://policies.google.com/privacy |
ImmuniWeb | Vulnerability Scanning | Geneva, Switzerland | Federal Act on Data Protection | https://www.immuniweb.com/pages/privacy.html |
Iperius Backup | Data Backup and Restore (System Image Only as all our work is cloud-based) | Italy | General Data Protection Regulation Act | https://www.iperiusbackup.com/privacy-gdpr.aspx?lang=en |
Mega. NZ | Operational Data (Non- PI/PII) Storage of encrypted company records with ENC encryption technology | Auckland, New Zealand | The Privacy Act | https://mega.io/privacy |
One Trust | Privacy, Security & Governance | London, UK | General Data Protection Regulation Act | https://www.onetrust.com/privacy/ |
OPSWAT Endpoint Compliance | Remediation and Device Management as the philosophy is Trust no file. Trust no device. | Tampa, Florida, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://onlinehelp.opswat.com/policies/OPSWAT.com_Privacy_Policy.html |
Tresorit AG | Storage of customer PI & PII when data is at rest as our files are protected with end-to-end encryption with Swiss Privacy on top of that. | Zurich, Switzerland (Non-EU) | Federal Act on Data Protection | https://tresorit.com/legal |
Zoho Corporation | Independent Mail Server from our web hosting server | Data Center, Pleasanton, USA | The California Consumer Privacy Act Health Insurance Portability & Accountability Act Children's Online Privacy Protection Act Electronic Communications Privacy Act | https://www.zoho.com/privacy.html |
Important acts of the US are: The California Consumer Privacy Act, Maine’s data privacy law, Nevada’s opt-out law, Vermont’s data broker law, Health Insurance Portability & Accountability Act
Fair and Accurate Credit Transactions Act, Children's Online Privacy Protection Act, Electronic Communications Privacy Act and Shield Act
We are in the progress of obtaining communication confirming that the security measures are similar to POPIA and the EU GDPR as we take defending your personal information and personally identifiable information very seriously.
Retention of your Data (PI & PII)
This section describes for how long we would retain your data in terms of holistic legislature and regulation. We ensure strict controls in defending your data against any adversary that may try to attempt to compromise our IT infrastructure and systems and we endeavour to be a step ahead of the adversary by 99.9%.Introduction
Section 14 of POPI deals with the retention and restriction of records of personal information, and it prescribes that “records of personal information must not be retained any longer than is necessary for achieving the purpose for which the information was collected or subsequently processed“. The purpose, therefore, becomes very important. There are however some exceptions, for example where the “retention of the record is required or authorised by law“. In some circumstances, you can retain records for “historical, statistical or research purposes“.
We have adopted the advisable retention policy as per SAICA's Guideline for data retention available here
Right to change this privacy and security notice
We may always change this privacy and security notice. We will put all changes on our website. The latest version of our privacy and security notice will replace all earlier versions of it unless it says differently. Email us at privacy@effectualness.co.za if you have any questions about this privacy and security notice.
Rights of the data subject
[POPIA, art. 18(1)(h)(iii), (iv) and (v)]You have the right to request access to your information, including information about the identity of third parties, or categories of third parties, who have or had access to such information.
You have also the right to require us to correct or delete personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully, or to delete information that we can no longer retain.
You can also object to the processing of your personal information when the process is based on legitimate interest, the performance of a public law duty or direct marketing.
You can perform your request for data subject access rights in terms of the POPI Act via our DSAR Intake request: https://www.effectualness.co.za/dsar-intake-requests/ which gives you the power by enforcing your rights.
DSAR covers the following:
- Opt-in
- Opt-out
- Correction Request
- Access Request
- Deletion Request
- Object to Processing
- File a Complaint
- Review Automated Decision
- Withdraw Consent
You can lodge a complaint to the Information Regulator at any time. https://www.justice.gov.za/inforeg/contact.html
Promotion of Access to information act
The promotion of the Access to information act (PAIA) was passed in order to give effect to the constitutional right of access to information held by a public or private body for the exercise or protection of any right.
Effectualness (Pty) Ltd is a private body as defined in the Act. Effectualness is bound by this Act and shall process any request made in terms thereof.
Please click on the links below to access the Effectualness information manual and Request form.
The Effectualness information manual
The request form
Right of access to information
The promotion of the Access to information act was passed in order to give effect to the constitutional right of access to information held by a public or private body for the exercise or protection of any right.
A requester must be given access to any information record of Liberty if all the following requirements are met:
The record is required for the exercise or protection of any right of the individual.
The requester meets the procedural requirements of the Act relating to a request for access to an information record.
The request falls outside any of the grounds of refusal contemplated in the act.
Request procedure
The following procedure is applicable to requests for access to information in terms of the act:
The requester must complete in full the prescribed request form and send that to the Information Officer
Where required to do so by the Group Privacy Officer, the requester must deposit a prescribed fee to ensure that processing takes place (The requester will be notified where the Group Privacy Officer requires a deposit)
The prescribed fee, where applicable, as provided for in our PAIA manual, must be paid and proof of payment (e.g. copy of deposit slip) submitted following your request (Please ensure that you use the following reference for your deposit or we will not be able to identify it as belonging to you: "PAIA" followed by your initial(s) and surname e.g. If your initials and surname is PT Singh, you must use PAIA PT Singh as your reference).
If you qualify for exemption of the payment of any fee, please state the reason for exemption
The completed request form and proof of deposit must be sent to us in electronic format only by way of:
Smart Messaging (WhatsApp/Signal): 081 376 9328
E-mail: privacy@effectualness.co.za
Upon receipt of the request form and proof of deposit, Effectualness:
- Assess the request form to ensure completeness
- Confirm receipt of the request fee
- Process the request if it meets the procedural requirements of the act
- Notify the third party where applicable
- Decide whether to grant or deny the request
- Let the requester know of the decision
- Notify the requester about the payable access fee if the request is granted
- Repay the R50 (fifty rands) request fee to the requester if the request is refused
- Release the requested information record to the requester upon confirmation of receipt of the payable access fee