Your privacy is critically important to us.
Hand Made by Fynbossie is located at:Hand Made by Fynbossie
Brackenfell, Cape Town
7560 – Western Cape , South Africa
1 POLICY PURPOSE
1.1 Hand Made by Fynbossie Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.
1.2 With this policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights.
2.1 This policy refers to all parties (employees, job candidates, customers, suppliers etc.) who provide any amount of information to us.
3 Who is covered under the Data Protection Policy?
3.1 Employees of Hand Made by Fynbossie and its subsidiaries must follow this policy.
4 POLICY OVERVIEW
4.1 As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, identity numbers, financial data etc.
4.2 Hand Made by Fynbossie collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.
Our data will be:
4.2.1 Accurate and kept up-to-date
4.2.2 Collected fairly and for lawful purposes only
4.2.3 Processed by the company within its legal and moral boundaries
4.2.4 Protected against any unauthorized or illegal access by internal or external parties
4.3 Our data will not be:
4.3.2 Stored for more than a specified amount of time
4.3.3 Transferred to other organizations or countries that do not have adequate data protection policies
4.3.4 Distributed to any party other than the ones agreed upon by the data’s owner (exempting legitimate requests from law enforcement authorities)
4.3.5 In addition to ways of handling the data the company has direct obligations towards people to whom the data belongs.
4.4 Specifically we must:
4.4.1 Let people know which of their data is collected
4.4.2 Inform people about how we’ll process their data
4.4.3 Inform people about who has access to their information
4.4.4 Have provisions in cases of lost, corrupted or compromised data
4.4.5 Allow people to request that we modify, erase, reduce or correct data contained in our databases
5 PERSONAL INFORMATION
5.1 “personal information” is data that can be used to identify a person. It is defined as “information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.” This information about a person includes, but is not limited to: Race; Gender; Sex; Pregnancy; Marital status; National / ethnic / social origin; Colour; Sexual orientation; Age; Physical or mental health; Disability; Religion / beliefs / culture; Language; Educational / medical / financial / criminal or employment history; ID number; Email address; Physical address; Telephone number; Location; Biometric information; Personal opinions, views or preferences.
5.2 “data subject” is a person whose personal information has been processed. To put this in context, if you hold someone’s personal data on file, that person is a data subject.
5.3 “responsible party” and Hand Made by Fynbossie means Hand Made by Fynbossie reg no 2018/597096/07 and all its related Franchises / Branches
5.4 “office” means the office of Hand Made by Fynbossie respectively
5.5 “system” means the following systems, computer software or programmes used by Hand Made by Fynbossie.
6 INFORMATION OFFICER
6.1 The designated information officer for Hand Made by Fynbossie is Bianca Smith and his/her contact details firstname.lastname@example.org
6.2 All employees and staff must strictly adhere to any request pursuant to the information officer’s duties.
6.3 All complaints about the information officer, his/her duties or requests must be referred to the head of the branch.
6.4 Staff and employees must remain mindful of the group’s or company responsibility to ensure compliance with the Act, and the respective fines that may be ascribed to the group or company should it not comply.
6.5 The duties of the information officer will include:
6.5.1 Ensure that a compliance framework is developed, implemented, and monitored.
6.5.2 To encourage compliance by the organization, with the conditions for the lawful processing of personal information
6.5.3 Assist and deal with any request made in terms of the Protection of Personal Information Act, 4 of 2013 (POPIA) or Promotion of Access to Information Act, 2 of 2000 (PAIA).
6.5.4 To work with the Regulator in relation to any investigations be conducted pursuant to the POPIA.
6.5.5 Ensure compliance by the organization to POPIA and PAIA
6.5.6 To conduct continuous personal information impact assessments
6.5.7 Ensure that adequate measures and standards exist to comply with the conditions for the lawful processing of personal information.
6.5.8 Conduct regular awareness sessions regarding the provisions of the Act, regulations made in terms of the Act, codes of conducts, or information obtained from the Regulator.
6.5.9 Ensure that the organization’s policies and procedures for the lawful processing of information is continuously updated and relevant to the current processes within the organization.
6.5.10 Upon request of any person provide copies of the manual to that person upon payment of a fee determined from time to time by the Regulator.
6.5.11 Ensure that you are familiar with POPI and PAIA and amendments made thereto or any other legislation that may be relevant and applicable to the processing of information or your appointment herein.
7 STAFF AWARENESS
7.1 All employees will be provided with staff awareness material in respect of the POPIA and ensure that they understand:
7.1.1 What Personal Information is defined as;
7.1.2 The Life Cycle of Information that is processed;
7.1.3 The Processing Conditions as set forth by the Act;
7.1.4 The Penalties for Non-Compliance;
7.1.5 Direct Marketing under the Act;
7.1.6 General Understanding of the objectives envisaged by the Act.
7.2 Any further or future staff awareness sessions will be compulsory for all to attend on an as may be required by the Information Officer from time to time.
8 STORING INFORMATION
8.1 All personal information received and processed from a data subject must always be secured.
8.2 It remains the obligation of the employee or staff who is in possession of the personal information that it is correctly secured according to this internal policy.
8.3 Hard copy information, including forms, contracts, or any other physical document with personal information of the data subject must always be:
8.3.1 Secured in a locked or secured in a folder or otherwise when not stored in the office.
8.3.2 Personal Information must be kept under lock in the office in the designated area or cabinet.
8.4 Soft Copy information must be stored electronically on a secured device. All devices must be secured as set out in this internal policy.
9 SHARING INFORMATION
9.1 Information may only be shared pursuant to the consent obtained by the client.
9.2 Information may not be shared with any other party not lawfully entitled to such information.
9.3 Information may only be shared for the purpose which it was consented to be shared for.
10 DELETING, ARCHIVING AND DESTROYING INFORMATION
10.1 Information requested by the client to be deleted or destroyed must be done as directed by the Information Officer.
10.2 All information to which the employee or staff is not lawfully entitled to must be removed from the system with prior authorization from the Information Officer.
10.3 All hard copy documents that contain personal information in the office must be shredded or otherwise destroyed.
11 EMPLOYEE INFORMATION
11.1 Al employees and staff information is confidential.
11.2 No information may be shared or otherwise processed unless lawfully entitled to do so and by the head or as otherwise directed.
11.3 Should any employee or staff member leave the employee of Hand Made by Fynbossie, the company will ensure that information is archived, destroyed or deleted as the case may be.
11.4 Sharing of employee information is strictly prohibited.
12 IT SECURITY
12.1 All employees and staff must be familiar with the systems used by Hand Made by Fynbossie.
12.2 Employees must ensure that their mobile devices and laptops are secured at all times.
12.3 Any theft or system breach of a mobile device must be reported immediately to the Information Officer.
12.4 Hand Made by Fynbossie may request from time to time to inspect any and all mobile devices to ensure that the proper malware protection is installed on the devices, this may include malware protection, passwords and usernames.
12.5 Employees and staff are cautioned from using any “open” or “unsecured” Wi-Fi connections.
13 DISCIPLINARY ACTION
13.1 We expect all our employees to always follow this policy and those who cause security breaches may face disciplinary action:
13.1.1 First-time, unintentional, small-scale security breach may be issued with a verbal warning and train the employee on security.
13.1.2 Intentional, repeated or large scale breaches (which cause severe financial or other damage) will have severe disciplinary action up to and including summary dismissal.
Like most website operators, Hand Made by Fynbossie collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Hand Made by Fynbossie’s purpose in collecting non-personally identifying information is to better understand how Hand Made by Fynbossie’s visitors use its website. From time to time, Hand Made by Fynbossie may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
Hand Made by Fynbossie also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on https://madebyfynbossie.com blog posts. Handmade by Fynbossie only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below.
To enrich and perfect your online experience, Hand Made by Fynbossie uses “Cookies”, similar technologies and services provided by others to display personalized content, appropriate advertising and store your preferences on your computer.