PRIVACY POLICY
General
This is the privacy policy of TopCode,
This policy details how we collect, store, protect and use personal information – that is information that can be used to identify an individual or a company (juristic person) – in connection with the services we may offer through our www.topcode.co.za website (referred to as the “Site”) and through your dealings with us (referred to as the “Services”).
Audience
Personal information submitted to us by using this Site or our Services is governed by this Privacy Policy.
As the Operator or Processor
Where we have been contracted by another company, such as your employer or a company you are dealing with directly, please be aware that we are not the entity responsible for making decisions on your data, but instead are rendering services to the company that you are dealing with directly. Please refer to the Privacy Policy of the company you are dealing with in these cases.
As the Controller or Responsible party
Where you are dealing with us directly by means of our Services or Site, this Privacy Policy applies. You are not required to provide us with any personal information when using the Site, unless you choose to engage with us in a manner that requires us to have your information (such as by subscribing to our newsletter or enquiring about our Services). Should you engage us for our Services, you will be required to provide further information as detailed in this Privacy Policy.
What is Personal Information?
Personal information includes:
- certain information that is collected automatically when you visit our website,
- certain information collected on engaging our Services;
- certain information collected on submission; and
- optional information that you provide to us voluntarily.
Additional information captured on the website that does not classify as personal information may also be collected and processed, including but not limited to:
- anonymised information,
- de-identified information that cannot be associated with an individual,
- statistical information,
- information that is public knowledge, which has been publicly and voluntarily disclosed.
TopCode will not contact minor children with promotional offers or for marketing purposes unless explicit written consent is received by a parent or guardian to do so. It is, however, not the duty of Topcode to regulate the use of our website by minors and such responsibility falls to the parents or guardians of the minor children.
Who is processing your data?
In the case that we are the Data Controller or Responsible Party, then data processing is processed by us, an entity incorporated within the laws of South Africa, with the following contact details:
Company Name: TopCode
30 Beaver Street, Midstream Meadows Centurion, South Africa, 1692
Email: info@topcode.co.za
What are we processing and why?
There are various ways in which we may process your data. This section details our purposes for processing, our legal basis for the processing, and our storage periods.
In certain cases, we will process your data after obtaining your consent. You are free to withdraw your consent at any time. We may process your data with your consent for the following purposes:
- Electronic communications, such as subscribing to our mailing list or by contacting us via a form or email address upon the Site.
- Cookies, in order to grant you a personalised experience when dealing with us. You may decline the installation of cookies; however, this may affect the functionality of our website or prevent you from using the Site entirely. If you opt out of using cookies, we may store a single cookie in order to remember this preference.
- For website analytics, storing details such as your IP address, bounce rate, page time, cost per click, most visited pages, and device information. These tracking cookies may be declined at any time.
- For promotional campaigns, in which case additional information may be volunteered by you in order to participate in the promotion or to receive a delivery.
- For employment applications, by submitting your required documentation in order to apply for a position within the company.
We will process your data when we have to perform a contract; for as long as the contractual relationship is in place, and for all statutory data retention requirements following the end of the relationship. In order to fulfil our obligations to you in terms of the Services you have engaged us for, we will need to process your data.
In terms of an employment application, should your application be successful, we shall enter into an employment contract with you, and will process your information for as long as the employment agreement is in place, and for a time following the end of the relationship as dictated by local labour legislation. Should your application be unsuccessful, we will securely dispose of your information once deemed no longer relevant. We may retain your name and surname as an identifier for having applied in the past.
We may also process your data in terms of legitimate interest, as long as the data being processed is strictly necessary, proportional, and does not infringe on your individual rights to privacy. Processing may take place in terms of the following necessary scenarios:
- To monitor and analyse how to improve our Service and/or our Site, as well as to keep the same secure and free from abuse. This may include communications such as surveys or direct electronic communications.
- To keep active communications with you while you are our contracted client. Certain communications are necessary during delivery of our Services, and we have a legitimate interest in keeping you informed about our Services.
Where is your data processed?
In some cases, your information may be stored and processed outside of the country or region where it was originally collected in order to complete our obligations to you. In some of these countries, you may have fewer rights in respect of your information than you do in your country of residence.
Your agreement to the terms of this Privacy Policy, followed by your submission of information in connection with our Services, represents your agreement to this cross-border transfer of personal data.
Our primary region for storing and processing data is South Africa.
Who else will have access to your personal information?
We may share your information with our service providers and processors in order to deliver the Services to you. These will often be providers that offer solutions for hosting, marketing and other business-critical operations. In the case of third parties processing data, we require that they comply with our internal standards, policies, technical and organisational measures, ensuring that your data is protected and remains confidential. We will only share data in accordance with this Privacy Policy and with approved and contractually appointed third parties.
When you authorise us to do so, we may also share your data with other companies so that they can process the data for other purposes, as explained in more detail when we request your prior consent. In addition, if you provide consent for the installation of cookies, your data may be processed by third parties. These cookies are subject to the third parties’ respective Privacy Policies.
Where necessary and compelled by authorities to do so, we may share your information with law enforcement and competent courts. We may also share your information where we have to take legal action to protect our, or third-party rights.
We will not sell your information. Our contracts dictate that third-party service providers may not use your information for their own benefit or for any services other than those requested by us.
HOW ARE WE PROCESSING YOUR DATA?
We will only process personal data as a result of the provision of our Services, or in operating our Site. Should we have reason to believe that your instructions infringe on data protection regulation, we will inform you promptly.
We will ensure that our employees are subject to confidentiality agreements and any statutory privacy obligations.
To provide you with the Services, we may need to use other service providers, as well as hire new providers in the future. Those companies will only process the data to the extent necessary to render the Services, and we will enter into written agreements with them to make sure that said companies comply with the obligations included in this Privacy Policy and implement all necessary security measures to ensure adequate protection of the data.
In the event that we should change upstream service providers that are involved in providing you with Services, or where we may need to hire additional companies to provide the Services, you have the right to reasonably oppose such an appointment. Such opposition shall be addressed on a case-by-case basis in accordance with the appropriate data protection regulation.
We will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. At your request and expense and taking into account the nature of processing and the information available to us, we shall reasonably assist you in compliance with the security obligations set forth by data protection regulation.
A list of our sub-processors (and their respective processing regions) is available on request and is included in our Data Processing Agreements
What happens in the event of a breach?
In the event of a confirmed breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, we shall promptly assess the risk to people’s rights and freedoms and without undue delay report this breach to the appropriate authorities, controllers, responsible parties, and subjects as required by law.
We will cooperate with you and take such reasonable commercial steps as are directed by you to assist in the investigation, mitigation, and remediation of each such data breach.
Your rights
You have the right to request access to, and rectification or erasure of your personal information. You may also restrict process, or object to processing in accordance with relevant data protection regulation.
In cases where consent was given, you have the right to withdraw consent at any time.
If you do request that your information is deleted, all information will be permanently erased, except for the information that we are required to keep by law. You may exercise your rights at any time by lodging a request with our Information Officer at info@topcode.co.za.
Updating your information
You may update your information in writing at any time by submitting a support request or sending an email to our Information Officer at info@topcode.co.za. Please remember that it is your duty to keep information updated so we can correctly provide you with the Services, and you undertake to verify the information you have handed us from time to time to make sure that it is accurate.
Changes to this policy
This policy may be updated from time to time. You may be required to accept the update Privacy Policy in order to keep using our Services. Alternatively, we may post non-material changes to this Privacy Policy on our Site, with a notice advising of the effective date of the changes. We may notify you of material changes to the Privacy Policy by email (or otherwise) prior to the effective date of the changes.