privacy policy.

This is the privacy policy of MDOT Consulting (Pty) LTD (Registration number 2019/116287/07) and includes the entities of:

  • MDOT Consulting (Pty) LTD (2019/116287/07)

This policy details how we collect, store, protect and use personal information – that is information that can be used to identify an individual or a company (juristic person).

Personal information includes:

  • certain information that is collected automatically when you visit our website,
  • certain information collected on registration;
  • certain information collected on submission; and
  • optional information that you provide to us voluntarily.

Additional information captured on the website that does not classify as personal information may also be collected and processed, including but not limited to:

  • anonymised information,
  • de-identified information that cannot be associated with an individual,
  • statistical information,
  • information that is public knowledge, which has been publicly and voluntarily disclosed.
  1. Lawful Processing of Personal Information

    The conditions for the lawful processing of personal information by or for a responsible party are the following, as per the Protection of Personal Information Act of 2013 (POPIA):

    1. Accountability
    2. Processing Limitation
    3. Purpose Specification
    4. Further Processing Limitation
    5. Information Quality
    6. Openness
    7. Security Safeguards
    8. Data Subject Participation
  2. General Provisions

    1. This policy applies to all personal information processed by the company and its related entities.
    2. The Information Officer shall take responsibility for compliance with this policy.
    3. The policy will be reviewed annually.
  3. Lawful, fair and transparent processing

    1. To ensure its processing of data is lawful, fair and transparent, a Register of Systems and Activities will be maintained.
    2. The Register shall be reviewed at least annually.
    3. Individuals have the right to access their personal data and any such requests made to us shall be dealt with in a timely manner.
  4. Lawful Purposes

    1. All data processed must be done on one of the following lawful bases: consent, contract, legal obligation, public task or legitimate interests.
    2. We shall note the appropriate lawful basis in the Register of Systems.
    3. Where consent is relied upon as a lawful basis for processing data, evidence of opt-in consent shall be kept with the personal data.
    4. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent will be clearly available and systems should be in place to ensure such revocation is reflected accurately.
  5. Data minimisation

    1. We shall ensure that personal information collected is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
  6. Accuracy

    1. We shall take reasonable steps to ensure personal information is accurate.
    2. Please update us via online forms, registrations, email or phone should your information need to be corrected or updated.
    3. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal information is kept up to date.
  7. Archiving / Removal

    1. To ensure that personal data is kept for no longer than necessary, archiving policies are in place for each area in which personal data is processed.
    2. Archiving policies are reviewed annually.
    3. The archiving policy shall consider what data should/must be retained, for how long, and why.
    4. Campaign data is only retained and used for one year.
  8. Security

    1. We shall ensure that personal information is stored securely using modern software and systems that are kept up-to-date.
    2. Access to personal information shall be limited to personnel who need access and appropriate security is in place to avoid unauthorised sharing of information.
    3. When personal information is deleted this will be done safely such that the data is irrecoverable.
    4. Appropriate back-up and disaster recovery solutions are in place.
    5. Vulnerability assessments and hardening are performed on systems where personal information is stored.
  9. Breach

    1. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the appropriate authorities and subjects as required by law.
  10. Cookies

    1. We may use cookies in order to grant you a personalised experience when dealing with us.
    2. You may decline the installation of cookies; however, this may degrade your website experience.
    3. Third party cookies may be in use in order to deliver a service via our website by means of a third-party online service – such as YouTube or Google Analytics.
  11. Collection of Information

    1. We will obtain your consent when collecting personal information for processing purposes.
    2. On registration for services or promotions, you may provide us with the following information:
      1. Name and surname
      2. Email address
      3. Contact numbers
      4. Physical address
      5. Company name
      6. Company address
      7. Company VAT number
      8. Company contact person
      9. Company phone number 
    3. By using our website, we receive and may record details such as:
      1. Your IP address
      2. Bounce rate
      3. Page time
      4. Cost per Click
      5. Most Visited Pages
      6. Device Information 
    4. From time to time, we may run promotional campaigns in which additional details are collected. This information would be provided voluntarily by you in order to participate or receive a prize delivery.
  12. Purpose of Collection

    1. We may process your information for provision of services that you agreed to when providing it to us.
    2. We may process your information for billing purposes.
    3. We may process your information for ongoing communication during the course of regular business.
    4. We may process your information for lawful marketing purposes.
  13. Marketing and Targeted Content

    1. We, from time to time, may run targeted campaigns on social media and other platforms. These campaigns would be subject to the privacy policies of their respective platforms as well as this privacy policy.
  14. Sharing of Information

    1. We will not sell personal information. No personal information will be disclosed to anyone except as provisioned in this Policy.
    2. We may disclose personal information if required by court order or to comply with the law.
    3. Information may be shared between the groups indicated on this policy in order to provide a service to clients.
  15. Cross Border Transfers

    1. We may transfer your information outside of the country in which it was collected for processing.
    2. You consent to us processing your personal information in a foreign country where required for completion of our obligations.
  16. Queries

    1. For any queries relating to our policy, please contact us on hello@mdot.co.za.