Biztech (Pty) Ltd (referred to as "Guideline", "we", "us", "our") respect and acknowledge the importance of protecting your personal information.
Guideline is a "responsible person" in terms of the South African Protection of Personal Information Act, 2013 ("POPI") and a "controller" in terms of the General Data Protection Regulation (GDPR)(EU) 2016/679 of the European Union in that it determines the purpose and the manner of processing of personal information that it uses.
Guideline does not provide services intended for children and accordingly, we do not knowingly collect personal information relating to children.
What personal information we collect
When you interact with us, you may provide us with personal information or we may collect personal information from you by law or under terms of a contract we have with you. You can choose not to provide personal information when requested. However, without your requested personal information, we may not be able to provide or continue to provide you with the products or services offered by Guideline or allow you full access to our websites. If you refuse, we may have to cancel a product or service you have with us but we will notify you if this is the case.
we will only collect, use, store and transfer the minimum personal information that we deem necessary to process for ordinary business purposes. Personal information we collect from you may include:
- - your first and last or company name, email address, phone number and other contact information;
- - log-in and account information for authentication purposes and account access;
- - your marketing preferences;
- - demographic data such as your gender, age, country and preferred language;
- - data about how you and your PC or device interact with Guideline, including web pages you visit when you use our websites and device, connectivity and configuration data.
It is not standard practice for us to collect sensitive personal information about you, such as information relating to your health, religion, political beliefs, race or sexual orientation, except with your express consent or unless we are required to do so by law.
If we link other data with your personal information as provided to us, we will treat that linked data as personal information.
How we collect personal information
we may collect your personal information in a variety of ways when you interact with us, including when:
- - you engage us to provide our products and services;
- - you create an account with us;
- - we process orders and payment transactions;
- - we respond to your inquiries and requests;
- - as a result of communications between you and our representatives;
- - we obtain feedback from you about our products and services;
- - we conduct our administrative and business functions;
- - you register for any of our events, workshops and/or seminars;
- - you subscribe to our mailing lists and newsletters;
- - we market our solutions and services to you;
- - you access and use our websites; and/or
- - you apply for employment with us.
we may also collect your personal information from third party sources and third parties including public databases, business partners with whom we offer co-branded services or engage in joint marketing activities, and third parties that provide list enhancement or similar services, to the extent that this is permitted by applicable law.
As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal information by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
Purposes for which we collect and use personal information
we will only use your personal information when we are permitted to do so by law. Most commonly we collect and use personal information to:
- - send communications to you;
- - establish, manage, and maintain our business relationships;
- - respond to inquiries and requests;
- - develop, provide, and improve our services and products;
- - inform you about our services and solutions;
- - obtain feedback from you on our services and solutions;
- - provide you with a more personalised experience when you interact with us;
- - conduct administrative and business functions;
- - update our records and keep contact details up to date;
- - enable you effectively to use and to improve our websites,
- - compile website usage statistics;
- - enable you to subscribe to newsletters and mailing lists;
- - enable you to register for Guideline events, workshops and seminars;
- - recruit staff;
- - assess the performance of our websites and to improve their operation;
- - process and respond to privacy questions, concerns and complaints; and
- - fulfil legal, regulatory and contractual obligations.
Change of Purpose
We will only use your personal information for the purposes for which we originally collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact our Information Officer.
If we need to use your personal information for a purpose unrelated to the original purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal information without your knowledge or consent but only where this is required or permitted by law.
Sharing your personal information
We may share your personal information for the purposes above with:
- - business partners, vendors, or contractors to provide requested services or facilitate transactions, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, and providing customer support. It is important to note that any third parties with whom we share personal information are contractually required to implement appropriate data protection and security measures and are not permitted to process personal information for any purpose other than the purpose for which they are given access;
- - in connection with, any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company;
- - in response to a request for information by a competent authority in accordance with, or required by any applicable law, regulation or legal process;
- - where necessary to comply with judicial proceedings, court orders or government orders.
- - to protect the rights, property or safety of Guideline, its business partners, you, or others, or as otherwise required by applicable law; and
- - where you consent to the sharing of your personal information.
Transfers across borders
It may be necessary for us to process your personal information in other countries, either to carry out your instructions or for ordinary business purposes. These countries may not have the same level of protection as is required by POPI or the GDPR. Where this is the case, we will only process your personal information with your consent. If necessary, we will ask the party to whom we transfer your personal information to agree to our privacy principles, associated policies and practices so that your personal information will be protected to the same extent that it would have been had it been processed by us. Please contact us if you want further information on the specific mechanism used by us when transferring your Personal information out of South Africa or the European Economic Area.
Security of your personal information
Guideline is committed to protecting your personal information from misuse, loss, unauthorised access, modification or disclosure by using a combination of physical, administrative and technical safeguards and contractually requiring that third parties to whom we disclose your personal information do the same.
Whilst Guideline makes every effort to secure its websites, you should note that the internet is not completely secure; thus when you submit or post personal information online, you should be aware that Guideline cannot guarantee the security of any personal information that you submit or post online.
International transfers of your personal information
We only have offices and facilities in South Africa and the hosting facilities for our website are situated in South Africa, and as such your personal information will not be exported outside South Africa.
You can choose whether you wish to receive marketing communications from us by email, SMS, social media platforms and phone. Even when you have agreed to this, you may opt out of receiving future marketing materials from us at any time and manage your communication preferences by:
- - following the unsubscribe instructions included in each marketing email or SMS text message from us; or
- - sending an email to firstname.lastname@example.org;
including your details and a description of the marketing material you no longer wish to receive from us,. We will comply with your request as soon as is reasonably possible. If you opt out of receiving marketing related communications from us, we may still send you administrative messages as part of your ongoing use of our websites, solutions or services.
we do not provide your personal information to unaffiliated third parties for direct marketing purposes or sell, rent, distribute or otherwise make personal information commercially available to any third party.
How you can access, correct, update, block or delete your personal information
if you wish to exercise any of the rights set out below, please contact our Information Officer.
You have the right to:
- - Request access to your personal information. This allows you to receive a copy of your personal information held by us and to check that we are lawfully processing it.
- - Request correction of your personal information held by us. This allows you to have any of your incomplete or inaccurate information corrected, although we may need to verify the accuracy of the new information that you provide.
- - Request erasure of your personal information. This allows you to request that we delete or remove your personal information where there is no justifiable reason for us to continue processing the information. In addition, you have the right to request us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information in order to comply with a legal requirement. Please note that for specific legal reasons which will be notified to you, we may not always be able to comply with your request of erasure.
- - Object to processing of your personal information. You may object to our processing of your information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may be able to demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- - Request restriction of processing of your personal information. This allows you to request that we suspend the processing of your personal information in the following scenarios:
- if you want us to establish the accuracy of the information;
- where our use of the information is unlawful but you do not want us to erase it;
- where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your information but we need to establish whether we have overriding legitimate grounds to use it.
- - Request the transfer of your personal information to you or to a third party. We will provide you, or a nominated third party, with your personal information in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- - Withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before the withdrawal of your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- - No fee usually required. You will normally not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
- - What we may need from you. We may need to request specific information from you to assist us to confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request in order to speed up our response.
- - Time limit to respond. We will endeavour to respond to all legitimate requests within 30 days. Occasionally it may take us longer than this if your request is particularly complex or if you have made a number of requests, in which case, we will notify you of the delay and keep you updated.
Cookies and Similar Technologies
- - enabling you to sign in;
- - authenticating you;
- - keeping track of the information you have provided to us;
- - improving your browsing experience;
- - customising our interactions with you;
- - storing and managing your preferences and settings;
- - compiling statistical data;
- - analysing the performance and usability of our websites;
- - measuring website traffic patterns;
- - determining which areas of our websites have been visited.
These technologies collect information that your browser sends to our websites including your browser type, information about your IP address, geographic location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use , together with the date, time and duration of your visit, the pages you view and the links you click.
Our sites may also contain web beacons or similar technologies from third party analytics providers, through which they collect information about your online activities across our websites to help us compile aggregated statistics about the effectiveness of marketing campaigns or other business operations.
You can stop your browser from accepting cookies by changing the settings on your web browser. Be aware that restricting cookies may impact the functionality of our websites. We recommend that you allow cookies. On most browsers cookies are enabled by default. You can adjust the settings and options on your browser to disable or enable them or visit https://www.aboutcookies.org for detailed information about managing cookies on various browsers.
we operate and communicate through our designated channels, pages and accounts on some social media sites to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our services.
The general public can access and read any information posted on these sites. We are not responsible for any information posted on those sites other than the information posted by our designated officials. We do not endorse the social media sites themselves, or any information posted on them by third parties or other users.
When you engage with us through social media, your personal information may be processed by the site owner; this processing occurs outside of our control and may take place in a country outside South Africa that may have different privacy regulations.
We regularly update and monitor our social media accounts and welcome feedback and ideas sent to us through these channels. We try to join conversations whenever possible, but cannot guarantee that we will read or reply to all messages sent to official Guideline social media accounts.
Consistent feedback and helpful suggestions will be given to the relevant people within the company for consideration, but we cannot guarantee that any feedback or suggestions will be acted upon by Guideline.
Links to third party websites and applications
Our websites may contain links to sites and applications operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party site or application and we are not responsible for any third party content or privacy statements. Your use of such sites and applications is subject to the relevant third party privacy statements.
Retaining your personal information
we retain your personal information for as long as is necessary to fulfil the purposes for which it was collected or to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements. Depending on the purpose, retention periods will vary. The criteria we use to determine retention periods include whether:
- - we are under a legal, contractual or other obligation to retain personal information including pursuant to data retention laws, as part of an investigation or for litigation purposes;
- - personal information is needed to provide our solutions and services business including performance improvement and to maintain accurate business and financial records;
- - there are automated means to enable you to access and delete your personal information at any time. We will generally retain personal information for a shorter period of time, where this is not the case;
- - the personal information is sensitive personal information in which event we will generally retain this for a shorter period of time;
- - you have consented to us retaining your personal information for a longer retention period, in which case, we will retain personal information in line with your consent.
How to contact us
The future is now.
It's time to join the leading GRC platform on the planet.