THENSA and its direct and indirect affiliates and subsidiaries (collectively “THENSA” “us” and “we”) understand the importance of protecting your personal data. This Privacy Statement describes how we collect and use your personal data, who we share it with, and your choices and rights in relation to your personal data.
This Privacy Statement applies to personal data that we collect from you during your interactions with us, whether online, including through our websites (including mobile sites) and social media sites (“Sites”), mobile applications (“Apps”) (collectively “Online Services”) that link to this Privacy Statement, in writing or orally, or personal data that we may collect offline or receive from third parties.
2. Personal data that we collect
Personal data is any information that identifies you as an individual or relates to you as an identifiable individual.
Depending on how you interact with us, personal data we collect may include:
- your name;
- email address;
- postal address;
- telephone number;
- log-in and account information for authentication purposes and account access;
- your gender;
- details of your visit to our Online Services, including, but not limited to, traffic data, location data, weblogs and other communication data;
- information that you provide to us, including records of correspondence;
- marketing and other preference information;
- and social media account information.
We may also collect other information that does not personally identify you. Such other information includes browser and device information, website and application usage data, IP addresses, demographic information such as marketing preferences, geographic location, primary language, and information collected through cookies and other technologies or information that has been anonymized or aggregated. If we link this information with your personal data, we will treat that linked information as personal data.
You can choose not to provide personal data to us when requested. However, if this is necessary to provide you with our solutions and services, access to our Online Services, or to perform administrative functions, we may be unable to do these things.
3. Sensitive personal data
We do not collect sensitive personal data about you, e.g. information relating to your health, religion, political beliefs, or sexual orientation and ask that you do not send or provide this information to us.
4. How we collect your personal data
We may collect your personal data from you in a variety of ways when you interact with us, including:
- when you access our Online Services, or interact with us in any other way, or use our solutions and services.
- We collect personal data when you place orders for our solutions and services, you create an account with us, we process your orders and payment transactions, perform administrative and business functions, market our solutions and services to you and when you register for our events, workshops and seminars or subscribe to our mailing lists and newsletters.
- when you communicate with us.
- We collect personal data when we respond to your inquiries and requests, obtain feedback from you about our solutions and services or you apply for employment with us.
- from third party sources.
- We collect personal data from third parties, including public databases, social media sites, business partners with whom we offer co-branded services or engage in joint marketing activities and third parties that provide list enhancement or similar services.
5. Legal basis for processing your personal data
When we process your personal data in connection with the purposes set out in this Privacy Statement, we may rely on one or more of the following legal bases, depending on the purpose for which the processing activity is undertaken and the nature of our relationship with you:
- our legitimate interests (or those of a third party with whom we share your personal data) for the purpose of managing, operating or promoting our business, including direct marketing, and intra-THENSA group transfers of personal data for business and administrative purposes, except where such interests are overridden by your interests or fundamental rights or freedoms which require protection of personal data.
- where this is necessary to comply with a legal obligation on us.
- to protect the vital interests of any individual.
- where you have consented.
6. Use of your personal data
We may use your personal data to:
- enable you to effectively use and to improve our solution and services. For example, to:
- perform administrative and business functions and internal reporting.
- send administrative information to you.
- obtain feedback from you about our services and solutions including through client satisfaction surveys, in which event, we will only use your personal data for the sole purpose of sending you a survey (through our third party email delivery provider).
- respond to your inquiries and fulfil requests by you.
- assess the performance of our Online Services and to improve their operation.
- inform you about and provide you with our services and solutions.
- update our records and keep contact details up to date.
We engage in these activities to manage our contractual relationship with you, to comply with our legal obligations, or for our legitimate business interests.
- provide you with marketing materials and to personalize your experience. For example, to:
- send marketing communications to you.
- provide you with a more personalized experience when you interact with us.
- enable you to subscribe to our newsletters and mailing lists.
- enable you to register for events, workshops and seminars hosted by us.
We engage in these activities with your consent or for our legitimate business interests.
- achieve our business purposes and analyse information. For example, to:
- establish, manage, and maintain our business relationship with you.
- compile usage statistics for our Online Services.
- recruit staff.
- process and respond to privacy requests, questions, concerns and complaints.
- fulfil legal and contractual obligations.
- achieve our business purposes and analyse information. For example, to:
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation and for our legitimate business interests.
7. Sharing your personal data
We may share your personal data for the purposes set out in this Privacy Statement (as applicable):
- with our direct and indirect affiliates and subsidiaries for the purposes set out in this Privacy Statement. THENSA is the party responsible for the management of jointly used personal data.
- with business partners with whom we offer co-branded services or engage in joint marketing activities.
- with service providers to provide operational services or facilitate transactions on our behalf, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, email delivery, data analytics and auditing.
- where you consent to the sharing of your personal data.
- in connection with, any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company.
- for other legal reasons.
- We may share your personal data in response to a request for information by a competent authority in accordance with, or required by any applicable law, regulation or legal process;
- where necessary to comply with judicial proceedings, court orders or government orders; or
- to protect the rights, property or safety of THENSA, its business partners, you, or others, or as otherwise required by applicable law.
Any third parties with whom we share personal data are contractually required to implement appropriate data protection and security measures to protect personal data and are not permitted to use personal data for any purpose other than the purpose for which they are provided with or given access to personal data.
8. Security of your personal data
THENSA is committed to protecting your personal data from accidental or unlawful destruction, loss, alteration, unauthorized access or disclosure by using a combination of physical, administrative and technical safeguards and contractually requiring that third parties to whom we disclose your personal data do the same.
However, while we have implemented reasonable technical and organisational precautions to protect the security and integrity of personal data, due to the inherent nature of the internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the internet or while stored on our system or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
We maintain physical, electronic and procedural safeguards to protect your personal data. We strive to protect information transmitted on or through the website or Online Services, however, we cannot and do not guarantee the security of any data or information you transmit on or through the websites, and you do so at your own risk. We cannot and do not guarantee the security of your data and information.
9. Cross border transfers
As a company where some of our members operate outside of South Africa, we may transfer your personal data to countries where we do business or to international organisations in connection with the purposes identified above and in accordance with this Privacy Statement.
For individuals in the EEA or Switzerland: Where we transfer your personal data from a location within the European Economic Area (the “EEA”) or Switzerland to a country or international organisation outside the EEA or Switzerland and that country or international organisation does not provide a level of protection for personal data which the European Commission (“Commission”) deems adequate, we use and adhere to the standard contractual clauses (“SCCs”) approved by the Commission to legitimately transfer personal data. You may obtain a copy of these measures by contacting us in accordance with the “How to contact us” section below.
10. Your rights under data protection laws in the EEA
THENSA adheres to applicable data protection laws in the EEA, which provide you with certain rights relating to your personal data (if you are an EU individual), subject to any legal exceptions. Your rights include:
- the right to access personal data that we hold about you.
- the right to rectify inaccurate personal data we hold about you without undue delay, and taking into account the purposes of the processing, to have incomplete personal data about you completed.
- the right to ask us to erase your personal data (the right to be forgotten) without undue delay in certain circumstances.
- the right to restrict the processing of your personal data in certain circumstances.
- the right to receive your personal data from us in a structured, commonly used and machine-readable format and to transmit your personal data to a third party without obstruction (right to data portability) in certain circumstances.
- where we process personal data based on your consent, you have the right to withdraw your consent at any time for future processing.
- where we process your personal data based upon our legitimate interests or those of a third party, you have the right to object to the processing of your personal data at any time (including to any profiling).
- where we process your personal data for direct marketing purposes, you have the right to object to processing of your personal data at any time, including profiling to the extent that it is related to such direct marketing.
- the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- We will consider such requests and respond to you within 30 days. We may require verification of your identity before providing a copy of your information, as permitted by law. You may lodge a complaint with a data protection supervisory authority if you believe that your data protection rights relating to your personal data have been breached by THENSA or that your personal data has been compromised in some way. However, we recommend you contact us before doing so as we may be able to resolve any issues with you directly in a more efficient manner.
A list of data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
You may contact us with requests, complaints or questions regarding these rights as set forth in the “How to contact us” section, below.
Similarly, individuals in countries outside of the EEA and Switzerland may exercise their rights under any applicable data protection laws by contacting us in accordance with the “How to contact us” section, below.
11. Cookies and Similar Technologies
- enabling you to sign in to our Online Services;
- authenticating you;
- keeping track of information you have provided to us;
- improving your browsing experience;
- customizing our interactions with you;
- storing and managing your preferences and settings;
- compiling statistical data;
- analysing the performance and usability of our Online Services;
- measuring traffic patterns for our Online Services; and
- determining which areas of our Online Services have been visited.
These technologies collect information that your browser sends to our Online Services including your browser type, information about your IP address (a unique identifier assigned to your computer or device which allows your PC or device to communicate over the Internet), together with the date, time and duration of your visit, the pages you view and the links you click.
Our Online Services may also contain web beacons or similar technologies from third party analytics providers, through which they collect information about your activities across our Online Services to help us compile aggregated statistics.
12. Links to third party websites and applications
13. Direct marketing
We may send you direct marketing communications about our solutions and services. You can choose whether you wish to receive marketing communications from THENSA by email, SMS, and phone. You may opt out of receiving marketing materials from us at any time and manage your communication preferences by contacting us by using the contact details on our website www.thensa.co.za.
Include your details and a description of the marketing material you no longer wish to receive from us. We will comply with your request as soon as is reasonably practicable.
If you opt out of receiving marketing related communications from us, we may still send you administrative messages as part of your ongoing use of our solutions and services, which you will be unable to opt out of.
We do not provide your personal data to unaffiliated third parties for direct marketing purposes or sell, rent, distribute or otherwise make personal data commercially available to any third party.
14. Retaining your personal data
We will retain your personal data for as long as is necessary to fulfil the purpose for which it was collected unless a longer retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements. The criteria we use to determine retention periods include whether:
- we are under a legal, contractual or other obligation to retain personal data, or as part of an investigation or for litigation purposes;
- personal data is needed to maintain accurate business and financial records;
- there are automated means to enable you to access and delete your personal data at any time;
- the personal data is sensitive personal data in which event we will generally retain this for a shorter period of time;
- you have consented to us retaining your personal data for a longer retention period, in which case, we will retain personal data in line with your consent.
15. Updates to this Privacy Statement
We may update this Privacy Statement at any time. If we do, we will update the “last modified” section at the bottom of this Privacy Statement.
We encourage you to regularly review this Privacy Statement to stay informed about our privacy practices.
16. How to contact us
If you have any questions about how your personal data is handled by THENSA, you have a privacy concern or you wish to make a request or a complaint relating to your personal data, please contact the us by using the following email address: email@example.com