Privacy Policy

How we collect, use, and protect your personal information

Your Personal Information and POPIA Compliance

Under the Protection of Personal Information Act (POPIA), CEOS Technologies, as the “Responsible Party,” has a legal duty to process your personal information lawfully, legitimately, and responsibly.

To fulfil this duty, we require your express and informed consent to process your personal data. However, even if you do not provide consent, CEOS Technologies may still process your information under certain legal circumstances, including:

  • When it is necessary to fulfil a contract between you (or your company) and CEOS Technologies.

  • When required by law. This includes, but is not limited to:

    • Basic Conditions of Employment Act (75 of 1997)

    • Skills Development Act (97 of 1998)

    • Skills Development Levies Act (9 of 1999)

    • Employment Equity Act (55 of 1998)

    • Unemployment Insurance Acts (4 of 2002 and 6 of 2001)

    • Financial Advisory and Intermediary Services Act (37 of 2002)

    • Financial Intelligence Centre Act (38 of 2001)

    • National Credit Act (34 of 2005)

    • Compensation for Occupational Injuries and Diseases Act (130 of 1993)

  • When processing is necessary to protect the legitimate interests of CEOS Technologies or a third party.

CEOS Technologies is fully committed to safeguarding all personal information collected and used. This includes information related to clients, suppliers, employees, website users, and other stakeholders. 

We take all reasonable steps to ensure confidentiality, prevent unauthorized access, and retain your data only as long as necessary.

Who we are and how to contact us

🏢Name of Organisation: CEOS Technologies (Pty) Ltd
📧Company email: online@ceos.co.za
📞Company Tel number: +27861 111 231
💬Company WhatsApp number: +27837 730 1427
📍Company Address: 123 Drysdale Road, Northwold, Gauteng, South Africa

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at online@ceos.co.za or by mail using the address details provided above.

Information we collect

The types of personal information we collect depends on our interaction with you such as:

  • In relation to the services or products that you purchase or are using from us.
  • As a prospective employee or employee.
  • As a supplier to the Company or as an agent/operator acting under instruction of the Company.

The information may include some or all of the following:

  • Contact info – such as name, alias, address, phone number, social media user ID, email address, and similar contact data.
  • Bank account details.
  • Company details – VAT number, billing and postal address, contact information, representatives of the company that will interact with the Company to meet contractual obligations.
  • User content – feedback, improvements, suggestions, queries or any other information you send to us, that you provide to us when you contact us.
  • Demographic info – such as race, gender.
  • Identity info.
  • Career, education and employment related info.

Mandatory

We bring to your attention that we require your personal information in order to:

  • engage with you prior to the conclusion of an agreement/mandate
  • conclude a contract with you; or
  • comply, report to government and keep records with the applicable labour, tax and financial legislation.

All Personal Information which you provide to the Company will only be used for the purposes for which it is collected.

Consequences of Withholding Consent or Personal Information

Should you refuse to provide the Company with the required consent and/ or information, the Company will be unable to assist you with one of the following:

  • your employment or
  • provide you with the Company’s products or services or
  • procure products and services from you and make payment for such products and services.

Accuracy of information

POPIA requires that all your personal information and related details supplied, are complete, accurate and up to date. 

Whilst the Company will always use its best endeavours to ensure that your personal information is reliable, it will be your responsibility to advise the Company of any changes to your personal information, as and when these may occur.

Sources of info

We collect info directly from you, or from certain 3rd parties or other publically available sources:

Directly from you when you do any of the following:

  • Sign a contract to subscribe to our products and services
  • Interact with us
  • Register for or attend one of our events
  • When you communicate with us via email, phone, chat, in person or otherwise
  • When you complete a questionnaire, survey or support query
  • When you express interest in working for us or apply for a job position with us

Automatically

  • Access, use, or download content from us.
  • Open emails or click on links in emails or advertisements from us.
  • Otherwise interact or communicate with us (such as when you attend one of our events or locations, when you request support or send us information, or when you mention or post to our social media accounts).

We also collect info about you from 3rd parties such as:

  • Professional or industry organisations and certification / licensure agencies that provide or publish personal information related to you.
  • Service providers and business partners who work with us in relation to our Services and that we may use to deliver certain content, products, or services or to enhance your experience.
  • Marketing, sales generation, and recruiting business partners.
  • Credit bureaus and other similar agencies.
  • Government agencies and others who release or publish public records.
  • Other publicly or generally available sources, such as social media sites, public and online websites, open databases, and data in the public domain.

When you visit our website

When you visit our website, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device.

 Additionally, as you browse our website, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the website, and information about how you interact with the website.

We refer to this automatically-collected information as “Device Information.” We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

Additionally when you register for the service through the website, we collect certain information from you, including your name, ID number, email address, and phone number. We refer to this information as “Service Information.”

Note that when we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Service Information.

How we use the information

First, some laws require us to explain the lawful basis upon which we process your personal information. With respect to these laws, we process personal information about you for one or more of the following legal basis:

  • To Perform a Contract. Where the processing is necessary for the performance of contract.
  • Legitimate Interests. Where the processing is necessary for legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal information.
  • Your Consent. Where you have given us consent to process your personal information for specified purposes, such as to provide our Products and Services and other items requested by you.
  • Comply with Legislation. Where the processing is necessary for compliance with a legal obligation, such as Tax law, Labour Law, Employment Equity Laws, B-BBEE Laws, etc.

Processing of Personal Information

We process your personal information in connection with our Products and Services and for other business purposes, including to:

  • Provide, deliver, analyse, and administer our Products and Services (including in connection with the performance of a contract).
  • For internal research and development purposes for new content, products, and services, and to improve, test, and enhance the features and functions of our current Services.
  • Process transactions related to our Products and Services and administer accounts or profiles related to you.
  • Personalise and make recommendations related to our Products and Services and other offerings.
  • Contact and communicate with you in connection with our Products and Services or other notifications, programs, events, or updates that you may have registered for.
  • Send you offers, advertising, and marketing materials, including to provide personalised advertising to you.
  • Conduct and communicate with you regarding recruiting and human resources administration.
  • Comply with your instructions or to fulfil other, specified purposes for which you have given your consent.
  • Detect and prevent fraud and abuse to ensure the security and protection of all customers and others, as well as to identify and authenticate your access to our Products and Service or to identify and authenticate you before we provide you with certain information.
  • Exercise our rights and to protect our and others’ rights and/or property, including to take action against those that seek to violate or abuse our Products and Services.
  • Comply with the law and our legal obligations, including to respond to a request or order from a court, regulator, or authority, as well as to fulfil our contractual obligations with our customers when they arrange access to our Products and Services for you.
  • Effectuate the sale, merger, acquisition, or other disposition of our business (including in connection with any business rescue or similar proceedings).

Automated Decision Making

The Company does not subject any data subject to automated decision-making.

How we share information

As a rule we do not share your personal information with anyone for any reason other than where we do so for the purposes set out in this Privacy Statement and with the following categories of recipients:

  • Business Partners. We may share your personal information with our business partners to jointly offer, provide, deliver, analyse, administer, improve, and personalise products or services or to host events. We may also pass certain requests from you or your organisation to these business providers.
  • Third Party Service Providers. We may share your personal information with our third party service providers to perform tasks on our behalf and to assist us in offering, providing, delivering, analysing, administering, improving, and personalising our Products and Services.
    •  For example, service providers who assist us in performing, delivering, or enhancing certain products and services related to our delivery and operation of our Services, who provide technical and/or customer support on our behalf, who provide application or
    •  software development and quality assurance, who provide tracking and reporting functions, research on user demographics, interests, and behaviour, and other products or services. 
    • These third party service providers may also collect personal information about or from you in performing their services and/or functions on our Services. We may also pass certain requests from you or your organisation to these third party service providers.
  • User content: If you choose to include your personal information in any reviews, comments, or other posts that you create, then that personal information may be displayed to other users as part of your posting.
  • In the Event of Merger, Sale, or Change of Control. We may transfer this Privacy Statement and your personal information to a third party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of control (such as the result of a business rescue proceeding).
  • Other Disclosures. We may disclose your personal information to third parties if we reasonably believe that disclosure of such information is helpful, to enforce our terms and conditions or other rights (including investigations of potential violations of our rights). 
  • To detect, prevent, or address fraud or security issues, or to protect against harm to the rights, property, or safety of the organisation, our users, or the public.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Cross border flows

We do not transfer any personal information outside South Africa, however if we were required to do so, we will ensure that the information is transferred in accordance with this Privacy Statement. 

As permitted by applicable data protection laws that require the recipient entity in a foreign country to at least meet the minimum requirements as set out in POPIA.

Security of information

The security of your personal information is important to us. Taking into account the nature, scope, context, and purposes of processing personal information, as well as the risks to individuals of varying likelihood and severity, we have implemented technical and organisational measures designed to protect the security of personal information.

Where we transfer personal information to an Operator or 3rd party service provider, we request that they treat your personal information as confidential and only be used for the purpose in terms of the agreement signed between the Company and the operator or 3rd party service provider. 

We also request that they at least have similar to the Company’s technical and organisational measures designed to protect the security of personal information.

Where data is stored electronically outside the borders of South Africa, such is done only in countries that have similar privacy laws to our own or where such facilities are bound contractually to no lesser regulations than those imposed by POPIA.

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable measures designed to protect personal information, we cannot guarantee its absolute security.

Our security procedures also means that we may request proof of identity before we disclose personal information to you or before we process your other requests.

In the event of a data breach, where personal information of data subjects has been compromised and it is envisaged that some harm could be caused to you, the Company shall promptly inform the data subject should the personal information be unlawfully accessed, disclosed, destroyed and processed and shall report the breach to the affected individual(s) and the Information Regulator.

 The Company will, where reasonably practical and applicable provide the affected data subjects with details of the breach, when it occurred, the measures employed to identify the source of the breach and to prevent further breach.

Retention of information

We retain personal information in accordance with our enterprise records retention schedule, which varies by Service, business function, record classes, and record types.

We calculate retention periods based upon and reserve the right to retain personal information for the periods that the personal information is needed to:

  1. fulfil the purposes described in this Privacy Statement,
  2. meet the timelines determined or recommended by regulators, professional bodies, or associations,
  3. comply with applicable laws, legal holds, and other legal obligations (including contractual obligations), and
  4. comply with your requests.

Children’s privacy

In some instances we are required to provide our services or products to minors. We do not proceed until a competent person has provided the necessary consent on behalf of the minor or if some other legal basis or a legitimate interest exists to do so.

 

Marketing choices

We deliver advertising and marketing across various platforms, such as on our Services or via email, telephone, text messaging, direct mail, and various online channels.

 Our Services and marketing materials may also include third party advertising and links to other websites and applications. Third party advertising partners may collect information about you when you interact with their content, advertising, or services.

You can control cookies and tracking tools. To learn how to manage how we and our partners use cookies and other tracking tools, please refer to our Cookie Policy.

Your Rights concerning your personal information

What rights may be available to me?

  • Access to Personal Information. You may have the right to obtain confirmation from us that we process your personal information and, if so, you may have the right to request access to your personal information. Please note that, to the extent permitted by law, we may charge a reasonable fee based on administrative costs for the first or further copies of your personal information requested by you.
  • Rectification. You may have the right to request that we rectify inaccurate personal information concerning you and, depending on the purposes of the processing, you may have the right to have incomplete personal information completed.
  • Erasure/Deletion. You may have the right to require us to erase some or all of the personal information concerning you.
  • Restriction of Processing. You may have the right to require us to restrict the further processing your personal information. In such cases, the respective information will be marked as restricted, and may only be processed by us for certain purposes.
  • Object. You may have the right to object, on grounds relating to your particular situation, to the processing of your personal information by us, and we may be required to no longer process some or all of your personal information.
  • Data Portability. You may have the right to receive a copy of your personal information which you have provided to us, in a structured, commonly used, and machine-readable format, and you may have the right to transmit that personal information to another entity without hindrance from us.
  • Withdraw Consent. You may have the right to withdraw consent you have provided to us where we rely solely on your consent to process your personal information. You can always provide your consent to us again at a later time.
  • Right to Complain. You may have the right to lodge a complaint with the Information Officer of the Company or to the Information Regulator if you are not satisfied with our responses to your requests or how we manage your personal information.

 

Details of the Information Regulator

Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001.
Postal Address: P.O Box 31533, Braamfontein, Johannesburg, 2017.
Complaints email: complaints.IR@justice.gov.za.
General enquiries email: inforeg@justice.gov.za.

How do I submit a request?

To make a request or exercise your rights, please contact our Information Officer at privacy@ceos.co.za.

When you make a request, we ask that you help us with the following:

  • Tell Us Which Right You Are Exercising: Please specify which right you want to exercise and the personal information to which your request relates (if not to you). If you are acting on behalf of another individual, please clearly indicate this fact and your authority to act on such person’s behalf.
  • Tell Us More about Your Relationship with Us: Please let us know how you are associated with us, such as that you use certain Services of ours or that you were a former employee.
  • Help Us Verify Your Identity: As mentioned above, our security procedures mean that we may request proof of identity before we disclose personal information to you or before we process your other requests. Provide us enough information to verify your identify. 
  • If we cannot initially verify your identity, we may request additional information to complete the verification process (such information may include your picture, a copy of your driver’s license or other government-issued ID and/or a recent utility or credit card bill). 
  • Please note that if we cannot verify your identity, we may not be able to fulfil your request.
  • Direct Our Response Delivery: Depending on your request, we will provide a response to you via email or through a link to access certain information. If you prefer to receive our response in another way, then please let us know your preferred delivery mechanism to receive our response. You may specify, for example, email, mail, or through your account (if you have one with us).

Changes and Conflicts

We may update this privacy policy from time to time to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. 

We reserve the right to amend this Privacy Statement at any time, for any reason, and without notice to you other than the posting of the updated Privacy Statement on our Services.

If there is any conflict between the English version of our Privacy Statement and a version translated in another language, the English version controls.