- Consumers and Third Parties
- Social Media
- Supplier Procurement
- Customer Complaints and Dispute Resolution
- BBEEE & Transformation
- All general processing of personal information for legitimate business purposes and compliance with the law
- Security Access Control
This policy applies to any and all marketing and advertising initiatives and promotions undertaken, whether online or otherwise, by Digistics as well as the provision of value added and financial services by Digistics.
All Digistics Business Units take steps to ensure that marketing and advertising initiatives undertaken:
- project Digistics’ image, values and ethics satisfactorily;
- are appropriate to the circumstances and the intended audience;
- are non-discriminatory and respectful;
- are mindful of an individual’s right to privacy and the rights when receiving unsolicited communications;
- are aligned with Digistics’ strategic objectives;
- are factually accurate and are compliant with all applicable legal and regulatory requirements and standards;
- are compliant with all manufacturer requirements and are in line with supplier agreements.
When marketing to customers and potential customers, Digistics offers an opt-out functionality to allow anyone who receives marketing material to opt out from future communications from Digistics.
The law does not require consent for all marketing, but where consent is required, Digistics will only do marketing with the necessary consent.
Digistics will not sell your personal information to third parties for marketing or any other purpose.
- General POPI principles applying to consumer and third party information
3.1 Personal Information.
In this policy “Personal Information” or “information” means information about a person, including both natural and juristic persons being customers, potential customers, suppliers, and other third parties (collectively referred to as “Data Subjects“), that can be used to identify the Data Subject. Personal Information includes, amongst others, name, identifying numbers, address, contact information, banking information and all other personal information as defined in POPI.
3.2 Collecting Personal Information.
As far as possible, Personal Information is collected directly from the Data Subject, but may also be collected from the following sources if it cannot be collected directly from the Data Subject:
- Government organisations and public bodies;
- The internet and media, including online and social media platforms;
- Marketers and third party suppliers of products or services relating to Digistics products and services. If the information will be used for marketing purposes, the third party from whom we collect, may only share it if the law allows for the sharing;
- Credit or information bureaus for the purposes of information verification related to applications for credit and credit affordability assessments or to update contact details;
- Family or friends;
- Public resources;
- Business partners with whom we have trusted relationships;
- Other third parties if the law allows it.
Digistics shall assume all the responsibilities of a “Responsible Party” in terms of POPI (this is the party that determines the purpose of and means for processing Personal Information). This applies from the time that the Personal Information is obtained the first time until it gets destroyed.
Personal Information will be collected and processed lawfully and in accordance with all laws that apply to Digistics, including but not limited to POPI, PAIA, CPA, FAIS, NCA and ECTA.
Only Personal Information that is necessary, related to or relevant to the reason for which Digistics intends to use it will be obtained and processed by Digistics. Digistics will not ask for more information than required in the circumstances.
3.6 Purposes for processing Personal Information.
Digistics will process Personal Information for the following purposes in compliance with applicable laws:
- to perform in terms of an agreement or intended agreement to which Digistics is a party;
- for any legitimate purposes related to the relationship with us and our employees;
- to process credit applications;
- to manage your relationship with us and any related third parties, such as Manufacturers etc.;
- to contact you for marketing purposes;
- for internal business purposes, which includes:
- administrative and operational tasks;
- monitoring our business, carrying out market and statistical research, and for business development;
- financial management, business audits and analyses, and fraud prevention; and
- compliance with legal requirements;
- to comply with reporting and other legal obligations in terms of contracts or the law;
- any other purpose if the law allows or requires it.
Digistics may use your Personal Information to provide you with information regarding any of its other related products, services, or events from time-to-time. You may however request that Digistics stops sending you such information or request that your Personal Information is removed from Digistics’ mailing list at any time by e-mailing POPI@digistics.co.za. When you opt-out of receiving marketing information, Digistics may still contact you when it is necessary for our relationship with you, such as performing in terms of our agreement with you, providing you with necessary information, or if required or allowed by law.
3.8 Disclosure and use of Personal Information.
Digistics will not use or disclose Personal Information to any third party for any purpose other than the purpose for which the information was collected, without obtaining the necessary consent to do so or to the extent that legislation permits or requires.
Digistics will disclose Personal Information to regulatory authorities, accountants, auditors, lawyers or professional advisors if contractually required to or legally obligated to.
Information may also be shared with third party service providers whose products or services are related to or connected with the products or services supplied to you by Digistics.
Digistics will also transfer information to third parties if it sells any portion of its business or assets.
Information may be shared with approved Digistics Service providers or subcontractors when and if required to in order to fulfil our obligations to you, however information will only be transferred to these third parties when and if all the required and relevant confidentiality and data security undertakings and legal requirements have been contractually accepted and agreed to in writing and in the event of a transfer of Personal Information to any third party, details of the transfer will only be retained for as long as is required to fulfil contractual obligations and / as allowed or required by law.
Where you have provided consent for Digistics to process your Personal Information, you may also withdraw your consent where and if our processing or marketing has been based on your consent. Personal Information may continue to be processed when and if legal justification exists for the processing.
In instances, where consent is required in order to process your Personal Information refusal to provide consent may result in Digistics not being able to maintain the relationship with you, unless other legal grounds to lawfully process your Personal Information without consent exists.
3.10 Public disclosure of Personal Information.
Unless the law requires or provides otherwise, Digistics will only make Personal Information public with your express consent to do so.
3.11 Retention periods.
Digistics takes reasonable steps to only process Personal Information for the minimum period necessary and retains information in accordance with the retention periods required by law and as described in this policy. Information that is no longer required for the purposes for which it was collected will be destroyed.
All reasonable measures will be taken to ensure the security, integrity and confidentiality of Personal Information that we hold by taking appropriate, reasonable, technical and organisational security measures to protect Personal Information and prevent accidental or unlawful destruction, loss, alteration, disclosure, access and other unlawful or unauthorised forms of processing.
Digistics cannot be held liable for any losses or damages that may occur as a result of security breaches unless directly attributed to the gross negligence or misconduct on the part of Digistics or any of its employees, contractors or service providers.
3.13 Security breach.
In the event of a security breach of any Personal Information, Digistics will notify all affected Data Subjects and the applicable regulatory authorities of the breach. If you want to report any concerns about our privacy practices or if you suspect any breach regarding your Personal Information, kindly notify us by sending an email to POPI@digistics.co.za.
The internet is an open and often vulnerable system and the transfer of information via the internet is not completely secure. Although we will implement all reasonable measures to protect Personal Information, we cannot guarantee the security of your Personal Information transferred to us when using the internet. Therefore, you acknowledge and agree that any transfer of Personal Information via the internet is at your own risk and you are responsible for ensuring that any Personal Information that you send is sent securely.
3.14 Third party information and websites.
Digistics is not responsible for and gives no warranties, undertakings and makes no representations in respect of the privacy policies or practices of any websites linked to Digistics website. Your use of and reliance on these links is at your own risk.
3.15 Objection to processing.
You may, on reasonable grounds, object to Digistics using your Personal Information for certain purposes. If you object, we will stop using your Personal Information and delete it, except if applicable laws allow its use or retention. To exercise this right or to discuss it with us, please contact us on POPI@digistics.co.za .
3.16 Quality of Personal Information.
We want to ensure that your Personal Information is accurate and kept up to date. You may ask us to correct or remove any Personal Information that you think is inaccurate, by sending us an email on .It is your responsibility to update us if any of your Personal Information changes.
3.17 Access to Personal Information.
You have the right to request whether Digistics holds any Personal Information about you. If you would like us to provide you with the Personal Information that we hold about you, you may send in a request in the prescribed format (link) and email it to POPI@digistics.co.za . This request may be subject to you verifying your identity and the rights that you are wishing to exercise and to an administration fee in terms of applicable laws. We will provide you with the requested information, or if in terms of the law we are not required to share the information with you, we will inform you accordingly as soon as is reasonably possible in the circumstances but no later than 30 business days after request has been received.
If you want to raise any objection or have any queries about our privacy practices, you can contact our data protection officer on POPI@digistics.co.za . In the event that you believe that Digistics or any of its divisions, have infringed on any of your rights or have contravened the provisions of POPI in any manner that has prejudiced you, you have the right to raise your complaint in the prescribed format with the Information Regulator of South Africa. Details on how to lodge a complaint may be obtained from http://www.justice.gov.za/inforeg, and complaints can be submitted to the Information Regulator of South Africa with the following contact details:
Forum 3, 3rd Floor
33 Hoofd Street,
Complaints email: complaints.IR@justice.gov.za
General enquiries email: email@example.com
Fax: 086 500 3351
- Social Media
Digistics encourages all of their employees to explore and engage in social media interactions, but in a manner that is respectful, responsible and with sound judgement and common sense. At all times, they are expected to adhere to Digistics values, and ensure that they follow the Policies and Procedures that apply to Social Media interaction.
Please note that if you communicate with us through a Social Media channel, we may use the same channel to communicate back to you. This also applies to communications regarding a sales or service contract, for example sending documentation over WhatsApp. Using social media channels may expose your information to security risks, and by choosing to use these channels, you accept this risk.
- Supplier Procurement
This policy also applies to the personal information processed during procurement and appointment of all and any suppliers and/or outsourced service providers of products and/or services, including the following:
- Supply chain collaboration
- Spend analysis.
- Supplier management
- Financial supply chain management
- Invoice management
- Dynamic pricing
- Ensuring the health and safety of our employees and visitors
- Fraud prevention.
Digistics endeavours to ensure that all suppliers of products and services are assessed and vetted to ensure that they comply with:
- All the required criteria to ensure that the products and services being provided offer the value and are of the standard and quality that would be expected from Digistics;
- All legislation relevant to the services and/or products that are to be supplied or provided;
- Manufacturer requirements so as not to invalidate any warranties or guarantees;
- All Regulatory Bodies relevant to the service and/or products to be supplied or provided;
- The Codes of Good Practice for Broad Based Black Economic Empowerment.
All suppliers to Digistics will be required to enter into a service level agreement with Digistics to regulate the way in which suppliers will use personal information accessed or used as a result of Digistics relationship. All suppliers are required to implement the security measures as prescribed by POPI.
- Customer Complaints and Dispute Resolution
Digistics is bound by the Consumer Protection Act 68 of 2008 .
Should you be dissatisfied with your experience at “Digistics” please forward the details of your complaint to our Head Office at firstname.lastname@example.org , for further investigation.
- B-BEEE / Transformation
Digistics supports our Government’s initiatives for transformation and is committed to the promotion of sustainable economic growth and social development in South Africa.
B-BBEE is a critical and key component to achieving this aim and not only ensures that we comply with our Government’s B-BEEE Code of Conduct, but it enables us to better serve the needs of both our customers and our business, and contribute more positively to society as a whole.
In this regard customers may be requested to complete a BBBEE declaration in certain instances when dealing with Digistics. This is always on a voluntary basis and with the consent of the customer and no customer is under any obligation to disclose information regarding race if it does not want to.
Digistics may use cloud storage services which will result in your information being transferred cross border. We will only transfer Personal Information to third parties in countries with adequate data protection laws or do so in terms of a written agreement with the recipient which imposes data protection requirements on that party as required by POPI.
Digistics reserves the right to alter the terms and conditions of this policy at any time.
You will be responsible for reviewing any such changes each time you access the websites and your continued use of the website after changes have been posted online constitutes your acceptance of this policy as modified by the posted changes.