HRNow (“us”, “we”, or “our”) operates the HRNow website (the “Service”).
This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Services.
We use your Personal Information to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
LOG DATA
We collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
PROTECTION OF PERSONAL INFORMATION
All Personal Information that we collect will be processed and held in accordance with the provisions of the Protection of Personal Information Act and your rights thereunder as well as our Protection of Personal Information Policy. By not providing us with the Personal Information as requested, we will not be able to respond to you, process your application, or render any of our services.
Your Personal Information may be shared with third parties as required for the purposes of fulfilment of this application/request/complaint/order/inquiry or for drawing up a service- or employment contract.
Your Personal Information may be transferred to another country to apply for employment abroad or for storage on a Cloud-Based Storage Facility where the physical storage medium is situated in another country. In this regard, we will only make use of service providers, located in countries that offer adequate protection for Personal Information processed in that country. This may be achieved in terms of relevant legislation, a Service Agreement, or a similar undertaking, in terms of which the service provider or client offers adequate protection for Personal Information under its control.
To keep our customers/service providers up to date with our latest service and product offerings, we request your permission to send marketing material to you using electronic communication.
By using our services or perusing our website and applying for positions advertised you agree to us processing your Personal Information as explained above.
You further agree that HRNow has permission to process your Personal Information for the intended purposes.
RIGHT OF ACCESS TO INFORMATION
The 1996 South African Constitution, by providing a statutory right of access on request to any record held by the state as well as access to records held by private bodies, entrenches the fundamental right to access to information.
The Promotion of Access to Information Act 2 of 2000 (“the Act”), which came into effect on 9 March 2001, seeks to advance the values of transparency and accountability in South Africa and provides the mechanism for requesters to exercise and protect their constitutional right to request access to a record.
The Act establishes the following statutory rights of requesters to any record of a private body if:
• That record is required for the exercise or protection of any of his or her legal rights;
• That requester complies with all the procedural requirements; and
• Access is not refused in terms of any ground referred to in the Act.
PROCESSING OF PERSONAL INFORMATION IN TERMS OF THE POPI ACT
Processing of personal information of data subjects
The Company processes the personal information of data subjects for the following purposes:
- Fulfilling its statutory obligations in terms of applicable legislation;
- Verifying information provided to us;
- Obtaining information necessary to provide contractually agreed services;
- Monitoring, maintaining, and managing contractual obligations to customers, clients, suppliers, service providers, employees, directors and other third parties;
- Marketing and advertising;
- Resolving and tracking complaints;
- Monitoring and securing the assets, employees, and visitors to the premises of the business;
- Historical record-keeping, research, and recording statistics necessary for fulfilling our business objectives.
The business may process the personal information of the following categories of data subjects. This includes current, past, and prospective data subjects:
- Customer and employees, representatives, agents, contractors, and service providers of such customers;
- Suppliers, service providers to and vendors of and employees, representatives, agents, contractors, and service providers of such suppliers and service providers;
- Officers
- Job applicants;
- Visitors to any premises;
- Complaints, correspondence, and inquiries;
The nature of personal information processed in respect of the data subjects listed above may include:
- Name, identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
- Biometric information;
- Information relating to the education or the medical, financial, criminal or employment history of the data subject;
- Information relating to the race, gender, marital status, national origin, age disability, language, and birth of the data subject;
- The personal opinions, views, or preferences of the data subject;
- Confidential correspondence sent by the data subject;
- The views or opinions of another individual about the data subject
The business may supply personal information to the following recipients:
- Regulatory, statutory, and government bodies;
- Suppliers, service providers, vendors, clients, agents, and representatives of the business;
- Employees;
- Stakeholders;
- Third-party verification agencies and credit bureaus;
- Collection agencies;
- Banks and other financial institutions;
Personal information of data subjects may be transferred across borders due to the hosting of some of the Company infrastructure in foreign jurisdictions. Data subjects’ personal information may also be transferred transborder to other countries where the business has a physical presence or may be providing services or performing in terms of its contractual obligations.
The business continuously establishes and maintains appropriate, reasonable technical and organizational measures to ensure that the integrity of the personal information in its possession or under its control is secure and that such information is protected against unauthorized or unlawful processing, accidental loss, destruction, or damage, alteration or access by having regard to the requirements outlined in law, in industry practice and generally accepted information security practices and procedures which apply.
It is important to note that an application for access to information can be refused if the application does not comply with the procedural requirements of the Act. In addition, the successful completion and submission of an access request form does not automatically allow the requester access to the requested record.
An application for access to a record is subject to certain limitations if the requested record falls within a certain category as specified within Part 3 Chapter 4 of the Act.
If it is reasonably suspected that the requester has obtained access to the business’s records through the submission of materially false or misleading information, legal proceedings may be instituted against such requester.
For the business to facilitate access to a record a requester will need to complete the contact form. Thereafter the prescribed form will be sent and must be completed in full. Failure to do so will result in the process being delayed until all information is provided.
The business will not be held liable for delays due to receipt of incomplete forms. Due cognizance should be taken of the following instructions when completing the form because the Information Officer shall not process any request for access to a record until satisfied that all requirements have been met.
Proof of identity is required to authenticate the requester’s identity. If the requester acts as an agent requester, the requester shall provide proof of the identity of the person on whose behalf the request is made, the authority or mandate given to the requester by such person, and proof of the identity of the requester as provided above.
- Type or print in BLOCK LETTERS an answer to every question.
- If a question does not apply, state “N/A” in response to that question.
- If there is nothing to disclose in reply to a particular question, state “nil” in response to that question.
- If there is insufficient space on a printed form in which to answer a question, additional information may be provided on an additional folio attached to the form.
- When the use of an additional folio is required, precede each answer thereon with the title applicable to that question.
The completed Request for Access to a Record Form must be submitted either via conventional mail, e-mail, or fax and must be addressed to the Information Officer.
Payment details can be obtained from the Information Officer and payment can be made either via a direct deposit (no credit card payments are accepted). Proof of payment must be supplied. Four types of fees are provided for in terms of the Act:
- Request fee: An initial, non-refundable fee is payable on submission. This fee does not apply to personal requesters, referring to any person seeking access to records that contain their personal information.
- Reproduction fee: This fee is payable with respect to all records that are automatically available.
- Access fee: If the access request is successful an access fee may be required to reimburse the business for the costs involved in the search, reproduction, and/or preparation of the record and will be calculated based on the Prescribed Fees.
- Deposit: A deposit of one-third (1/3) of the amount of the applicable access fee, is payable if the business receives a request for access to information held on a person other than the requester himself/herself and the preparation for the record will take more than six (6) hours. If access is refused to the requested record, the full deposit will be refunded to the requester.
The business will within thirty (30) days of receipt of the request decide whether to grant or decline the request and give notice with reasons (if required) to that effect.
The thirty (30) day period within which the business has to decide whether to grant or refuse the request, may be extended for a further period of not more than thirty (30) days, if the request is for a large volume of information, or the request requires a search for information held at another office of the business and the information cannot be reasonably obtained within the original thirty (30) day period, the business will notify the requester in writing should an extension be sought.
If the business has searched for a record and it is believed that the record either does not exist or cannot be found, the requester will be notified by way of an affidavit or affirmation. This will include the steps that were taken to try to locate the record.
The thirty (30) day period within which the Information Officer is required to reply to a request, as stipulated in the Act, shall commence only once a requester has complied with all the requirements of the Act in requesting access to a record, to the satisfaction of the Information Officer.
Requests may be refused on the following grounds, as set out in the Act:
- Mandatory protection of privacy of a third party who is a natural person, including a deceased person, which would involve the unreasonable disclosure of personal information of that natural person;
- Mandatory protection of commercial information of a third party or the Company, if the record contains:
- Trade secrets of the third party or the business;
- Financial, commercial, scientific, or technical information which disclosure could likely cause harm to the financial or commercial interests of the third party or the Company; and Information disclosed in confidence by a third party to the Company if the
- disclosure could put that third party at a disadvantage or commercial competition.
- Mandatory protection of certain confidential information of a third party if disclosure of the record would result in a breach of a duty of confidence owed to that party in terms of an agreement;
- Mandatory protection of the safety of individuals, and the protection of property;
- Mandatory protection of records privileged from production in legal proceedings, unless the legal privilege has been waived; and
- Mandatory protection of research information of a third party and the business.
Contact us here for more information