POPI Act Policy

1.   INTRODUCTION

Innovative House of Beauty (IHOB) strongly believes in protecting the privacy and the confidentiality of personal information. In order to explain how Innovative House of Beauty (IHOB) collects, uses, and protects personal information, this privacy policy has been developed. Personal information is any combination of information, in the possession of, or likely to come into the possession of Innovative House of Beauty (IHOB) that can be used to identify, contact, or locate a discrete individual (“Personal Information”) and will be treated in accordance with this privacy policy. This includes any expression of opinion about such individual. Any information which cannot be used to identify a discrete individual (such as aggregated statistical information) is not personal information.

2.   THE PURPOSE OF COLLECTION OF INFORMATION (POPIA Section 18(1)(c))

  • Personal information is collected and processed mainly to provide access to our services and contractual obligations, to help improve offerings, and for certain other purposes explained below:
    • The type of information collected will depend on the purpose for which it is collected and used. Information will be collected only for that purpose.
    • Information is collected directly where personal details are provided, for example, when services are received, when enquiries are submitted, or the institution is contacted. Where possible, parties will be informed of what information is required and what information is optional.
    • Personal information may be processed to keep records of
    • Information may be collected from other sources as explained
    • With consent, information that is provided to the institution may be supplemented with information that is received from other parties.
    • Website usage information is collected using “cookies”, which allows collection of standard internet visitor usage information.

3.   HOW INFORMATION IS USED

  • Personal information will only be used for the purposes for which it was collected or agreed with, for example:
    • To provide services, to carry out transactions as requested, and to maintain relationships;
    • To confirm and verify identities, or to verify authorised users for security purposes;
    • For the detection and prevention of fraud, crime, money laundering or other malpractice;
    • For debt tracing or debt recovery;
    • To conduct market or customer satisfaction research, for statistical analysis, or to improve the quality of our services;
    • For audit and record keeping purposes;
    • In connection with legal
    • Personal information will be used to comply with legal and regulatory requirements or industry codes to which the institution subscribes, or which apply to us, or when it is otherwise allowed by law.

 

4.  DISCLOSURE OF INFORMATION (POPIA Section 18 (1)(h)(i) & (ii)

  • Personal information may be disclosed to the institution’s service providers who are involved in the delivery of products or services. Agreements are in place to ensure that privacy terms are complied with.
  • Personal information may be shared with, and information obtained about from:
    • Other companies, should the services the institution can offer be enhanced, but only where consent has been provided;
    • The institution’s service providers, agents, and sub-contractors who administer or process information on our behalf (such as the cloud service provider);
    • Other third parties from which marketing information has been
    • Information may also be disclosed:
      • Where the institution has a duty or a right to disclose in terms of law or industry codes;
      • Where it is necessary to protect the institution’s

5.  INFORMATION SECURITY

  • The institution is legally obliged to provide adequate protection for the personal information that is held, and to stop unauthorised access and use of personal information. The institution will, on an ongoing basis, continue to review security controls and related processes to ensure that all personal information is secure.

Security policies and procedures cover:

  • Physical security;
  • Computer and network security;
  • Access to personal information;
  • Secure communications;
  • Security in contracting out activities or functions;
  • Retention and disposal of information;
  • Acceptable usage of personal information;
  • Governance and regulatory issues;
  • Monitoring access and usage of private information;
  • Investigating and reacting to security
  • When third parties are contracted, appropriate security is imposed, and privacy and confidentiality are obliged to ensure that the personal information we are responsible for is kept secure.
  • Personal information is primarily stored within the Republic of South However, personal information may need to be transferred to another country for processing or storage. The institution will ensure that anyone to whom personal information is

passed agrees to treat the information with the same level of protection as we are obliged to.

6.  RIGHTS: ACCESS TO INFORMATION AND RECTIFICATION OF INFORMATION COLLECTED AND OBJECTION (POPI Section 18(1)(h)(iii) & (iv))

  • Students have the right to:
    • Request a copy of their personal information and to obtain information regarding how the institution processes it;
    • Have inaccurate/incomplete personal information corrected/completed;
    • Object to the processing of their personal information; and
    • Have personal information

The institution will take all reasonable steps to confirm the identity of students before providing details of their personal information.

  • Please note that any such access request may be subject to a payment of a legally allowable

7. CHANGES TO THIS POLICY 

Please note that the institution may amend this Privacy Policy from time to time, or as necessary. Please check the College website periodically to be informed regarding any changes.

8.  HOW TO CONTACT US

If you have questions about this Policy, or believe the institution has not adhered to it, or need further information about privacy practices, or wish to give or withdraw consent, exercise preferences, or access or correct your personal information, please contact the institution at the following number/address:

Contact Number: +27 87 702 6005 / +27  63 392 3191
Email: info@ihob.co.za

9.   INFORMATION REGULATOR (POPIA Section 18 (1)(h)(iii) and (iv))

You have the right to address any complaint to the Information Regulator, whose contact details are:

Tel:                    012 406 4818 or +27 (0) 10 023 5207

Address:          The Information Regulator (South Africa); SALU Building, 316 Thabo Sehume Street, Pretoria

Email:              inforeg@justice.gov.za

Website:           http://www.justice.gov.za/inforeg/index.html