PoE Portal

PROTECTION OF PERSONAL INFORMATION (POPIA) Terms and Conditions 1. Introduction This document sets out the manner in which personal information is collected, processed, stored, and protected in compliance with the Protection of Personal Information Act, 2013 (“POPIA”). By submitting personal information to us, you acknowledge that such information may be processed in accordance with these terms. 2. Definitions For purposes of this document: “Personal Information” means information relating to an identifiable, living natural person and, where applicable, an identifiable existing juristic person. “Processing” includes collection, receipt, recording, organisation, storage, updating, retrieval, distribution, or destruction of personal information. “Data Subject” means the person to whom the personal information relates. “Responsible Party” means the entity determining the purpose and means of processing personal information. 3. Collection of Personal Information We may collect and process the following categories of personal information: Full names and surnames Identity or registration numbers Contact details (email, telephone, address) Banking and payment details Employment and educational information Technical information (IP address, device identifiers) Any other information voluntarily provided Personal information may be collected: Directly from the data subject Through website forms or online portals Through contractual engagement From publicly available sources where lawful 4. Purpose of Processing Personal information is processed for lawful and legitimate business purposes, including but not limited to: Providing products and services Client onboarding and verification Contract administration Invoicing and payment processing Communication and support Compliance with legal and regulatory obligations Internal record keeping and governance Personal information will only be processed for the purpose for which it was collected unless otherwise permitted by law. 5. Legal Basis for Processing Processing is conducted on one or more of the following lawful grounds: Consent of the data subject Performance of a contract Compliance with a legal obligation Protection of legitimate interests Protection of a legitimate interest of the data subject 6. Security Safeguards We implement appropriate, reasonable technical and organisational measures to prevent: Loss or damage of personal information Unauthorised access Unlawful processing Disclosure or misuse Security measures may include: Access control mechanisms Firewalls and encryption Secure hosting environments Confidentiality agreements with staff and service providers 7. Sharing of Personal Information Personal information may be shared with: Employees and authorised personnel Service providers and operators acting under contract Regulatory authorities where legally required Financial institutions for payment processing All third parties are required to maintain confidentiality and implement adequate security controls. We do not sell personal information. 8. Cross-Border Transfers Where personal information is transferred outside the Republic of South Africa, such transfer shall occur only if: The recipient is subject to similar data protection laws; or The data subject consents; or The transfer is necessary for contractual performance; or The transfer is otherwise permitted under POPIA. 9. Retention of Information Personal information is retained only for as long as: Necessary to fulfil the purpose for which it was collected; Required by law; or Required for lawful business purposes. Thereafter, information will be securely destroyed or de-identified. 10. Rights of the Data Subject In terms of POPIA, data subjects have the right to: Access their personal information Request correction or deletion Object to processing Withdraw consent Lodge a complaint with the Information Regulator Requests must be submitted in writing to the designated Information Officer. 11. Information Officer An Information Officer is appointed in terms of POPIA and is responsible for ensuring compliance. All requests, complaints, or queries relating to personal information must be directed to the appointed Information Officer via the official communication channels. 12. Cookies and Website Usage Our website may use cookies and tracking technologies to improve user experience and system performance. Users may disable cookies through browser settings; however, certain features may be affected. 13. Breach Notification In the event of a security compromise affecting personal information, affected data subjects and the Information Regulator will be notified in accordance with POPIA requirements. 14. Amendments We reserve the right to amend these terms from time to time. Updated versions will be published through official communication platforms. 15. Acceptance By using our services, website, portal, or submitting personal information, you acknowledge that you have read and understood these terms and consent to the processing of your personal information in accordance with the Protection of Personal Information Act, 2013.