Changes to this Policy. Unless notice is required in terms of any applicable laws, we may change the content of this Policy from time to time in line with any changes that the law or our internal business operations require, without prior notice. However, we will notify you of any material changes to this Policy. The current version of this Policy that applies each time you visit and/or use our Website, App, Platform and/or Services will regulate our relationship. It is your responsibility to consider the Policy each time you visit the Website or App. If you do not agree with any terms of this Policy, you must stop using the Website, App, Platform and/or Services.
The right to privacy and this Policy is important to us. We are committed to taking steps to protect your privacy when you use the Platform and Services and we therefore implement business practices that comply with applicable laws, including the Protection of Personal Information Act 4 of 2013 (“POPI“) and the General Data Protection Regulation ((EU) 2016/679) (“GDPR“) (collectively “Applicable Law“). In this Policy, we explain how we will use and protect your Personal Information in light of Applicable Law.
2. personal information
Where we refer to “Personal Information” in this Policy, we mean personal information as defined in Applicable Law, being information that may be used to directly or indirectly identify you. Personal Information includes, for example, your name, surname, email address, identity number, contact details, photograph and location.
3. Collecting your Personal Information
We collect Personal Information about you from the following sources:
- directly from you when you provide it to us, such as when you sign up to use the Platform, Website, App and Services, contact us or through the course of our relationship with you;
- from public sources where you have made your Personal Information public, including on social media;
- from your use of our Platform, Website or App or use of any features or resources available on or through our Platform, Website or App; and
- from third parties when you interact with them through the Platform, Website or App, such as the Facility Owners, or your interaction with us as a result of the Services or as required of the third parties to share it with us.
4. categories of personal information that we process
- General personal details: your name and surname, gender, date of birth, age, nationality, language preferences, identity or passport number.
- Sensitive personal information: such as biometric information.
- Contact details: your address, contact number, email address, public social media profile(s).
- User information: Personal Information included in correspondence, transaction documents, use of the Services or other materials that we process in the course of providing the Services.
- Consent records: records of any consents you have given us in respect of using your Personal Information, including the consent by a parent/guardian where the User is a minor, consent to use your biometric information, and any related information, such as the specific details of the consent. We will also record any withdrawals or refusals of consent.
- Payment details: payment method, information provided by payment gateway service provider, payment amount, date and reason for payment and related information.
- Data relating to our Platform, Website and App: such as the type of device you use to access the Website and App, the operating system and browser, browser settings, IP address, dates and times of connecting to and using the Website and App and other technical communications information.
- Cookies and other technologies: such as geofencing, proximity beacons, and other cookies.
- Account details: such as your username, password, usage data, and aggregate statistical information.
- Content and advertising data: records of your interactions with our online advertising on the various websites which we advertise and records relating to content displayed on web-pages displayed to you.
- Views and opinions: any views and opinions that you choose to share with us, or publicly post about us on social media platforms or on the various app stores from which our App is available.
- Children’s Personal Information: Personal Information of any User below the age of 18 (eighteen) years necessary for Appmit to render the Services and with the consent of a parent or guardian.
Appmit will only process the Personal Information of children with the consent of a parent or guardian of that child and biometric information with explicit consent.
5. purposes of processing personal information
We only process adequate and relevant Personal Information for the following purposes and legal bases:
- to perform in terms of our agreement with you (provide you with the Services, Platform, Website and App);
- operate and manage your account;
- monitor and analyse our business to ensure that it is operating properly, for financial management and for business-development purposes;
- contact you by email, sms, push notifications or other means to inform you about our Services, unless you have opted-out of such communications (direct marketing);
- form a view of you as an individual and to identify, develop or improve the Platform, Website, App and Services that may interest you;
- carry out market research and surveys, business and statistical analysis and necessary audits;
- fraud prevention;
- perform other administrative and operational tasks like testing our processes and systems and ensuring that our security measures are appropriate and adequate; and
- comply with our regulatory, legal or other obligations.
In addition to the above purposes, we may use your Personal Information for other purposes if the law allows for it, if you consent to it, or if it is in the public interest to do so. All purposes for the processing of your Personal Information will be legal in terms of Applicable Law.
6. direct marketing
We may process your Personal Information to contact you to provide you with information regarding our Services that may be of interest to you. Where we provide Services to you (where you are a customer of ours), we may send information to you regarding our Services and other information that may be of interest to you, using the contact details that you have provided to us. We will only send you direct marketing communications in compliance with Applicable Laws.
You may unsubscribe from any direct marketing communications at any time by clicking on the unsubscribe link that we include in every direct marketing communication, in your account settings on the Website or App or by contacting us and requesting us to do so.
After you unsubscribe, we will not send you any direct marketing communications, but we will continue to contact when necessary in connection with providing you with the Services or in connection with our business.
7. Disclosure of Personal Information to third parties
We will keep your Personal Information confidential and only share it with others in terms of this Policy, or if you consent to it, or if the law requires from us to share it. We may disclose your Personal Information to:
- our business partners or third party processors in order to provide you with the Website, App and Services, such as data storage service providers, third party payment processors, Facility Owners, etc. in accordance with written agreements;
- legal and regulatory authorities, upon their request, or for the purposes of reporting any breach of Applicable Law;
- accountants, auditors, lawyers and other external professional advisors in terms of written agreements with them;
- any relevant party to the extent necessary for the establishment, exercise or defence of legal rights, criminal offences, threats to public security, etc.;
- any relevant third party in the event that we sell or transfer all or any portion of our business or assets; and
- any relevant third party provider where our Website or App uses third party advertising, plugins or content.
If we engage third party processors to process your Personal Information, the processors will only be appointed in terms of a written agreement which will require the third party processors to only process Personal Information on our written instructions, use appropriate measures to ensure the confidentiality and security of your Personal Information and comply with any other requirements set out in the agreement and required by Applicable Law.
Our Website and App may connect to various social media websites or apps, including, but not limited to, Facebook, Twitter, LinkedIn, Instagram and Google+. If you want to use our Website or App for social media integration, we will share your Personal Information with the relevant social media websites or apps.
8. International transfers of Personal information
We may transfer your Personal Information to recipients in other countries. We will only transfer Personal Information to third parties in countries with adequate data protection laws or do so in terms of a written agreement with the recipient which imposes data protection requirements on that party as required by Applicable Law.
Please note that when you transfer any Personal Information directly to a third party in another country (i.e. we do not send your Personal Information to the third party), Appmit is not responsible for that transfer of Personal Information (and such transfer is not based on or protected by this Policy). Any Personal Information that we receive from a third party country will nevertheless be processed in terms of this Policy.
We have implemented appropriate technical and organisational security measures designed to protect Personal Information against accidental or unlawful destruction, loss, alteration, disclosure, access and other unlawful or unauthorised forms of processing. These measures are in accordance with Applicable Law.
The internet is an open and often vulnerable system and the transfer of information via the internet is not completely secure. Although we will implement all reasonable measures to protect Personal Information, we cannot guarantee the security of your Personal Information transferred to us using the internet. Therefore, you acknowledge and agree that any transfer of Personal Information via the internet is at your own risk and you are responsible for ensuring that any Personal Information that you send is sent securely.
10. your legal rights
You have certain rights in relation to your Personal Information. As available and except as limited under Applicable Law, you have the following rights in respect of your Personal Information:
- Right of access – the right to be informed of and request access to the Personal Information that we process about you;
- Right to rectification – you may request that your Personal Information be amended or updated where it is inaccurate or incomplete;
- Right to erasure – the right to request that we delete your Personal Information, subject to applicable limitations and exceptions;
- Right to restrict processing – you may request that we temporarily or permanently stop processing your Personal Information;
- Right to object –
- you may object to us processing your Personal Information; and
- to your Personal Information being processed for direct marketing purposes;
- Right to information portability – you may request a copy of your Personal Information and request that information to be transmitted for use by another person; and
- Right not to be subject to automated decision-making – where a decision that has a legal or other significant effect is based solely on automated decision making, including profiling, you may request that your Personal Information not be processed in that manner.
Where you have provided consent for us to process your Personal Information, you may also withdraw your consent where our processing is based on your consent. However, we may continue to process your Personal Information if another legal justification exists for the processing.
When you use the Website and App, we automatically receive and record information on our server logs from your browser. This information may include, amongst others, your location, IP address, cookie information and Google Analytics information. This is statistical data about browsing actions and patterns. We may also obtain information about your general internet usage through a cookie file which is stored on the hard drive of your computer. Cookies enable us to improve our Website, App, Platform and Services, estimate our audience size and usage patterns, store information about your preferences and recognise when you return to our Website or App.
In some instances, we collect and store information about your location through cookies (other than when you share your location with us). We convert your IP address or mobile GPS data into a rough geo-location or obtain it from the facility that you are accessing with the App. We may use location information to improve and personalise our Website, App, Platform and Services for you.
The various types of cookies (distinguished by their function, lifespan and origin) that we may collect include the following:
- First party cookies. Cookies that are stored by the actual website or app you are visiting.
- Necessary cookies. Cookies that are necessary for the technical operation of a website or app. For example, they enable you to move around on a website or app and to use its features.
- Performance cookies. Cookies that collect data on the performance of a website or app. Examples include the number of persons who visit a website or app, the time spent on the website or app and errors that may arise during the use of the website or app.
- Functionality cookies. Cookies that increase the usability of a website or app by remembering a visitor’s choices, such as the language preference, login information, location of the visitor, etc.
- Targeting or advertising cookies. Cookies that enable a website or app to send its visitors personalised advertising, often based on your browsing history.
- Session cookies. These are temporary cookies that are deleted once you close the browser. Permanent cookies are those that are stored on your device until you delete them or until your browser deletes them based (after a period specified in the cookie).
Technologies that we use to provide the Service include:
- IOT devices – internet of things devices that are used to allow the App to access entryways of facilities.
- Geofencing – used to determine your proximity to a facility.
- Proximity beacons – used to determine an End-User’s proximity to an entryway of a facility.
- NFC tags – used to allow an End-User to access an entryway at a facility with their device.
- QR codes – used to access entryways at a facility with the App.
- Magnetic strips – used to view the status of an entryway at a facility with the App.
12. Links on our website and app
Our Website and App may include links to other apps or third party websites which do not fall under our supervision. We cannot accept any responsibility for your privacy or the content of these third party sites, but we display these links in order to make it easier for you to find information about specific subjects.
13. Right to object
You may, on reasonable grounds, object to us using your Personal Information for certain purposes. If you object, we will stop using your Personal Information, except if Applicable Law allows its use. To exercise this right or to discuss it with us, please contact us at firstname.lastname@example.org.
14. Children’s information and special personal information
We do not collect or use children’s Personal Information for purposes other than providing the Services to Users that are children without the consent of a parent or guardian of the child. Similarly, we do not intentionally collect or processing sensitive Personal Information and will only do so with consent or if required by Applicable Law.
We will only use the Personal Information of child Users for purposes of providing the Website, App, Platform and Services to them in terms of the consent received or if there is a legal justification to use the Personal Information in terms of Applicable Laws.
15. Quality and access to your information
Quality. We want to ensure that your Personal Information is accurate and up to date. You may ask us to correct or remove any Personal Information that you think is inaccurate, by sending us an email to email@example.com.
Access. You have the right to request us to provide you with Personal Information that we hold about you. You must contact us directly to do so or send an email to firstname.lastname@example.org. This request may be subject to an access to information request in terms of Applicable Laws and may require you to verify your identity, identify the rights you are wishing to exercise and pay a fee.
The right to access your Personal Information may further be limited in terms of Applicable Law.
16. Retention of information
We take every reasonable step to ensure that your Personal Information is only processed for the minimum period necessary for the purposes set out in this Policy.
We retain Personal Information in accordance with the required retention periods in Applicable Law or for legitimate business purposes. We will only retain your Personal Information for the purposes explicitly set out in this Policy. We may keep Personal Information indefinitely in a de-identified format for statistical purposes, which may include for example statistics of how you use the Website, App, Platform and Services.
This Policy also applies when we retain your Personal Information.
We may retain your Personal Information for the duration of any period necessary to establish, exercise or defend any legal rights.
17. Security breach
We will report any security breach to the applicable regulatory authority in terms of Applicable Law and to the individuals or companies whose Personal Information is involved in the breach. If you want to report any concerns about our privacy practices or if you suspect any breach regarding your Personal Information, kindly notify us by sending an email to email@example.com.
18. Lodging a complaint
If you want to raise any objection or have any queries about our privacy practices, you can contact our data protection officer at firstname.lastname@example.org.
You also have the right to formally lodge a complaint in terms of applicable laws as follows:
|Applicable Law||Regulatory authority name||Contact details|
|POPI||The Information Regulator||Website: http://www.justice.gov.za/inforeg/index.html
Address: SALU Building, 316 Thabo Sehume Street, Pretoria
Tel: 012 406 4818
Fax: 086 500 3351
|GDPR||The European Commission||Online complaint procedure: https://ec.europa.eu/info/about-european-commission/contact/problems-and-complaints/how-make-complaint-eu-level/submit-complaint_en
Address: European Commission, Secretary-General
19. Disclosure in terms of section 43 of Electronic Communications and Transactions Act 25 of 2002
- Website and App owner: Appmit Proprietary Limited (trading as “Appmit”), registration number 2015/442559/07.
- Legal status: Appmit Proprietary Limited is a private company, duly incorporated in terms of the applicable laws of South Africa.
- Director: Jacobus Johannes Roseldt Kotze.
- Description of main business of Appmit: a universal mobile enabled key granting access to facilities, sites and events. Use the Services to receive access cards, access codes, virtual remotes, monthly permits and pay for parking tickets. Appmit uses technologies, including proximity beacons, NFC and QR codes to grant Users access to facilities.
- Email address: email@example.com
- Website address: https://www.appmit.com/
- Physical address: Launchlab, Hammanshand Road, Stellenbosch, Western Cape, 7600
- Registered address: Launchlab, Hammanshand Road, Stellenbosch, Western Cape, 7600
- Postal address: Erf 153, De Zalze Golf Estate, Stellenbosch, Western Cape, 7613