Introduction
Hollard (‘We’, ‘us’ and ‘our’) cares about the privacy, security and online safety of our customers’ (‘you’ and ‘your’) personal information. We take our responsibility to protect your personal information very seriously. This notice explains how we collect, use, share and protect your personal information, as required by the Protection of Personal Information Act (POPIA). Using our services and any disagreements about your privacy are subject to this notice.
As our business grows and changes, we may need to update this notice to reflect those changes. If changes affect you personally, we will try and contact you directly because it is important to us that you understand at all times how your personal information is used. Please make sure that we always have your latest contact details.
The meaning of processing your personal information
To help you understand this notice, we include the explanations of the terms ‘personal information’ and ‘process’ as used in POPIA:
Personal information and special personal information are any information relating to an identifiable living or juristic person. Some examples are: race, gender, marital status, nationality, age, physical or mental health, disability, language, education, identity number, telephone number, email, postal or street address, biometric information and financial, criminal or employment history.
Process means any operation or activity, whether automated or not, concerning personal information, including: collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, use, dissemination by means of transmission, distribution or making available in any other form, merging, linking, as well as blocking, degradation, erasure or destruction of information. “Processing” will have a similar meaning.
Why we process your personal information
We have to process some of your personal information in order to provide you with our products and services, and also as required by insurance, tax and other legislation. For example: When you buy one of our services or products, we collect your name, contact information and payment information to complete the transaction.
Your personal information is also gathered through our website and other channels we use to distribute, communicate and deliver our services. We use your personal information in order to do the following:
• identify you
• process your requests or instructions
• manage your policy
• follow the laws of South Africa
• detect and prevent fraud
• offer other products and services to you
Because of the nature of our business, we sometimes use other parties like our service providers and administrators who in turn process your personal information.
When we share your personal information
In order to provide our products and services to you, we may share your personal information with other insurers, industry bodies, credit agencies and our service providers.
These are some examples of when we will share your personal information: • When required by any regulatory authority, such as The Financial Sector Conduct Authority (FSCA).
• When required by legislation or any legal process.
• To protect and defend our rights and property, including our intellectual property.
• When you have given us direct permission to do so.
We will never sell your personal Information or share it with other parties for their own marketing use, unless you have given us direct permission.
Some information is automatically collected
When you use any of our digital channels like websites and apps, we receive and store information generated by your activities (usage data gathered by cookies) and other information that are automatically collected from your browser or mobile device. Most of this data is generally not personally identifiable. However, some of this data, either alone or when linked with other information, may allow your identity to be discovered. We treat this combined data as personal information and we protect it accordingly.
• Cookies are small text files that are created when you view a website. They gather usage data which includes information about the sites you visited, the number of times you visit, the date, time and length of your visit, which products or services you viewed and which areas of the site you visited. We may assign you one or more unique identifiers to help keep track of your future visits.
• Other information automatically collected may include your IP address, browser type and version, preferred language, geographic location, wireless or Bluetooth technology on your device, operating system and computer platform.
Information collected through online advertising
We use service providers (such as Google, DoubleClick and Programmatic Buying) to help us deliver our banner advertisements and other online communications. To understand which types of offers, promotions and advertising are most appealing to our customers, these service providers may collect and use some of your personal information. This information is aggregated and cannot be linked to you.
• Data aggregation is any process in which information is gathered and expressed in a summary form using specific variables such as age, profession, income and interests.
These service providers show Hollard’s ads on sites on the internet, and they use the information stored in cookies based on your prior visits to Hollard’s website. If you don’t want your personal information to be used in this way, you can opt out of the use of cookies, by visiting any of the following sites:
• Google at http://www.google.com/policies/privacy/ads/
• Network Advertising Initiative at
http://www.networkadvertising.org/managing/opt_out.asp
How we protect your data
We take every reasonable precaution to protect your personal information (including information about your activities) from theft, unauthorised access and disruption of services.
Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. We regularly test our website, data centres, systems, and other assets for security vulnerabilities.
However, we cannot guarantee the security of any personal information that you willingly disclose online. Please note that we process and collect your personal information when you use our website, contact us electronically or complete a quotation or application form online.
When you use any of our online services, you will be given a username and password. Always keep this information safe and never disclose it to anyone.
Receiving marketing from us
We like to keep our customers informed of the latest products and services offered by us and our service providers. When you buy a new product or service from us, we will ask you what your marketing preferences are. If you do not want to receive marketing from us, you can change your preference on our self-service portal (if you have access) or by contacting us on the details on your policy document or on the details below.
Note that even if you choose not to receive marketing from us, we may still communicate with you regarding things like security updates, product functionality, responses to service requests and for other transactional or administrative purposes.
Accessing, changing or removing your personal information
You may ask us to access, change or remove your personal information from our records. If legislation allows, we may charge an administrative fee, but we will always inform you of any cost before performing your request.
3rd Party Privacy Notice
As a law-abiding Corporate Citizen, Hollard has a duty to comply with the operative provisions of the Protection of Personal Information Act 4 of 2013 (‘POPIA’) which came into effect on 1 July 2020. POPIA is a data privacy law that complements section 14 of the Constitution of the Republic of South Africa, 1996, which provides that everyone has the right to privacy. POPIA prescribes a number of responsibilities and liabilities to entities that control and/or process personal information and defines new roles which include:
* Responsible party: a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information;
* Operator: a person who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party;
* Data subject: the individual or legal/juristic person to whom personal information relates; and Personal information: any information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.
In light of these regulatory developments, we are in the process of reviewing and updating all the agreements we have with our service providers, business partners and contractors in an effort to ensure that the agreements comply with the requirements mandated by POPIA. We also want to remind you that as a potential Operator, you are also bound by the provisions of POPIA, which means that you will be required to have adequate processes in place to ensure that all personal information is collected and used appropriately (for the intended purpose), lawfully and transparently.
Organizations have been granted a grace period of one year from the effective date, to normalize and implement the requirements of the law within their risk and compliance frameworks, and have to be able to demonstrate compliance by the 1st of July 2021. Given the enormity and scale of the work that lies ahead we encourage you to start rethinking the way your internal processes are designed to be able to meet these new regulatory requirements. In the coming months, we will be engaging you further on what to expect from our POPIA remediation program.
Contact us
If you have any questions, or you want to update your personal information or preferences, please contact our Privacy Office on the details below:
Postal address
Hollard Insurance – The Privacy Office
PO Box 87419
Houghton
2041
Physical address
Hollard Insurance – The Privacy Office
Hollard Villa Arcadia
22 Oxford Road
Parktown
2193
Email: [email protected]