1. Introduction
Welcome to our privacy policy. We are AOSIS, and this is our plan of action to protect your privacy.
We respect your privacy and take the protection of personal information very seriously. The purpose of this policy is to describe the way that we collect, store, use, and protect data that can be associated with you or another specific natural or juristic person and can be used to identify you or that person (personal information).
For the purposes of this policy, website means this website at www.aosis.co.za, and any other linked or affiliated websites that we own.
2. Audience
This policy applies to you if you are:
- a visitor to our website;
- a customer who has ordered the goods or services that we provide.
3. What is personal information?
3.1. Included. Personal information includes:
- certain information that we collect automatically when you visit our website;
- certain information collected on registration (see below);
- certain information collected on submission; and
- optional information that you provide to us voluntarily (see below);
3.2. Excluded. Personal information excludes:
- information that has been made anonymous so that it does not identify a specific person;
- permanently de-identified information that does not relate or cannot be traced back to you specifically;
- non-personal statistical information collected and compiled by us.
3.3. Common examples. Common examples of the types of personal information which we may collect and process include your:
- identifying information – such as your name, date of birth, or identification number of any kind;
- contact information – such as your phone number or email address;
- address information – such as your physical or postal address; or
- demographic information – such as your gender or marital status.
3.4. Sensitive personal information. Depending on the goods or services that you require, we may also collect sensitive personal information, including your:
- financial information – such as your bank account details;
- professional information – such as your profession, professional registration number; or
- employment information – such as the name and address of your employer or institutional affiliation.
4. Acceptance
4.1. Acceptance required. You must accept all the terms of this policy when you order any of our goods or request our services. If you do not agree with anything in this policy, then you may not order any of our goods or request our services.
4.2. Legal capacity. You may not access our website or order our goods or services if you are younger than 18 years old or do not have the legal capacity to conclude legally binding contracts.
4.3. Deemed acceptance. By accepting this policy, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.
4.4. Your obligations. . You may only send us your own personal information or the information of another data subject where you have their permission to do so.
5. How do we collect personal information?
5.1. On submission of an enquiry or registration. When you submit an enquiry or if you register on our website, you will no longer be anonymous to us. You will provide us with certain personal information. This personal information may include, where appropriate:
- your name and surname;
- your email address;
- your telephone number;
- your ID or passport number;
- your profession and professional registration number;
- your company name, company registration number, and VAT number;
- your postal address or street address;
- your employer’s name and contact details or your institutional affiliation; and
- your username and password.
We will use this personal information to fulfil your account, and provide additional services and information to you as we reasonably think appropriate and for any other purposes set out in this policy.
5.2. On order or request. When you order any goods or services from us, you will be asked to provide us with additional information on a voluntary basis (goods or services information).
5.3. From browser. We automatically receive and record internet usage information on our server logs from your browser, such as your Internet Protocol address (IP address), browsing habits, click patterns, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on the website, and the dates and times that you visit the website, paths taken, and time spent on sites and pages within the website (usage information). Please note that other websites visited before entering our website might place personal information within your URL during a visit to it, and we have no control over such websites. Accordingly, a subsequent website that collects URL information may log some personal information.
5.4. Cookies. We may place small text files called ‘cookies’ on your device when you visit our website. These files do not contain personal information, but they do contain a personal identifier allowing us to associate your personal information with a certain device. These files serve a number of useful purposes for you, including:
- granting you access to age-restricted content;
- tailoring our website’s functionality to you personally by letting us remember your preferences;
- improving how our website performs;
- allowing third parties to provide services to our website; and
- helping us deliver targeted advertising where appropriate in compliance with the applicable laws.
Your internet browser generally accepts cookies automatically, but you can often change this setting to stop accepting them. You can also delete cookies manually. However, no longer accepting cookies or deleting them will prevent you from accessing certain aspects of our website where cookies are necessary. Many websites use cookies, and you can find out more about them at www.allaboutcookies.org.
5.5. Third party cookies. Some of our business partners use their own cookies or widgets (a small interface component that allows a user to perform a function or access a service) on our website. We have no access to or control over them. Information collected by any of those cookies or widgets is governed by the privacy policy of the company that created it and not by us.
5.6. Web beacons. Our website may contain electronic image requests (called a single-pixel gif or web beacon request) that allow us to count page views and access cookies. Any electronic image viewed as part of a web page (including an ad banner) can act as a web beacon. Our web beacons do not collect, gather, monitor or share any of your personal information. We merely use them to compile anonymous information about our website.
5.7. Optional details. You may also provide additional information to us on a voluntary basis (optional information). This includes content or products that you decide to upload or download from our website or when you enter competitions, take advantage of promotions, respond to surveys, order certain additional goods or services, or otherwise use the optional features and functionality of our website.
5.8. Recording calls. We may monitor and record any telephone calls that you make to us unless you specifically request us not to.
6. Who are our data subjects?
We process the personal information of the following categories of people:
- customers or organisations (including institutions, journals, authors, and related personnel);
- prospects or leads;
- employees;
- contractors, vendors, or suppliers;
- debtors and creditors; and
- directors and shareholders.
7. Purpose for processing
7.1 Our purposes. We may use or process any goods or services information or optional information that you provide to us for the purposes that you indicated when you agreed to provide it to us. Processing includes gathering your personal information, disclosing it, and combining it with other personal information. We generally collect and process your personal information for various purposes, including:
- goods or services purposes – such as:
- collecting orders for providing our goods or services,
- managing our contracts with various data subjects,
- managing customer credit,
- processing customer requests or complaints,
- keeping our data subject records and information up to date,
- better understanding of our data subject’s needs, and
- providing support to our customers.
- marketing purposes – such as:
- marketing to customers, and
- marketing to prospects or leads.
- business purposes – such as
- managing employees,
- internal audit,
- accounting,
- business planning and due diligence, joint ventures, disposals of business, or other proposed and actual transactions; and
- legal purposes – such as:
- handling claims and enforcing debts, and
- complying with regulations, or pursuing good governance.
We may use your usage information for the purposes described above and to:
- remember your information so that you will not have to re-enter it during your visit or the next time you access the website;
- monitor website usage metrics such as total number of visitors and pages accessed; and
- track your entries, submissions, and status in any promotions or other activities in connection with your usage of the website
7.2 Consent to collection. We will obtain your consent to collect personal information:
- in accordance with applicable law;
- when you provide us with any registration information or optional information.
8. Use
8.1. Our obligations. We may process your personal information to fulfil our obligations to you.
8.2. Messages and updates. We may send administrative messages and email updates to you about the website. We may wish to provide you with information about new goods or services in which we think you may be interested. This means that in some cases, we may also send you primarily promotional messages. We will not send you promotional messages unless you have chosen to opt into them. However, we may send you one message asking you to opt-into promotional messages without you having opted-into promotional messages.
8.3. Targeted content. While you are logged into the website, we may display targeted adverts and other relevant information based on your personal information. In a completely automated process, computers process personal information and match it to adverts or related information. We never share personal information with any advertiser unless you specifically provide us with your consent to do so. Advertisers receive a record of the total number of impressions and clicks for each advert. They do not receive any personal information. If you click on an advert, we may send a referring URL to the advertiser’s website identifying that a customer is visiting from the website. We do not send personal information to advertisers with the referring URL. Once you are on the advertiser’s website, however, the advertiser is able to collect your personal information.
9. Reasons we share personal information
9.1. Sharing. We may share your personal information with:
- other divisions or companies within the group of companies to which we belong so as to provide joint content and services like registration, for transactions and customer support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services, and communications (they will only use this information to send you marketing communications if you have requested their goods or services);
- an affiliate, in which case we will seek to require the affiliates to honour this privacy policy;
- our goods suppliers or service providers under contract who help supply certain goods or help with parts of our business operations, including fraud prevention, bill collection, marketing, and technology services (our contracts dictate that these goods suppliers or service providers only use your information in connection with the goods they supply or services they perform for us and not for their own benefit);
- credit bureaus to report account information, as permitted by law;
- banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you utilise the services to receive payments and you meet their criteria); and
- other third parties who provide us with relevant services where appropriate.
9.2. Regulators. We may disclose your personal information as required by law or governmental audit.
9.3. Law enforcement. We may disclose personal information if required:
- by a subpoena or court order;
- to comply with any law;
- to protect the safety of any individual or the general public; and
- to prevent violation of our customer relationship terms.
9.4. No selling. We will not sell personal information. No personal information will be disclosed to anyone except as provided in this privacy policy.
9.5. Marketing purposes. We may disclose aggregate statistics (information about the customer population in general terms) about the personal information to advertisers or business partners.
9.6. Employees. We may need to disclose personal information to our employees that require the personal information to do their jobs. These include our responsible management, human resources, accounting, audit, compliance, information technology, or other personnel.
9.7. Change of ownership. If we undergo a change in ownership, or a merger with, acquisition by, or sale of assets to, another entity, we may assign our rights to the personal information we process to a successor, purchaser, or separate entity. We will disclose the transfer on the website. If you are concerned about your personal information migrating to a new owner, you may request us to delete your personal information
10. Security
There is no such thing as “perfect security”. We have to compromise between increased levels of security and the convenience to you in transacting with us.
10.1. Our security responsibilities. We take the security of personal information very seriously and always do our best to comply with applicable data protection laws. Our hosting company will host our website in a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders. We authorise access to personal information only for those employees who require it to fulfil their job responsibilities. We implement disaster recovery procedures where appropriate.
10.2. Our security disclaimers. Please note the following:
- The third parties whose systems we link to are responsible for the security of information while it is collected by, stored on, or passing through the systems under their control.
- We will use all reasonable endeavours to ensure that our website and your information are not compromised. However, we cannot guarantee that no harmful code will enter our website (for example, viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using the website (addressed below).
- If you experience a problem or loss that is caused by the information you provided to us, your computer being compromised in some way or by something beyond our control, we cannot take responsibility for causing the problem. We will, however, do our best to help you if we can.
10.3. Phishing. You must only log in to your account from a page that begins with https://.
11. Accurate and current
We will try to keep the personal information we collect as accurate, complete and up to date as is necessary for the purposes defined in this policy. From time to time, we may request you to update your personal information on the website. You are able to review or update any personal information that we hold on you by accessing your account online, emailing us, or phoning us. Please note that in order to better protect you and safeguard your personal information, we take steps to verify your identity before granting you access to your account or making any corrections to your personal information. Throughout your interaction with us, you retain the right to rectify personal information that is incorrect or inaccurate. This does not apply if we process your personal information in our capacity as an operator or processor on behalf of a responsible party or data controller.
12. Retention
We will only retain your personal information for as long as it is necessary to fulfil the purposes explicitly set out in this policy, unless:
- retention of the record is required or authorised by law; or
- you have consented to the retention of the record.
During the period of retention, we will continue to abide by our non-disclosure obligations and will not share or sell your personal information.
We may retain your personal information in physical or electronic records at our discretion.
13. Transfer to another country
We send personal information outside of South Africa to various countries. We will only transfer data to other countries that have similar privacy laws to South Africa’s that provide an adequate level of protection, or recipients who can guarantee the protection of personal information to the same standard we must protect it.
14. Your rights
14.1. Request what information we hold on you. You may request access to your personal information to receive a copy of the personal information that we hold on you.
14.2. Updating or removing. You may choose to correct or update the personal information you have submitted to us by clicking the relevant menu on any of the pages on our website or contacting us by phone or email. If you are a data subject of one of our customers (who is the responsible party), then you must submit your request to the relevant responsible party, who will then delete your personal information.
14.3. Withdrawal of consent or objection to processing. You may withdraw your consent where we are relying on consent as a lawful justification to process. You may also object to our processing, where we are relying on another lawful justification for processing. Please note that if you do so, we might not be able to provide services to you. We may need to request additional information from you to verify your identity for you to access these rights. This is to ensure that your personal information is not disclosed to an unauthorised person.
15. Data breaches
Where we are the responsible party, we will notify our data subjects of any data breaches that have occurred. Where our customers are responsible parties, it is our customers’ responsibility to notify the relevant supervisory authority and any affected data subjects of the data breach.
16. Changes
We may change the terms of this policy at any time by updating this web page. We will notify you of any changes by placing a notice in a prominent place on the website or by sending you an email detailing the changes that we have made and indicating the date that they were last updated. If you do not agree with the changes, then you must stop using the website and our goods and services. If you continue to use the website or our goods or services following notification of a change to the terms, the changed terms will apply to you, and you will be deemed to have accepted those updated terms.
17. Limitation
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third-party websites.
18. Enquiries
If you have any questions or concerns arising from this privacy policy or the way in which we handle personal information, please contact us.
September 2022 | Version 1.2