1.1 Xineoh ("Xineoh, we, us, our") is sensitive to the personal nature of the information you provide to us.
1.2 This privacy policy ("this Policy") explains how we protect and use Personal Information.
1.3 By providing us with Personal Information, you –
1.3.1 Agree to this Policy and authorise us to process such information as set out herein; and
1.3.2 Authorise us, our Service Providers and other third parties to process your Personal Information for the purposes stated in this Policy.
1.4 We will not use Personal Information for any other purpose than that set out in this Policy and will endeavour to protect your Personal Information in our possession from unauthorised alteration, loss, disclosure or access.
1.5 Please note that we may review and update this Policy from time to time. The latest version of this Policy is available on request, alternatively may be downloaded from our Website at www.xineoh.com
1.6 This Policy applies to all external parties with whom we interact, including but not limited to clients / representatives of client organizations, visitors to our offices, and other users of our services ("you"). Defined terms used in this Policy are set out in Annexure A.
2.1 We may collect or obtain Personal Information about you –
2.1.1 Directly from you;
2.1.2 In the course of our relationship with you;
2.1.3 When you make personal information public;
2.1.4 When you visit and/or interact with our Website, or our various social media platforms;
2.1.5 When you register to receive newsletters and updates from us, our Service Providers, Distributors and / or partners;
2.1.6 When you interact with any third-party content or advertising on our Website; or
2.1.7 When you visit our offices / premises.
2.2 In addition to the above, we may create Personal Information such as records of your communications and interactions with us, including, but not limited to, your attendance at meetings, events, or at interviews in the course of job applications, subscription to our newsletters and other mailings and interactions with you during the course of our digital marketing campaigns etc.
We may process the following categories of Personal Information about you / your clientele / customers / data subjects ("Personal Information") -
ITEM |
CATEGORIES |
INFORMATION |
3.1 |
Personal details: |
Name and surname |
3.2 |
Demographic information : |
Gender; date of birth / age; nationality; title; and language preferences. |
3.3 |
Identifier information : |
Passport and / or national identity number. |
3.4 |
Contact details : |
Correspondence, residential and / or employment address; business address; telephone number; email address; and details of public social media profile(s). |
3.5 |
Attendance records : |
Details of meetings and other events organised by us, or on our behalf which you have attended. |
3.6 |
Consent records : |
Records of any consents you may have given, together with the date and time, means of consent and any related information. |
3.7 |
Payment details: |
Billing address; payment method; bank account number or credit card number; invoice records; payment records; SWIFT details; IBAN details; payment amount; payment date; and records of cheques. |
3.8 |
Data relating to your visits to our Website: |
Device type; operating system; browser type; browser settings; IP address; language settings; dates and times of connecting to a website; and other technical communications information. |
3.9 |
Employee details |
Where you interact with us in your capacity as an employee of an organisation, the name, address, telephone number and email address of your employer, to the extent relevant. |
4.1 Where we need to Process Sensitive Personal Information, we will do so in the ordinary course of our business, for a legitimate purpose, and in accordance with applicable law.
5.1 We will Process the Personal Information in the ordinary course of the business of consumer behaviour prediction and related services. We will primarily use Personal Information only for the purpose for which it was originally or primarily collected. We will use the Personal Information for a secondary purpose only if such purpose constitutes a legitimate interest and is closely related to the original or primary purpose for which the Personal Information was collected. We may subject the Personal Information to Processing during the course of various activities, including, without limitation, the following -
5.1.1 Operating and conducting our business;
5.1.2 Analysis, evaluation, review and collation of information in order to determine potential issues and / or disputes, prepare memoranda, correspondence, reports, other documents and records (whether in electronic or any other medium whatsoever);
5.1.3 Compliance with applicable law and fraud prevention;
5.1.4 Transfer of information to our Service Providers and other third parties; and
5.1.5 Recruitment.
5.2 We may process the Personal Information for relationship management and marketing purposes in relation to our services (including, but not limited to, Processing that is necessary for the development and improvement of our products and services, for accounts management, and for marketing activities in order to establish, maintain and/or improve our relationship with you and with our Service Providers. We may also analyse Personal Information for statistical purposes.
5.3 We may process Personal Information for internal management and management reporting purposes, including but not limited to conducting internal audits, conducting internal investigations, implementing internal business controls, providing central processing facilities, for insurance purposes and for management reporting analysis.
5.4 We may Process the Personal Information for safety and security purposes.
6.1 We may disclose the Personal Information to our Associates and / or Service Providers, for legitimate business purposes, in accordance with applicable law and subject to applicable professional and regulatory requirements regarding confidentiality. In addition, we may disclose Personal Information -
6.1.1 If required to do so by law;
6.1.2 To legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
6.1.3 Third party operators (including, but not limited to, data processors such as providers of data hosting services and document review technology and services), located anywhere in the world, subject to Clause 6.2;
6.1.4 To any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including, but not limited to, safeguarding against, and the prevention of threats to, public security; and
6.1.5 To any relevant third-party acquirer(s), in the event that we sell or transfer all or any portion of our business or assets (including, but not limited to, in the event of a reorganization, dissolution or liquidation).
6.2 To any relevant third-party provider, where our website uses third party advertising, plugins or content. If we engage a third-party operator to process any of the Personal Information, we recognise that any Operator who is in a foreign country / jurisdiction must be subject to a law, binding corporate rules or binding agreements which provide an adequate level of protection similar to the EU General Data Protection Regulation (GDPR). We review our relationships with Operators which we engage on an ongoing basis. To the extent required by any applicable law in force, we will require such operators to be bound by contractual obligations to -
6.2.1 Only process such personal information in accordance with our prior written instructions; and
6.2.2 Use appropriate measures to protect the confidentiality and security of such personal information.
7.1 We may transfer the Personal Information to recipients in foreign jurisdictions.
7.2 Subject to Clause 6.2 above, Personal Information may be transferred to foreign jurisdictions only if the relevant country to which the data is transferred has adopted a law which provides for an adequate level of data protection and requires the Operator/third party to protect the Personal Information in line with applicable data protection legislation.
8.1 We implement appropriate technical and organisational security measures to protect the Personal Information in our possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.
8.2 Where there are reasonable grounds to believe that the Personal Information in our possession has been accessed or acquired by any unauthorised person, we will notify you and the relevant regulator, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs us that notifying you will impede a criminal investigation.
8.3 Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect the Personal Information in our possession, we cannot guarantee the security of any information transmitted using the internet and we cannot be held liable for any loss of privacy occurring during the course of such transmission.
9.1 The Personal Information provided to us should be accurate, complete, and up to date. Should Personal Information change, the onus is on the provider of such data to notify us of the change and to provide us with the accurate data.
10.1 We will restrict the processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.
11.1 We will only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer.
12.1 You have the right to access to your Personal Information and to ask us to rectify, erase and restrict use of your Personal Information.
12.2 You may also have rights to object to your Personal Information being used, to ask for the transfer of Personal Information you have made available to us and to withdraw consent to the use of your Personal Information.
13.1 We may Process Personal Information by our use of Cookies and similar technologies.
13.2 When you visit our Website, we may place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law. We use Cookies to record information about your device, your browser and, in some cases, your preferences and browsing habits.
14.1 We may Process Personal Information for the purposes of providing you with information regarding products which may be of interest to you. You may unsubscribe for free at any time.
14.2 If you currently receive marketing information from us which you would prefer not to receive in the future, please email us at developers@xineoh.com.
YOU MAY CONTACT US AT |
Xineoh |
ATTENTION |
Information Officer: Vian Chinner |
ADDRESS |
Block B, The Offices of Hyde Park, 1 Strouthos Road 2nd Avenue, Hyde Park,
Sandton,
|
TELEPHONE |
+27 72 014 1215 |
|
vian@xineoh.com |
WEBSITE |
1. "Associates" means the shareholders, the directors, employees, consultants of Xineoh.
2. "Cookie" means a small file that is placed on your device when you visit a website. In this Policy, a reference to a "Cookie" includes analogous technologies such as web beacons and clear Graphic Interchange Format files ("GIFs").
3. "Operator" means any person or entity that Processes Personal Information on behalf of the Responsible Party.
4. "Personal Information" means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
5. "Process", "Processing" or "Processed" means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
6. "Responsible Party" means the entity that decides how and why Personal Information is Processed.
7. "Sensitive Personal Information" means Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.
8. "Service Provider" – third party providers of various services whom we engage, including, but not limited to, providers of information technology, communication, file storage, data storage, copying, printing, accounting or auditing services, attorneys, debt collectors, counsel, experts, investigators, translators, taxation consultants, our insurers and professional advisors.
9. "Website" means any website operated, or maintained, by us or on our behalf.