We respect your data

Privacy Statement

Your consent and privacy is important to us. Read our full statement and disclaimers here. 

INTRODUCTION

The right to privacy is an integral human right recognised and protected in the South African Constitution and the Protection of Personal Information Act 4 of 2013 (“POPIA”). POPIA aims to promote the protection of privacy by providing guiding principles that are intended to be applied to the processing of personal information in a context-sensitive manner. ​Through the provision of quality services, Bficient (Pty) Ltd is necessarily involved in the collection, use and disclosure of certain aspects of the personal information of clients, customers, employees, and other stakeholders. A person’s right to privacy entails having control over his or her personal information and being able to conduct his or her affairs relatively free from unwanted intrusions.

Commitment to Compliance with POPI

Given the importance of privacy, Bficient is committed to effectively managing personal information in accordance with POPIA’s provisions. To meet the requirements of POPI, Bficient has drafted a POPI Risk Management Programme which includes:

  • Development and implementation of Information processing plan and procedures, including the safeguards of personal information required under POPI.
  • Development and implementation of a compliance monitoring plan.
  • Appointment of an Information Officer.
  • Delegation of duties to staff and training on their duties.
  • Development of disclosures and client POPI engagement processes.
  • Documentation of relationships with third parties on the sharing of personal information and/or service agreements for the outsourcing of certain POPI obligations.

INFORMATION OFFICER

Bficient has appointed Aadila Essop as its Information Officer. All correspondence to the Information Officer may be submitted via e-mail to: info@bficient.co.za 

PRIVACY STATEMENT

Bficient is committed to processing personal information in accordance with the below principles when collecting, recording, storing, disseminating, and destroying personal information, and responding to government requests for our users’ data:

  • We shall not contact/solicit you unless you have given us your consent to do so or unless required as part of an existing relationship with you.
  • We shall process your personal information for a specific, lawful reason and only adequate, relevant information which is limited to the purposes for which they are processed, and which relates to the functions or the activity of Bficient.
  • If you cancel your services with Bficient, we will delete or otherwise de-identify your personal information after the minimum storage periods required under our risk and statutory record-keeping periods have expired.
  • We take measures to ensure data is kept safe and prevent loss of, damage to, or unauthorized destruction of personal information, and unlawful access to or processing of personal information.

Bficient collects information directly from our clients where they provide us with their details. In addition to the aforementioned, we shall, subject to our client’s consent, or to execute our service agreement with a client, obtain further information required from third parties and other sources where necessary.

Bficient does not collect and process special personal information unless it is a requirement by law to process such information as part of our service delivery, in which case we shall obtain consent from the data subject before collection thereof. We do not knowingly collect personal information from children (under 18 years of age) without the permission of their parent/s or guardian.

Bficient and its employees may disclose personal information to:

  • other service providers directly involved in the rendering of services or the provision of products to clients;
  • to service providers, it is engaged with to assist it to manage its day-to-day operations, such as accountants, compliance officers, administration etc, if Bficient has a duty or a right to disclose same in terms of law or certain industry codes, or if it is necessary to protect Bficient’s legal rights and interests,
  • to regulators when required.

We undertake to review and update our security measures in accordance with future legislation and technological advances. Access to client data from within our organisation is limited to essential staff or specialist contractors that are required to access our systems for client service or maintenance purposes, and who are bound by the requirements of legislation and are required to maintain safety and security measures. Bficient will not transfer personal information to a third party in a foreign country without ensuring that such transfer complies with the provisions of POPI.

REQUEST TO ACCESS PERSONAL INFORMATION PROCEDURE

In terms of POPI, data subjects have the right to:

  • Request what personal information Bficient holds about them and why.
  • Request access to their personal information.
  • Be informed on how to keep their personal information up to date.

Access to information requests can be made by email, addressed to the Information Officer at info@bficient.co.za. The Information Officer will provide the data subject with a “Personal Information Request Form”. Once the completed form has been received, the Information Officer will verify the identity of the data subject before handing over any personal information. All requests will be processed and considered against Bficient’s PAIA Policy. The Information Officer will process all requests within a reasonable time.

POPI COMPLAINTS AND OBJECTIVES PROCEDURE

A client has a right to object to the use of personal information, however in certain instances failure to provide us with personal information may result in the inability to deliver said services or products to data subjects, or data subjects shall receive limited services.

Data subjects have the right to complain in instances where any of their rights under POPIA have been infringed upon. Bficient takes all complaints very seriously and will address all POPI related complaints in accordance with the following procedure:

  • POPI complaints must be submitted to Bficient in writing. Where so required, the Information Officer will provide the data subject with a “POPI Complaint Form”.
  • The Information Officer will provide the complainant with a written acknowledgement of receipt of the complaint.
  • The Information Officer will carefully consider the complaint and amicably address the complainant’s concerns. In considering the complaint, the Information Officer will endeavour to resolve the complaint in a fair manner and in accordance with the principles outlined in POPIA.
  • Where the data subject is not satisfied with the Information Officer’s suggested remedies, the data subject has the right to complain to the Information Regulator.

The Information regulator’s contact details are as follows:

Complaint’s email: complaints.IR@justice.gov.za

General enquiries email: inforeg@justice.gov.za

EMAIL DISCLAIMER

Emails sent by Bficient may contain confidential information and may be legally privileged and is intended only for the person to whom it is addressed. If you are not the intended recipient, you are notified that you may not use, distribute, or copy this document in any manner whatsoever. Kindly also notify the sender immediately by telephone and delete the email.

When addressed to clients of the Company from where this email originated (“the sending Company”) any opinion or advice contained in this email is subject to the terms and conditions expressed in any applicable terms of business or client engagement letter. The sending Company does not accept liability for any damage, loss or expense arising from this and/or from the accessing of any files attached to this email.