Privacy Policy
- Introduction
We respect your privacy and take the protection of personal data/information very seriously. The purpose of this policy is to describe the way that we collect, store, use, and protect data that can be associated with you or another specific natural or juristic person and can be used to identify you or that person (personal data | information).
- Audience
This policy applies to you if you are:
- a visitor to our website;
- a person who contacts us by phone or email; or
- a customer who has ordered goods or services that we provide.
- Personal data | information
3.1. Personal data | information includes:
- certain information that we collect automatically when you visit our website;
- certain information collected on registration (see below);
- certain information collected on submission; and
- optional information that you provide to us voluntarily (see below);
3.2. Personal data | information excludes:
- information that has been made anonymous so that it does not identify a specific person;
- permanently de-identified information that does not relate or cannot be traced back to you specifically;
- non-personal statistical information collected and compiled by us; and
- information that you have provided voluntarily in an open, public environment or forum including any blog, chat room, community, classifieds, or discussion board (because the information has been disclosed in a public forum, it is no longer confidential and does not constitute personal data | information subject to protection under this policy).
3.2.1. Common examples
Common examples of the types of personal data | information which we may collect and process include your:
- identifying information – such as your name, date of birth, or identification number of any kind;
- contact information – such as your phone number or email address;
- address information – such as your physical or postal address;
3.2.2. Sensitive personal data | information
Depending on the goods or services that you require, we may also collect sensitive personal data | information like your bank account or credit card details.
- Acceptance
4.1. Acceptance required
You accept all the terms of this policy when you contact us through:
- phone;
- email;
- our website;
- all other communication channels; or by
- placing an order or using any of our goods or services.
You may not order or use any of our goods or services, or our website if you do not accept this policy.
4.2. Legal capacity
You may not access our website to order our goods or services if you are younger than 18 years old or do not have legal capacity to conclude legally binding contracts.
4.3. Deemed acceptance
By accepting this policy, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.
4.4 Your obligations
You may only send us your own personal data | information or the personal data | information of another data subject where you have their permission to do so.
- Changes
We may change the terms of this policy at any time by updating this web page. If you do not agree with the changes, then you must stop using the website, and our goods or services. If you continue to use the website or our goods or services following notification of a change to the terms, the changed terms will apply to you and you will be deemed to have accepted those updated terms.
- Collection
6.1. On registration
Once you register on our website, you will no longer be anonymous to us. You will provide us with certain personal data | information.
This personal data | information may include:
- your name and surname;
- your email address;
- your telephone number;
- your company name, company registration number, and VAT number;
- your postal address or street address; and
- your username and password
We will use this personal data | information to fulfil your account, provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.
6.2. When you contact us
When you contact us, you may be asked to provide certain personal data | information on a voluntary basis. This may include:
- your name and surname;
- your email address; and
- your telephone number.
This information is automatically stored and we will use this personal data | information to provide additional services and information to you, as we reasonably think appropriate, and for any other purposes set out in this policy.
6.3. On order
When you order any goods or services from us, you will be asked to provide us with additional information on a voluntary basis (goods information or services information).
6.4. From browser
We automatically receive and record Internet usage information on our server logs from your browser, such as your Internet Protocol address (IP address), browsing habits, click patterns, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on the website, and the dates and times that you visit the website, paths taken, and time spent on sites and pages within the website (usage information).
Please note that other websites visited before entering our website might place personal data | information within your URL during a visit to it, and we have no control over such websites. Accordingly, a subsequent website that collects URL information may log some personal data | information.
6.5. Cookies
We may place small text files called ‘cookies’ on your device when you visit our website. These files do not contain personal data | information, but they do contain a personal identifier allowing us to associate your personal data | information with a certain device. These files serve a number of useful purposes for you, including:
- tailoring our website’s functionality to you personally by letting us remember your preferences;
- improving how our website performs;
- allowing third parties to provide services to our website; and
- helping us deliver targeted advertising where appropriate in compliance with the applicable laws.
Your internet browser generally accepts cookies automatically, but you can often change this setting to stop accepting them. You can also delete cookies manually. However, no longer accepting cookies or deleting them will prevent you from accessing certain aspects of our website where cookies are necessary. Many websites use cookies and you can find out more about them at www.allaboutcookies.org.
6.6. Third party cookies
Some of our business partners use their own cookies or widgets on our website. We have no access to or control over them. Information collected by any of those cookies or widgets is governed by the privacy policy of the company that created it, and not by us.
6.7. Web beacons
Our website may contain electronic image requests (called a single-pixel gif or web beacon request) that allow us to count page views and to access cookies. Any electronic image viewed as part of a web page (including an ad banner) can act as a web beacon. Our web beacons do not collect, gather, monitor or share any of your personal data | information. We merely use them to compile anonymous information about our website.
6.8. Optional details
You may also provide additional information to us on a voluntary basis (optional information). This includes content or products that you decide to upload or download from our website or when you enter competitions, take advantage or promotions, respond to surveys, order certain additional goods or services, or otherwise use the optional features and functionality of our website.
6.9. Recording calls
We may monitor and record any telephone calls that you make to us.
6.10. Purpose for collection
We may use or process any goods information, services information, or optional information that you provide to us for the purposes that you indicated when you agreed to provide it to us.
Processing includes gathering your personal data | information, disclosing it, and combining it with other personal data | information. We generally collect and process your personal data | information for various purposes, including:
- goods purposes – such as collecting orders for, supplying, and supporting our goods;
- services purposes – such as providing our services;
- marketing purposes – such as pursuing lawful related marketing activities;
- business purposes – such as internal audit, accounting, business planning, and joint ventures, disposals of business, or other proposed and actual transactions; and
- legal purposes – such as handling claims, complying with regulations, or pursuing good governance.
We may use your usage information for the purposes described above and to:
- remember your information so that you will not have to re-enter it during your visit or the next time you access the website;
- monitor website usage metrics such as total number of visitors and pages accessed; and
- track your entries, submissions, and status in any promotions or other activities in connection with your usage of the website.
6.11. Consent to collection
We will obtain your consent to collect personal data | information:
- in accordance with applicable law;
- when you provide us with any registration information or optional information.
- Privacy by design
When we decide to develop a new product or start a new activity that involves the processing of personal data | information, we take the privacy and data protection laws and principles into account and try to build them into the product or activity.
- Use
8.1. Our obligations
We may use your personal data | information to fulfil our obligations to you.
8.2. Messages and updates
We may send administrative messages and email updates to you about our service. In some cases, we may also send you primarily promotional messages. You can choose to opt-out of promotional messages.
8.3. Targeted content
While you are logged into the website, we may display targeted adverts and other relevant information based on your personal data | information. In a completely automated process, computers process the personal data | information and match it to adverts or related information. We never share personal data | information with any advertiser, unless you specifically provide us with your consent to do so. Advertisers receive a record of the total number of impressions and clicks for each advert. They do not receive any personal data | information. If you click on an advert, we may send a referring URL to the advertiser’s website identifying that a customer is visiting from the website. We do not send personal data | information to advertisers with the referring URL. Once you are on the advertiser’s website however, the advertiser is able to collect your personal data | information.
- Disclosure
9.1. Sharing
We may share your personal data | information with:
- other divisions or companies within the group of companies to which we belong so as to provide joint content and services like registration, for transactions and customer support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services, and communications (they will only use this information to send you marketing communications if you have requested their goods or services);
- an affiliate, in which case we will seek to require the affiliates to honour this privacy policy;
- our goods suppliers or service providers under contract who help supply certain goods or help with parts of our business operations, including fraud prevention, bill collection, marketing, technology services (our contracts dictate that these goods suppliers or service providers only use your information in connection with the goods they supply or services they perform for us and not for their own benefit);
- credit bureaus to report account information, as permitted by law;
- banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you utilise the services to receive payments and you meet their criteria); and
- other third parties who provide us with relevant services where appropriate.
9.2. Regulators
We may disclose your personal data | information as required by law or governmental audit.
9.3. Law enforcement
We may disclose personal data | information if required:
- by a subpoena or court order;
- to comply with any law;
- to protect the safety of any individual or the general public; and
- to prevent violation of our terms of service.
9.4. No selling
We will not sell personal information. No personal data | information will be disclosed to anyone except as provided in this privacy policy.
9.5. Employees
We may need to disclose personal data | information to our employees that require the personal data | information to do their jobs. These include our responsible management, human resources, accounting, audit, compliance, information technology, or other personnel. Any of our employees or personnel that handle your personal data | information will have signed non-disclosure and confidentiality agreements.
9.6. Change of ownership
If we undergo a change in ownership, or a merger with, acquisition by, or sale of assets to another entity, we may assign our rights to the personal data | information we process to a successor, purchaser, or separate entity. We will disclose the transfer on the website. If you are concerned about your personal data | information migrating to a new owner, you may request us to delete your personal data | information.
9.7. Unauthorised disclosure
We cannot accept any liability whatsoever for unauthorised or unlawful disclosure of your personal data | information by third parties who are not subject to our control.
- Security
We take the security of personal data | information very seriously and always do our best to comply with applicable data protection laws. We will implement and maintain appropriate technical and organisational measures to protect the security and confidentiality of the personal data | information. We host a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders. All personal data | information is securely stored in our customer database. We authorize access to personal data | information only for those employees who require it to fulfil their job responsibilities. We implement disaster recovery procedures where appropriate.
OUR DATA SECURITY POLICY
Physical security
Our data centre of choice uses 45 internal and external surveillance cameras, as well as 10 perimeter cameras, which are strategically placed and monitored around the clock to ensure that all servers remain off-limits to anyone without security clearance. High-voltage security fences and a 24/7 security presence on site maintains strict biometric controlled access control.
Network security is protected by Juniper firewall and blocking of abusive IP addresses and hosts. All servers managed by xneelo are monitored 24/7 for all critical services and hardware health. Backups are protected by failsafe UPS systems
Anti-virus
All servers run Clam anti-virus which is updated as new virus definitions are released. Servers are scanned daily.
User passwords
All customer passwords are stored in a one-way encrypted format. We are not able to retrieve any passwords.
Mail security
SSL is used for POP, IMAP and SMTP protocols for email, resulting in data encryption between our server and customers’ mail programmes.
Anti-virus and anti-spam scanning on all inbound and outbound email.
Common malicious file extensions are blocked for both inbound and outbound email.
Known malicious IP addresses are blocked by our firewall for incoming email.
- Retention
We will only retain your personal data for as long as it is necessary to fulfil the purposes explicitly set out in this policy, unless:
- retention of the record is required or authorised by law; or
- you have consented to the retention of the record.
During the period of retention, we will continue to abide by our non-disclosure obligations and will not share or sell your personal data.
We may retain your personal data in physical or electronic records at our discretion.
- Updating or removing
You may choose to correct or update the personal data you have submitted to us by contacting us via email or via the website.
You are entitled to a right to be forgotten. We will delete any personal data that you don’t want us to have. If you are a data subject of the Administrator or one of our customers (who is the Data Controller | Responsible Party), then you must submit your request to the relevant Data Controller | Responsible Party who will then delete your personal data | information.
- Restriction of processing
You may request that we restrict the use of your personal data. When we restrict your personal data, we still have the right to store it but not use it.
- Data portability
If you should wish to transfer your data from us to another Data Controller | Responsible Party we will facilitate this transfer. We will pass on all of our personal data to the Data Controller | Responsible Party.
If you are a data subject of the Administrator or one of our customers (who is the Data Controller | Responsible Party), then you must submit your request for your personal data | information to the relevant Data Controller | Responsible Party, who will then export your personal data | information.
- Limitation
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third-party websites.
- Enquiries
If you have any questions or concerns arising from this Privacy Policy, please contact us on info@baypointtrading.co.za