This Privacy Policy (“Policy”) sets out how the Azuro Group of Companies, the Head Office being Azuro Business Solutions (Pty) Ltd, The Oval, Centurion Building, Cnr Sloane Street and Meadowbrook Lane, Epsom Downs, Sandton, 2191, Republic of South Africa, with registration number 2010/014685/07, which includes branches in the United States of America and United Kingdom, (“Azuro”, “we”, “us”, “our”), deals with personal data, including why we collect information, what information we collect and what we do (and do not do) with it. It also explains how you can change it.

Data protection is a high priority for Azuro management. We are committed to ensuring that your privacy is protected when using our services and business practices which are compliant with all relevant legislation, which includes the General Data Protection Regulations (EU) 2016/697(“GDPR”), the Protection of Personal Information Act 4 of 2013 (“POPI”) (ZA) and the Electronic Communications and Transactions Act 25 of 2002 (“ECTA”) (ZA). The use of Azuro’s website is possible without any indication of personal data, however, if a data subject wants to use company services via our website, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data of a data subject shall always be in line with the above legislation, and in accordance with the country-specific data protection regulation applicable to Azuro. Please read our Privacy Policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personally identifiable information or personal data in the course of conducting the business of Azuro and in addition applies to Azuro’s website. By using our website, you acknowledge that you have read and agree to be bound by this Policy.

What personal information we collect

When you interact with us, we may collect personal information from you. You can choose not to provide personal information, however without your requested personal information, Azuro may not be able to provide or continue to provide you with the services or solutions offered. We will only collect the minimum personal information that we deem necessary to process for ordinary business purposes. Personal information we collect from you may include:

•  your first name and last name, company name, email address, phone number and other contact information;
•  your marketing preferences;
• demographic data such as your gender, age, country and preferred language.

It is not standard practice for us to collect sensitive personal information such as information relating to your health, religion, political beliefs, race or sexual orientation; except with your express consent or unless we are required to do so by law. When we collect your personal information We may collect your personal information in a variety of ways when you interact with us, including when:

•  you engage with us to provide our services and solutions;
•  we respond to your enquiries and requests;
•  we obtain feedback from you about your services and solutions;
•  we conduct our administrative and business functions;
•  you subscribe to our mailing lists and newsletters;
•  we market our services and solutions to you;
•  you access and use our website;
•  you apply for employment with us.

We may record calls as required by law, or for quality checks, training and/or for purposes related to your relationship with us. How we use your information You directly provide Azuro with most of the data we collect. Azuro undertakes to only process your personal data insofar as it is adequate, relevant and not excessive for the purposes set out below. This data is needed and used for purposes related to the performance of our duties in terms of any agreement or proposed agreement we may have with you. We use personal information to:

• respond to enquiries and requests;
•  establish, manage, and maintain our business relationships;
•  inform you about our services and solutions;
•  carry out market research, business and statistical analysis;
•  develop, provide and improve our services and solutions;
•  obtain feedback from you on our services and solutions;
•  update our records and keep contact details up to date;
•  compile website usage statistics;
•  assess the performance of our websites and to improve their operation;
•  process and respond to privacy questions, concerns and complaints;
•  fulfil legal and contractual obligations.

In the event that your personal data is captured and/or electronically stored by us, this will be in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). You may, on reasonable grounds, object to the processing of your personal data, after which we undertake not to continue to process such information, except as provided for in law. Sharing your personal information We will keep your personal data confidential and only share it with others for the purposes set out in this Policy, or if you have otherwise consented thereto, or if we are legally obliged or entitled to do so.

We may share your personal information for the purposes above with:

•  affiliates of ours, in which case we will seek to require the affiliates to honour this privacy policy;
•  any company, organisation or person who provides us with products or services, and or delivery of those products or services, reasonably require access to your information;
•  any company, organisation or person that will provide us with information about you in order for us to make decisions about you;
•  any payment gateway we may use;
• regulatory and governmental authorities, ombudsmen, or other authorities, including tax authorities, if we are requested by them to do so;
• third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Policy.
• to protect the rights, property or safety of Azuro, its business partners, you, or others, or as otherwise required by applicable law;
• where you consent to the sharing of your personal information.

We require all third parties to respect the security of your personal data and to treat it in accordance with all applicable data security laws.

How we store and protect your data

Azuro is committed to protecting your personal information from misuse, loss, unauthorised access, modification or disclosure by using a combination of administrative, physical and technical safeguards and contractually requiring that third parties to whom we disclose your personal information do the same. Whilst Azuro makes every effort to secure its websites, you should remember that the internet is not completely secure; so when you submit or post personal information online, you should be aware that Azuro cannot guarantee the security of any personal information that you submit or post online.

Transfer of personal data across borders

We may only transfer your data to foreign countries in order to perform services to you and/or for the purposes of any agreement we have with you. Such data shall only be transferred to recipients who are subject to laws, binding corporate rules or agreements, that provide an adequate level of protection that uphold the principles for transferring/processing of data that are substantially similar to those principles as set out in GDPR and POPI.

Retaining your personal information

We retain your personal information for as long as is necessary to fulfil the purposes for which it was collected, or to comply with legal obligations, resolve disputes, protect our assets or enforce agreements. Depending on the purpose, retention periods will vary. The criteria used to determine retention periods include whether:

•  we are under a legal, contractual or other obligation to retain personal information including pursuant to data retention laws, as part of an investigation or for litigation purposes;
• there are automated means to enable you to delete your personal information at any time. We will generally retain personal information for a shorter period of time, where this is not
  the case;
• personal information is needed to provide our solutions and services business including performance improvement and to maintain accurate business and financial records;
• you have consented to us retaining your personal information for a longer retention period, in which case we will retain personal information in line with your consent.

Whilst we retain your information, we will continue to abide by our non-disclosure obligations and will not sell or share your information without your consent.

Direct marketing

Azuro may use your personal or other information to tell you about products, solutions or services that we have. We will do this via email, social media platforms or SMS’s. Even when you have agreed to this, you may opt-out of receiving future marketing materials from us at any time and manage your communicate preferences by:

• following the unsubscribe instructions included in each marketing email or SMS text message from us;
• sending an email to info@azuro.co.za including your details and a description of the marketing material you no longer wish to receive from us.

Your request will be actioned as soon as is reasonably practicable. If you opt-out of receiving marketing related communications from us, we may still send you administrative messages (communication of any updates, upgrades, notices or other information that we deem important for you to know relating to the service) as part of your ongoing use of our website, solutions or services. Such communication shall not constitute spam.

We do not provide your personal information to unaffiliated third parties for direct marketing purposes or sell, rent, distribute or otherwise make personal information commercially available to any third party.

Your data protection rights

South African Protection of Information Act, 2013, also known as POPI Act In brief, the POPI Act aims:

To promote the protection of personal information processed by public and private bodies, to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000, to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected herewith.
More information available at: http://www.justice.gov.za/legislation/acts/2013-004.pdf

According to the POPI Act we agree to the following:

• You can visit our site anonymously.
• Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website.
• Our privacy policy link includes the word ‘Privacy’ and can be easily found on the page specified above.
• You will be notified of any privacy policy changes.
• On our privacy policy page, you are able to change your personal information:
  • by emailing us
  • by calling us.

How does our site handle do-not-track (DNT) signals?

We honour DNT signals and do not track, plant cookies, or use advertising when a DNT browser mechanism is in place. It is also important to note that we do not allow third party behavioural tracking.
COPPA (United States Children Online Privacy Protection Act) When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

• We will notify users via email within 7 business days.
• We will notify the users via in site notification within 7 business days.

 

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act (United States)

The CAN-SPAM Act is a law that sets the rules for commercial email; establishes requirements for commercial messages; gives recipients the right to have emails stopped from being sent to them and spells out tough penalties for violations. In accordance with CAN-SPAM we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can email us and we will promptly remove you from all correspondence.

Rights in respect of personal data

In terms of the GDPR, you have the right to free access to, correction, blocking, deletion or restriction of the processing of your stored personal data at any time. You also have the right to object to the processing of your stored personal data and a right to data portability. Please send us your request by mail or email at the contact details indicated at the end of this policy.

Right to lodge a complaint

In terms of the GDPR, you have the right to lodge a complaint with a regulatory authority at any time, in particular in the state of your usual place of residence, place of work or the place of alleged infringement, if you believe that the processing of your personal data is in breach of the GDPR.

Data protection for applicants

Azuro shall collect and process the personal data of job applicants for the processing of the application. The processing may also be carried out electronically if an applicant submits corresponding documents by email. If an employment contract is concluded with the applicant, the submitted data will be stored for the purposes of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant, the personal information will be erased, provided that no other legitimate interest is required to maintain the application documents.

What are cookies

When you use our website, we may use cookies (small text files containing a unique ID number which is placed on your PC or device). We automatically receive and record information on our server logs from your browser which may from time to time include your location, IP address, cookie information, and the page you requested. It enables the site to recognise your browser and remember certain information. Our site may also contain web beacons or similar technologies from third party analytics providers, through which they collect information about your online activities across our website (date, time, duration of your visit, the pages you view and the links you click). This helps us compile aggregated statistics about the effectiveness of marketing campaigns or other business operations. This is statistical data about browsing actions and patterns and does not identify any individual.

How we use cookies

Cookies enable us to improve our service to you and assist us to do thing such as:

• understand your preferences and settings based on previous and current site activity;
• improve your browsing experience;
• compile statistical data;
• estimate our audience size and usage patterns;
• analyse the performance and usability of our website;
• measure website traffic patterns;
• determine which areas of our website have been visited.

How to manage your cookies

On most browsers, cookies are enabled by default. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You can do this through your browser (like Internet Explorer, Chrome or Firefox) settings. Each browser is a little different, so look at your browser’s help menu to learn the correct way to modify your cookies.
Visit http://www.allaboutcookies.org/ for more detailed information about cookies. If you turn cookies off, some features will be disabled and some of our services may not function properly. We recommend that you allow cookies.

Privacy policies of other websites

Our website may contain links to sites and applications operated by third parties that do not fall under our supervision. We try to link to websites that also have high standards and respect for privacy, but we do not accept any responsibility for the protection of privacy or the content of these websites, but offer these links to make it easier for our visitors to find more information about specific subjects.

When you leave our website, we encourage you to read the privacy policy of every website you visit. Azuro is not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of linked or any third-party websites.

Social Media

We communicate and operate through designated channels, pages and accounts on some social media platforms to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so that we can improve our services. Any information posted on these sites can be read and are accessible by the general public. We are not responsible for any information posted on those sites other than the information posted by our designated persons. We do not endorse social media sites themselves, or any information posted on them by third parties or other users. When you engage with us through social media, your personal information may be processed by the site owner. This processing occurs out of our control and may take place in a country outside South Africa that may have different privacy regulations.

Our social media accounts are regularly monitored and updated and we welcome feedback and ideas sent to us through these channels. Any feedback and ideas sent through will be given to the relevant people within the company for consideration. We try to join conversation whenever possible but cannot guarantee that we will read or reply to all messages, or act upon feedback or suggestions sent to official Azuro social media accounts.

Access to your information

You have the right to request us to provide you with information that we hold about. You must contact us directly to do so or send an email to info@azuro.co.za. A prescribed fee may be levied to obtain a copy of your records as prescribed in terms of POPI for which we will provide you with a quote before disclosing such records.

Changes to our Privacy Policy

We may amend this Policy from time to time, in line with any changes that may be required by legislation or our internal business operations. The version on our website at  http://azuro.co.za/privacy.pdf at the time you interact with us, will apply.

We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information which we collect. Your continued use of the website following the posting of changes to these terms will mean that you accept those changes.

Data Controller

The data controller/body responsible for the data collection in terms of this Privacy Policy is:
Company Name Azuro Business Solutions (Pty) Ltd
Registration Number 2010/014685/07
Physical Address The Oval, Centurion Building, Cnr Sloane Street and
Meadowbrook Lane, Epsom Downs, South Africa
Email Address info@azuro.co.za

How to contact us

Any data subject may, at any time, contact us directly with questions and suggestions regarding data protection:

• if you have any questions regarding this Policy;
• if you have any queries about how your personal information is handled by Azuro;
• if you have a privacy concern or wish to make a complaint;
• you may ask us to correct or remove your information that you think is inaccurate;
• if you suspect any breach regarding your information, kindly notify us immediately;
• if you believe for any reason that Azuro has not followed these principles, please contact us and we will act promptly to investigate, correct as appropriate and advise you of the
  correction.

Company Name: Azuro Business Solutions (Pty) Ltd
Physical Address: The Oval, Centurion Building, Cnr Sloane Street and Meadowbrook Lane, Epsom Downs, South Africa
Postal Address: PO Box 4074, Bryanston West, 2060
Email Address: info@azuro.co.za
Telephone Number: +27 11 463 7197
Website: http://azuro.solutions/

This Privacy Policy was last updated on 30 May 2019