Privacy Policy
Preamble
The purpose of the Privacy Policy of TenderFin is to explain how the organization will collect, store, protect, and utilize personal information provided by its potential investees and stakeholders. This policy also outlines how TenderFin will meet its legal obligations, and how individuals sharing their data can obtain further information on how TenderFin processes their personal information.
Introduction
TenderFin is committed to the protection of personal information. The right to privacy is guaranteed by the Constitution of the Republic of South Africa and the Protection of Personal Information Act 4 of 2013 (POPIA) further entrenches that right.
TenderFin has always taken the protection of personal information seriously, including upholding the following key principles:
• Personal information must be processed in a lawful manner that does not infringe on another’s right to privacy.
• Personal information must only be collected if and when necessary and only for a specified purpose.
• The data subject must consent to the collection and processing of their personal information.
• Personal information in the custody of TenderFin must be protected.
• The data subject has the right to access its personal information in the possession of TenderFin and request erasure of the information if required.
What personal information does TenderFin collect?
TenderFin collects the following personal information:
• From potential clients when making an application for funding to TenderFin: name, registration/identity number, postal address, email address, race, nationality and financial information.
• From employees and prospective employees of TenderFin: name, identification number, education, physical address, email address, employment history, race, gender, age, background verification, well-being.
Our commitment
We recognise that we will be required to continually implement good business practices aimed at protecting our clients’, suppliers’ and staff members’ personal information. Our POPIA Compliance Programme functions under a governance structure which is ultimately accountable to our Executive Management and Board to ensure the necessary accountability and controls around POPIA compliance.
In addition, we have taken the necessary steps to determine where we need to improve as well as determining what new measures, controls, policies and actions are required to ensure continuous compliance with POPIA. We have also considered requirements under the EU General Data Protection Regulation (GDPR). While TenderFin does not have to comply with GDPR directly, the POPIA Compliance Programme has considered and will continue to ensure harmonisation with the GDPR and other applicable data protection instruments.
Our Executive Management, Specialists, Senior Managers and Staff have all been trained on POPIA and privacy principles. Staff receive ongoing security awareness workshops and will receive ongoing comprehensive training commensurate with their respective roles.
Some of the POPIA related work-in-progress or work already completed by TenderFin includes:
• A suitably qualified Deputy Information Officer has been appointed.
• Standard client communication and forms have been amended to ensure alignment with POPIA.
• Analysis of our third-party procurement database to introduce the necessary requirements in terms of POPIA, particularly around contractual obligations.
• A mobile device security application to secure information and emails on personal mobile devices.
• A Clean Desk Policy, updated with new awareness for working from home.
• Security, including physical, IT and certain system application access control.
• Ongoing privacy-specific training and awareness campaigns to educate staff on information security and privacy matters form part of our standard business operations.
• Departmental Privacy & Record Retentions Champions have been identified and extensively trained to embed privacy requirements into business operations and culture.
• Human Capital work including employee policies, letters of appointment and terms and conditions.
Please note that as a client or relationship holder of TenderFin, you are permitted to withdraw your consent to avail your personal information to the organisation, or request correction or erasure of your personal information.
Please ensure that you have read and understood the terms and conditions of this privacy policy before you provide us with your personal information. You can contact us with any privacy related questions here: info@tenderfinancing.co.za
TenderFin may update this privacy policy from time to time. The latest version will always be available on this site. The most recent version will always replace and supersede previous versions.