We respect the privacy of everyone who visits this website. As a result, we would like to inform you regarding the way we would use your Personal Information. We recommend you to read this Privacy Notice and Consent so that you understand our approach towards the use of your Personal Information. By submitting your Personal Information to us, you will be treated as having given your permission – where necessary and appropriate – for disclosures referred to in this Privacy Notice. By using this website, you acknowledge that you have reviewed the terms of this Privacy Notice and Consent to Use of Personal Information (the “Privacy Notice and Consent”) and agree that we may collect, use and transfer your Personal Information in accordance therewith.
If you do not agree with these terms, you may choose not to provide any Personal Information but this may impact on our ability to support you as a potential tenant or tenant or supplier/service provider. This Privacy Notice and Consent forms part of our Terms and Conditions of Use and such shall be governed by and construed in accordance with the laws of South Africa. This Notice explains how we obtain, use and disclose your personal information, as is required by the Protection of Personal Information Act, 2013 (POPI Act). At SOHCO we are committed to protecting your privacy impact and to ensure that your Personal Information is collected and used properly, lawfully and openly.
2. Who we are?
3. Definition of Personal Information
The term ‘Personal Information’, as used in this notice, applies to information that may be used to identify an individual or a juristic person. According to the POPI Act “Personal Information” means “information which relates to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person”.
Examples of Personal Information include, but are not limited to, contact information, financial information, information relating to race, gender, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person.
The POPI Act, which has more specific examples if you need them, can be found at the following link:
4. What type of Personal Information does SOHCO collect?
SOHCO collects Personal information to help us assess and process applications of potential tenants, to provide tenants with access to our services and provide information to the general public.
Personal Information collected by SOHCO can include, but not limited to, a data subject’s name, contact details, birth date, identity number, gender, household income, household composition, employment details, marital status, and location information.
When personal information is collected, the company will indicate the purpose for the collection and whether the information required is compulsory or voluntary.
With your consent, we may also supplement the information that you provide to us with information we receive from other companies in our industry and/or other service providers who hold your personal information necessary for us to provide you with our full service.
5. How SOHCO collects Personal Information?
SOHCO collects Personal Information either directly from you, the data subject, your employer, your current or previous landlord, through registered financial service providers/intermediaries and/or credit bureaus. In some instances, SOHCO may appoint third parties to collect information on its behalf. The source from which Personal Information was obtained, if not directly from the data subject, will be disclosed.
6. Collection of Non-Personal Information
We may automatically collect non-Personal Information about you such as the type of internet browsers you use or the website from which you linked to our website. We may also aggregate details which you have submitted to the site (for example, the product or service you are interested in). You cannot be identified from this information and it is only used to assist us in providing an effective service on this website. We may from time-to-time supply third parties with this non-personal or aggregated data for uses in connection with this website.
7. Cookies policy
We use the term “cookies” to refer to cookies and other similar technologies covered by the POPI Act on privacy in electronic communications. Also known as browser cookies or tracking cookies, cookies are small, often encrypted text files, located in browser directories. They are used by web developers to help users navigate their websites efficiently and perform certain functions.
8. How we use your information
We will use your Personal and Non-Personal Information only for the purposes for which it was collected or agreed with you, for example:
- Assessing qualifying criteria for Social Housing
- Assessing and processing of your application for Social Housing
- Providing on-going administration and tenant services for the duration of the lease
- Fulfilling a request of a data subject (tenant)
- To respond to your queries or comments
- Providing information to data subject about Social Housing
- Evaluate the use of the site, products and services of SOHCO
- For audit and record keeping purposes
- For market research purposes
- In connection with legal proceedings
- To confirm and verify your identity or to verify that you are an qualifying potential tenant for security purposes
- We will also use your Personal Information to comply with legal and regulatory requirements or industry codes to which we subscribe or which apply to us, or when it is otherwise allowed by law, in particular compliance with the Social Housing Act and our responsibility of reporting on tenant information to the Social Housing Regulatory Authority (SHRA)
9. Disclosure of Personal Information
We may disclose your Personal Information to our service providers who are involved in the delivery of our services to you. We have agreements in place to ensure that they comply with these privacy terms.
We may share your Personal Information with, and obtain information about you from:
- Third parties for the purposes listed above;
- Other companies in our industry when we believe it will enhance the services and products we can offer to you, but only where you have not objected to such sharing;
- Other third parties from whom you have chosen to receive marketing information
We may also disclose your information:
- Where we have a duty or a right to disclose in terms of law or industry codes, particularly to the SHRA;
- Where we believe it is necessary to protect our rights.
10. Personal Information Security
We are legally obliged to provide adequate protection for the Personal Information we hold and to stop unauthorised access and use of Personal Information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your Personal Information is secure.
Our security policies and procedures cover:
- Acceptable usage of personal information
- Access to personal information
- Computer and network security
- Governance and regulatory issues
- Investigating and reacting to security incidents
- Monitoring access and usage of personal information
- Physical security
- Retention and disposal of information
- Secure communications;
- Security in contracting out activities or functions;
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that Personal Information that we remain responsible for, is kept secure.
We will ensure that anyone to whom we pass your Personal Information agrees to treat Personal Information with the same level of protection as we are obliged to.
Where we collect Personal Information for a specific purpose, we will not keep it for longer than is necessary to fulfil that purpose, unless we have to keep it for legitimate business or legal reasons. In order to protect Personal Information from accidental or malicious destruction, when we delete information from our services, we may not immediately delete residual copies from our servers or remove information from our backup systems.
11. Employee Training on Cyber Security and Data Privacy
Employee Training on Cyber Security and Data Privacy forms part of ongoing compliance training. Cyber Security training is required and conducted as a basic compliance training that all employees must complete, and is guided by SOHCO’s Employee IT Policy. As part of SOHCO’s POPIA implementation plan, there is a specific focus on training, awareness as well as communication that will cover data privacy, data security and more detailed cyber security training, which is mandatory compliance training to all staff.
12. Access to your Personal Information
You have the right to request a copy of the Personal Information we hold about you. To do this, simply contact us at the numbers/addresses listed on our Contact Us page and specify what information you would like. We will take all reasonable steps to confirm your identity before providing details of your Personal Information.
Please note that any such access request may be subject to a payment of a legally allowable fee, as laid down in our POPIA Policy.
13. Correction of your Personal Information
You have the right to ask us to update, correct or delete your Personal Information. We will take all reasonable steps to confirm your identity before making changes to Personal Information we may hold about you. We would appreciate it if you would take the necessary steps to keep your Personal Information accurate and up-to-date by notifying us of any changes we need to be aware of.
14. Retention of Personal Information
SOHCO will retain your information in compliance with the POPI Act and in compliance with other applicable legislation, and also as required by business needs.
15. Automated Decision Making
SOHCO does not use Automated Decision Making in connection with your personal data.
16. Right to object
In terms of the POPI Act section 18. (h) (iv) you have the right to object to the processing of Personal Information as referred to in section 11(3) of the POPIA.
17. Right to lodge a compliant
In terms of the POPI Act section 18. (h) (v) you have the right to lodge a complaint to the Information Regulator (South Africa) (IRSA). The IRSA contact details are:
JD House, 27 Stiemens Street
Braamfontein, Johannesburg, 2001
P.O. Box 31533
Braamfontein, Johannesburg, 2017
Complaints email: complaints.IR@justice.gov.za
18. Changes to this notice
Please note that we may amend this notice from time to time. Please check our website periodically to inform yourself of any changes.
19. How to contact us
If you have any queries about this Privacy Notice or believe we have not adhered to it, or need further information about our privacy practices or wish to give or withdraw consent, exercise preferences or access or correct your Personal Information, please contact us at the numbers / addresses listed on our website https://www.sohco.co.za/contact-us/.