Farmprops 53 (Pty) Ltd t/a BOSJES
personal information, in accordance with the requirements of the Protection of Personal Information Act, No 4 of
2013 (“POPIA”). At Bosjes we recognise the importance of privacy and personal information and we aim to
ensure that your personal information is collected and used properly, lawfully and transparently.
2. PROCESSING OF INFORMATION
2.1 We collect personal information in the following circumstances:
- When you contact us telephonically or via email.
- you make use of our website or contact us through social media.
- you make use of our services.
- you apply for employment at Bosjes.
2.2 We may collect the following personal information directly from you or from third parties:
Full name and surname, identity number, contact details (residential or business address, telephone
number and e-mail address), company name and registration details, financial information, as well as all
other relevant information regarding the specific matter you or your company need assistance with.
2.3 We will inform you what information you are required to provide us with and which information is optional.
3. PURPOSE FOR PROCESSING PERSONAL INFORMATION
We collect and process your personal information mainly to:
- Provide services to clients.
- Conduct business.
- Notify you of the services we provide.
Where possible, we will inform you what information you are required to provide to us and what information is optional.
4. FURTHER PROCESSING OF PERSONAL INFORMATION
We may disclose your personal information to third parties in the following circumstances:
- If you consent to the sharing of your personal information;
- As a result of contractual obligations;
- In order for us to provide services to you;
- If we are legally required to do so.
If we make use of the services of contractors, consultants, and external service providers they are subject to a confidentiality undertaking in terms of the provisions of POPIA.
We will never disclose or process your information further if we do not have the necessary consent to do so, if there is no purpose to do so and we will also take cognisance of the nature of the information you provided, the consequences of the intended further processing, the manner in which the information has been collected and any other contractual obligations.
5. INFORMATION QUALITY
Bosjes will take reasonably practicable steps to ensure that the personal information, we collect, is complete,
accurate, not misleading and updated where necessary. In taking such steps, we will always have regard to the
purpose for which personal information is collected or will be processed further.
6. OPENNESS AND PARTICIPATION OF DATA SUBJECT
As a data subject, you have the right to request access, correct or to delete personal information that is in our
possession. If you wish to exercise your rights, you can contact us at the details provided below. We may
charge a fee for accessing, correcting or deleting your personal information. If your request is unlawful, we have
the right to refuse your request.
If your personal information changes, we encourage you to update the personal information that you provided.
7. SECURITY SAFEGUARDS
7.1 HOW DO WE LOOK AFTER YOUR PERSONAL DATA?
We limit the amount of personal data collected only to what is fit for the purpose, as described above.
We restrict, secure and control all of our information assets against unauthorised access, damage, loss
or destruction; whether physical or electronic.
We retain personal data only for as long as is required to deliver our service to you, to respond to your requests, or longer if required by law. If we retain your personal data for historical or statistical purposes, we ensure that the personal data cannot be used further. While in our possession, together with your assistance, we try to maintain the accuracy of your personal data.
7.2 AGENTS, SUB-CONTRACTORS AND OTHER THIRD-PARTY CONTROLS
Before making use of any Agent, Sub-contractor or third-party we ensure that the following is in place:
- That adequate and effective privacy controls are in place when we do make use of agent, subcontractors and third-party; and
- That there is a process to govern the selection and management of these agents, subcontractors and third-party correspondents; and
- An agreement that incorporates data privacy and protection of personal information; and
- That these agents, subcontractors and third-party correspondents are POPIA compliant and have the necessary data privacy protection measures in place to ensure that the information that we share with them is safeguarded.
7.3 PHYSICAL ACCESS TO BOSJES OFFICE
We employ the following physical safety measures within our office:
- Central alarm with armed response and security on the premises.
- Security cameras
- Access code required for staff entrance way.
These access records and procedures are reviewed by management regularly.
7.4 BOSJES CONTROLS FOR UNAUTHORISED ACCESS TO CLIENT INFORMATION
7.4.1 Paper records
- Paper records and files containing personal data are handled in such a way as to restrict access to only those persons with business reasons to access them.
- Bosjes shreds all discarded paper records that contain confidential information. Other secure disposal methods are in place and properly used for confidential material not on paper.
- Facsimile technology (fax machines) is not used for transmitting documents containing personal data.
7.4.2 Laptops and Other Mobile Storage Devices
- Passwords used to access PCs, applications, databases, etc. are of sufficient strength to deter password cracking or guessing attacks. We also make use of a two-step verification process when accessing the server from outside the office.
- Passwords are created for employees via our technical administrators, this ensures that passwords are securely managed and comply with best practices.
- Personal, private, sensitive, or confidential data are seldom stored on portable devices.
- Laptops are physically secured if left in the office overnight. When out of the office, the device is kept secure at all times.
- When replacing or selling laptops, hard drives are formatted.
7.4.3 Data Transmissions
Data transfers only take place via secure on-line channels where the data is encrypted rather than copying to media for transportation.
All our activity is monitored by technical support off the premises. We also have immediate access to technical support should any suspicious activity occur and they immediately notify us, in turn, if they notice any suspicious activity. We communicate with technical support via email,
WhatsApp, Skype, Zoom and Microsoft Teams.
7.4.5 Bosjes also takes the below precautions:
- Privileges are allocated on a need-to-use basis, and only after authorisation.
- Staff access rights are reviewed at regular intervals.
- Staff is advised on how to select and maintain secure passwords.
- Staff and sub-contractors are made aware of the security requirements and procedures for protecting unattended equipment.
7.5 BOSJES SYSTEMS, APPLICATIONS AND SOFTWARE
7.5.1 Email software
We make use of Microsoft Office 365 Suite as our e-mail client, and the e-mails are managed through Mimecast.
Microsoft uses ‘encryption in transit’ for all data, which means that your data is protected against eavesdropping. Integrating Mimecast ensures advanced protection of all communication within our company, and externally.
Mimecast’s e-mail security technology deters threat actors with advanced features to break chains of all kind. It keeps e-mail flowing if Outlook goes down, improves compliance, and pervades rich threat intelligence across our security system. This in turn helps us to identify and halt attacks faster, shortening dwell time. Mimecast also immediately identifies any e-mails which poses a risk and notifies the user before the e-mail is opened. If the recipient is unknown, you have the option to permanently block the recipient e-mail address.
7.5.2 Data storage
All our data is stored on One Drive Cloud and our server, which is located off site. Staff has
limited access to One Drive Cloud and the Server and only authorised personnel has
8. CHANGES TO THIS POLICY
If we make any material changes, we will notify you by email or by way of any other secured method of
communication. Your continued use of our services following the update means that you accept Bosjes updated
9. HOW TO CONTACT US
Our Information Officer is: Hannabe Stofberg, Financial Manager
Our Deputy Information Officer is: Sonika Hannekom, Guesthouse Manager
In the unlikely event that a data subject (i.e. a contact in your email list) would like access to their data, requests
must be submitted to us in writing. Requests for personal information will be handled in accordance with POPIA
Please relay any concerns, complaints or questions you may have pertaining to our above-stated policies by
emailing us firstname.lastname@example.org.
Any request for information can be made to email@example.com.
Address: Bosjes, Botha, 6857