+27 010 109 6799 sales@dncsolar.com

Privacy Policy

THE PROTECTION OF PERSONAL INFORMATION ACT

CUSTOMER PRIVACY POLICY

This policy explains how we obtain, use and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).

At DNC Solar we are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently.

About the Company

DNC Solar is a reseller of solar related products.

Definition of personal information

According to the POPIA ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.  POPIA includes inter alia the following items as personal information:

Race, age, gender, sex, education, marital status, ID number, email address, pregnancy status, physical address, ethnic origin, telephone number, biometric information, etc.

The reason we collect personal information

We collect and process your personal information to provide you with the goods and/or services.  For this purpose, we will collect inter alia your contact details, name and surname, ID number, registration number, email address, physical address, director’s details, credit history, banking details and trade references.

We collect information directly from you where you provide us with your personal details usually in the form of a credit application.  Where possible, we will inform you what information you are required to provide to us and what information is optional.

How we use your information

We will use your personal information only for the purposes for which it was collected and agreed with you.  In addition, where necessary your information may be retained for legal or research purposes. 

For example:

  1. To gather contact information;
  2. To confirm and verify your identity or to verify that you are an authorised user for security purposes;
  3. For the detection and prevention of fraud, crime, money laundering or other malpractice;
  4. To conduct market or customer satisfaction research or for statistical analysis;
  5. For audit and record keeping purposes;
  6. In connection with legal proceedings.

Policy Principles

  • Principle 1: Accountability

We must take reasonable steps to ensure that personal information obtained from employees/customers are stored safely and securely.

  • Principle 2: Processing limitation

We will collect personal information directly from employees/customers.

Once in our possession we will only process or release employees/customers information with their consent, except where we are required to do so by law. In the latter case we will always inform the employees/customers.

  • Principle 3: Specific purpose

We collect personal information from customers to provide them with the required goods and/or services.

  • Principle 4: Limitation on further processing

Personal information may not be processed further in a way that is incompatible with the purpose for which the information was collected initially.

  • Principle 5: Information quality

You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document/proof of authority on behalf of your company before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

  • Principle 6: Transparency/openness

Where personal information is collected from a source other than directly from an employee/customer we are responsible for ensuring that the candidate is aware:

  1. That their information is being collected;
  2. Who is collecting their information by giving them our details;
  3. Of the specific reason that we are collecting their information.
  • Principle 7: Security safeguards

We hold adequate protection for the personal information we retain and to stop unauthorised access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.

Our security policies and procedures cover:

  1. Physical security;
  2. Computer and network security;
  3. Limited access to personal information;
  4. Secure communications;
  5. Security in contracting out activities or functions;
  6. Retention and disposal of information procedures;
  7. Monitoring access and usage of private information;
  8. Investigating and reacting to security incidents.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

  • Principle 8: Participation of individuals

You have the right to request a copy of the personal information we hold about you. To do this, simply contact us telephonically or via email to specify what information you require.  We will need a copy of your ID document/proof of authority on behalf of your company before providing details of the requested personal information.

Please note that any such access request may be subject to a payment of a legally allowable fee.   

Our Information Officer is responsible for

  • Conducting a preliminary assessment to determine level of compliance with POPIA;
  • The development, implementation and monitoring of this policy and compliance framework;
  • Ensuring that this policy is supported by appropriate documentation;
  • Ensuring that documentation is relevant and kept up to date;
  • Ensuring this policy and subsequent updates are communicated to relevant managers, representatives, staff and associates, where applicable.

All employees, subsidiaries, business units, departments and individuals directly associated with us are responsible for adhering to this policy and for reporting any security breaches or incidents to the Information Officer.

Notification of security compromises

When there are reasonable grounds to believe that personal information has been unlawfully accessed, we will notify

  1. The Information Regulator
  2. The effected individual whose personal information has been compromised.

Reasonable steps will be taken to mitigate the damage and determine the identity of the person who caused the breach. Remedial action will also be implemented to avoid any further personal information from being compromised.

Disclosure of information

We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.

We may also disclose your information:

  • Where we have a duty or a right to disclose in terms of law or industry codes;
  • Where we believe it is necessary to protect our rights.

Policy compliance

Any breach/es of this policy may result in disciplinary action and possible termination of employment by an employee of DNC Solar.

How to contact us

If you have any queries about this policy; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact us.