THE PROTECTION OF PERSONAL INFORMATION ACT 4 OF 2013
This Policy explains how Tokyo Ndlela Attorneys Inc. (“TNA”) obtains, uses, stores and discloses your personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).
TNA is a law firm incorporated as a personal liability company (Registration number: 2021/989305/21).
Definition of personal information
According to the Act ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person. Further to the POPI Act, this also includes the following items as personal information:
(i) All addresses including residential, postal and email addresses; and
(ii) Change of name – for which we require copies of the marriage certificate or official change of name document issued by the state department.
TNA is the “responsible party” for purposes of POPIA and other applicable data protection legislation in respect of all personal information you submit to us in any form, correspondence and/or communication with us or via our website (www.tnalegal.co.za), our social media and other related URLs, and/or any ancillary services.
The information we collect
We collect and process your personal information directly from you to consider you and potentially register you as a client, to contact you in connection with your matter, to compile and maintain a client list, to send you messages and information via email, our website and social media.
Clients requesting assistance are required to provide their personal information, in order for them to be adequately assisted.
We retain your personal information for a year after the end of your matter or end of our contractual arrangement.
How we use your information
We will use your personal information only for the purposes for which it was collected and as agreed with you.
This may include:
(i) To gather contact information and confirm or verify your identity;
(ii) In connection with TNA notifications, matter updates, benefits, services, events and resources, and events and resources of other persons or organisations in the investment sector;
(iii) For FICA purposes (the detection and prevention of fraud, crime, money laundering or other malpractice); or
(iv) For accounting, audit and record keeping purposes.
Disclosure of information
We may disclose your personal information to our service providers who are involved in the delivery of products or services to us or to you or in respect of which you have otherwise consented to disclosure. We have agreements in place to ensure that they comply with the privacy requirements as required by POPIA.
We may also disclose your information:
(i) Where we have a duty or a right to disclose in terms of law or industry codes;
(ii) Where we believe it is necessary to protect our rights.
We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.
Our security policies and procedures cover:
(i) Physical security;
(ii) Computer and network security;
(iii) Access to records;
(iv) Secure communications;
(v) Security in contracting out activities or functions, including secure cloud storage outside the RSA on Dropbox or like server;
(vi) Retention and disposal of information;
(vii) Acceptable usage of personal information;
(viii) Governance and regulatory issues;
(ix) Monitoring access and usage of private information; and
(x) Investigating and reacting to security incidents.
When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information for which we are responsible is kept secure.
We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.
Your Rights: Access to Information
You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses provided below and specify what information you require. We may need a copy of your ID document to confirm your identity before providing details of your personal information.
Correction of your information
You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate and updated.
If you feel that the approach to the processing of your information is unreasonable, you have the right to lodge a complaint to the Information Regulator (South Africa) whose contact details are as follows:
Mr Marks Thibela, Chief Executive Officer, 33 Hoofd Street Forum III, 3rd Floor, Braampark
P.O Box 31533 Braamfontein, Johannesburg, 2017.
Tel No. +27 (0) 10 023 5207, Cell No. +27 (0) 82 746 4173. firstname.lastname@example.org
How to contact us
If you have any queries about this notice; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact the Information Officer.
The Managing Partner is registered as the Information Officer and is committed to protecting your privacy and ensuring that your personal information is collected and used properly, lawfully and transparently.
Information Officer: Tokyo Ndlela – email@example.com