Overview
This Privacy and Information Policy (“Privacy Policy”) has been developed to acknowledge the importance of and assist in providing a framework for, the appropriate level of protection for consumer identification, collection, holding, using, disseminating, merging, collating, disclosing and protection of your personal information (“process” or “processing”). The policy represents the company‘s commitment to compliance with its obligations under the Protection of Personal Information Act 4 of 2013 (“POPI”).
This Privacy Policy applies in respect of Virtual Creations (Pty) Ltd (Pty) Ltd and its processing of personal information.
Privacy Policy
Virtual Creations (Pty) Ltd (Pty) Ltd is committed to safeguarding the personal information entrusted to us by our clients. We manage your personal information in accordance with the Protection of Personal Information Act (POPI) and other applicable laws. This policy outlines the principles and practices we follow in protecting your personal information and is applicable to Virtual Creations (Pty) Ltd (Pty) Ltd and to any sub-contractors providing services on our behalf.
The processing of personal information
Personal information refers to any information about an identifiable individual.
This information is collected directly from our clients or from other persons after obtaining the client’s express consent. Clients are informed before or at the time of collecting the personal information of the purpose for collecting the information unless the client volunteers the information for an obvious purpose.
We provide this policy in accordance with POPI, detailing the lawful approach we take in the collection of information and in regard to the management, use and processing of all information collected from you or guests responding to event invitations and other legitimate sources and all subsequent dealings with your lawful representatives.
In the course of our business we only process personal information in relation to our clients in terms of the services requested by them, which will be detailed in the architecture / briefing document supplied by the clients which further outlines data required from invitation recipients / guests in order to attend an event.
The types of personal information collected and processed
We gather personal information about guests that vary from event to event based on the information required by the Event Organiser. The personal information is completed by the recipient of the invitation to the event / supplied by the Event Organiser. This information is specific to the event itself.
Why we process personal information
We process personal information:
- To ensure the correct information is provided to the event organiser for their logistics, attendance, and other requirements
By clicking ‘submit’ on our event website you are providing your consent to us to collect your details to process the information for the lawful purpose.
What laws authorise us to collect personal information?
We are authorised to collect your personal information, for a lawful purpose, by POPI. In order to access/collect/process your information, we act on your behalf as the “responsible party” requesting access to your information under South African legislation.
How we collect personal information
We collect personal information in South Africa from these possible legitimate sources:
- from you;
- from the documentation we request and you provide;
- from information about you that is publicly available, including court and tribunal reports and decisions.
Please note, depending on circumstances, we may choose not to collect information from all these sources.
How we hold personal information securely
In all circumstances the information is held by us on our secure systems. We take all reasonable steps to secure the integrity and confidentiality of your personal information and protect your information from misuse, loss, interference, unauthorised access, modification or unauthorised disclosure. We use appropriate security measures when destroying personal information, such as permanently deleting electronic records.
We retain personal information only as long as is reasonable to fulfil the purposes for which the information was collected.
All efforts are made to ensure sub-contractors and suppliers treat confidential information as such and destroy privy information once its purpose has been fulfilled.Once an event is complete, the master database is sent securely to the event organiser and deleted from our servers.
How we use your personal information provided
Once you have submitted your information, we are entitled to use your personal information as follows:
- to identify you as per the above upon registration at the event for which the information was intended
- to book flights, accommodation, transfers and any other elements required for the Event Organiser
- to communicate further with you by means of event communication emails such as event reminder emails, and other emails as required by the event organiser.
- We use and disclose personal information only for the purpose for which the information was collected. (Event RSVP’s)
What do we do with your personal information
The personal information provided is for the purposes of providing you with the services as per the Event Organisers agreement with their client.
We do not sell, trade, share or rent your personal information to any third party for marketing purposes whatsoever.
Access to your personal information
You are entitled to access your personal information and able to correct such information, whilst such information is held by us. You can access such information by communicating verbally or in writing with our privacy manager Jaco de Villiers.
How you may complain about our failure to comply with POPIA and access
There are 2 ways you may complain:
- Verbally, or in writing, to our Privacy Manager Jaco de Villiers at jaco@virtualcreations.co.za
- If you are a resident in South Africa, you can lodge a complaint to the Regulator completing the form as prescribed.
There is no charge for lodging a complaint.
We will write to you acknowledging receipt of the complaint. After appropriate investigation, the Privacy Manager will write to you as soon as practicable after a decision has been reached, outlining the decision and the reasons for reaching it.