1. DEFINITIONS
1.1. “SASHG” means the Southern African Society for Human Genetics, PBO 930042009.
1.2. “Associates” means SASHG’s committee members, sponsors and consultants of SASHG or of any of its subsidiaries.
1.3. “Cookie” means a small file that is placed on your device when you visit a Website. In this Policy, a reference to a “Cookie” includes analogous technologies such as web beacons and clear Graphic Interchange Format files (“GIFs”).
1.4. “Operator” means any person or entity that Processes Personal Information on behalf of the Responsible Party.
1.5. “Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
1.6. “POPI” means the Protection of Personal Information Act 4 of 2013.
1.7. “Process”, “Processing” or “Processed” means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.8. “Responsible Party” means the entity that decides how and why Personal Information is Processed.
1.9. “Sensitive Personal Information” means Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.
1.10. “Service Provider” – third party providers of various services whom SASHG engages, including, but not limited to, providers of information technology, communication, accounting or auditing services, expert committee members;
1.11. “Website” means any Website operated or maintained by SASHG or on SASHG’s behalf.
2. INTRODUCTION
2.1. By providing SASHG with your Personal Information, you:
2.1.1. agree to this Policy and authorise us to process such information as set out herein; and
2.1.2. authorise SASHG, its Service Providers and other third parties to Process your Personal Information for the purposes stated in this Policy.
2.2. SASHG will not use your Personal Information for any other purpose than that set out in this Policy and will endeavour to protect your Personal Information that is in SASHG’s possession from unauthorised alteration, loss, disclosure or access.
2.3. Please note that SASHG may review and update this Policy from time to time.
3. COLLECTION OF PERSONAL INFORMATION
3.1. SASHG may collect or obtain Personal Information about you:
3.1.1. directly from you;
3.1.2. in the course of SASHG’s relationship with you;
3.1.3. in the course of providing services to you;
3.1.4. when you make your Personal Information public;
3.1.5. when you visit and/or interact with SASHG’s Website or social media platforms;
3.1.6. when you interact with any third-party content or advertising on SASHG’s Website; or
3.1.7. when you attend SASHG’s conferences.
3.1.8. SASHG may also receive Personal Information about you from third parties.
3.2. In addition to the above, SASHG may create Personal Information about you such as records of your communications and interactions with SASHG, including, but not limited to, your attendance at conferences/events, subscription to SASHG newsletter or mailing list and other interactions with SASHG.
4. PERSONAL INFORMATION SASHG MAY PROCESS
4.1. SASHG may process the following categories of Personal Information about you:
4.1.1. personal details: name; and photograph;
4.1.2. demographic information: gender; date of birth / age; nationality; salutation; title; and language preferences;
4.1.3. identifier information: passport or national identity number; utility provider details; bank statements; tenancy agreements;
4.1.4. contact details: correspondence address; telephone number; email address; and details of your public social media profile(s);
4.1.5. Personal Information included in correspondence, documents, evidence or other materials that SASHG may Process in the course of providing goods or services;
4.1.6. attendance records: details of meetings and other events organised by or on behalf of SASHG that you have attended;
4.1.7. records of any consents you may have given, together with the date and time, means of consent and any related information;
4.1.8. payment details: billing address; payment method; bank account number or credit card number; invoice records; payment records; SWIFT details; IBAN details; payment amount; payment date; and records of cheques;
4.1.9. data relating to your visits to SASHG’s Website: your device type; operating system; browser type; browser settings; IP address; language settings; dates and times of connecting to SASHG’s Website; and other technical communications information;
4.1.10. employer details: where you interact with SASHG in your capacity as an employee of an organisation, the name, address, telephone number and email address of your employer, to the extent relevant; and
4.1.11. content and advertising data: records of your interactions with SASHG’s online advertising and content, records of advertising and content displayed on pages displayed to you, and any interaction you may have had with such content or advertising (including, but not limited to, mouse hover, mouse clicks and any forms you complete).
SENSITIVE PERSONAL INFORMATION
4.2. Should SASHG be required to Process your Sensitive Personal Information, SASHG will do so in the ordinary course of business, for a legitimate purpose, and in accordance with applicable law.
5. PURPOSES OF PROCESSING AND LEGAL BASES FOR PROCESSING
5.1. SASHG will Process your Personal Information in the ordinary course of business.
5.2. SASHG will primarily use your Personal Information only for the purpose for which it was originally or primarily collected.
5.3. SASHG will use your Personal Information for a secondary purpose only if such purpose constitutes a legitimate interest and is closely related to the original or primary purpose for which the Personal Information was collected.
5.4. SASHG may subject your Personal Information to Processing during the course of various activities, including, without limitation, the following:
5.4.1. operating SASHG;
5.4.2. analysis, evaluation, review and collation of information in order to determine issues and potential disputes;
5.4.3. compliance with applicable laws and fraud prevention;
5.4.4. sharing of information with our Service Providers and other third parties;
5.5. SASHG may process your Personal Information for relationship management and marketing purposes in relation to services (including, but not limited to, Processing that is necessary for the development and improvement of our services), for accounts management, and for marketing activities in order to establish, maintain and/or improve SASHG’s relationship with you and with SASHG’s Service Providers.
5.6. SASHG may also analyse your Personal Information for statistical purposes.
5.7. SASHG may process your Personal Information for internal management and management reporting purposes, including but not limited to:
5.7.1. conducting internal audits,
5.7.2. implementing internal business controls,
5.7.3. providing central processing facilities,
5.7.4. and for reporting analysis.
5.8. SASHG may Process your Personal Information for safety and security purposes.
5.9. Our website does not address anyone under the age of 18 (“children”).
5.9.1. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your children have provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will remove that information from our servers.
7. DISCLOSURE OF PERSONAL INFORMATION TO THIRD PARTIES
7.1. SASHG may disclose your Personal Information to our Service Providers, for legitimate business purposes, in accordance with applicable law and subject to applicable professional and regulatory requirements regarding confidentiality.
7.2. In addition, SASHG may disclose your Personal Information:
7.2.1. if required by law;
7.2.2. to legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
7.2.3. to any relevant party for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including, but not limited to, safeguarding against, and the prevention of threats to, public security; and
7.2.4. to any relevant third-party companies and individuals to facilitate our website (“service providers”), to provide our website on our behalf, to perform website-related services or to assist us in analysing how our website is used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
7.3. SASHG will review its relationships with Operators SASHG engages with and, to the extent required by any applicable law if force, SASHG will require such Operators to be bound by contractual obligations to:
7.3.1. only Process such Personal Information in accordance with SASHG’s prior written instructions; and
7.3.2. use appropriate measures to protect the confidentiality and security of such Personal Information.
8. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION
8.1. SASHG may process but does not transfer Personal Information to recipients outside of the Republic of South Africa.
8.2. Subject to clause 8.1, Personal Information from individuals residing outside of the Republic of South Africa is processed in line with data protection legislation in order to provide services and goods to members of SASHG.
9. DATA SECURITY
9.1. SASHG shall implement the appropriate technical and organisational security measures to protect your Personal Information that is in SASHG’s possession against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, in accordance with applicable law.
9.2. Where there are reasonable grounds to believe that your Personal Information that is in SASHG’s possession has been accessed or acquired by any unauthorised person, SASHG will notify the relevant regulator and you, unless a public body responsible for detection, prevention or investigation of offences or the relevant regulator informs SASHG that notifying you will impede a criminal investigation.
9.3. As the internet is an open system, the transmission of information via the internet is not completely secure.
9.4. Although SASHG will implement all reasonable measures to protect your Personal Information that is in SASHG’s possession, SASHG cannot guarantee the security of any information transmitted using the internet and SASHG cannot be held liable for any loss of privacy occurring during the course of such transmission.
10. DATA ACCURACY
10.1. The Personal Information provided to SASHG should be accurate, complete and up to date.
10.2. Should Personal Information change, the onus is on the provider of such data to notify SASHG of the change and provide SASHG with the accurate data.
DATA MINIMISATION
10.3. SASHG will restrict its processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.
11. DATA RETENTION
11.1. SASHG shall only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer.
12. LEGAL RIGHTS OF DATA SUBJECT
12.1. You may have rights under the South African and other laws to have access to your Personal Information and to ask SASHG to rectify, erase and restrict the use of your Personal Information.
12.2. You may also have rights to object to your Personal Information being used, to ask for the transfer of Personal Information you have made available to SASHG and to withdraw consent to the use of your Personal Information.
13. COOKIES AND SIMILAR TECHNOLOGIES
13.1. SASHG may Process your Personal Information by SASHG’s use of Cookies and similar technologies.
13.2. When you visit SASHG’s Website, SASHG may place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law.
13.3. SASHG uses Cookies to record information about your device, your browser and, in some cases, your preferences and browsing habits.
14. DIRECT MARKETING
14.1. SASHG may Process your Personal Information for the purposes of providing you with information regarding services and events that may be of interest to you.
14.2. You may unsubscribe for free at any time.
14.3. If you currently receive marketing information from us which you would prefer not to receive in the future please email the Information Officer at sashgtreasurer@gmail.com.
15. CONTACT DETAILS
15.1. You may contact SASHG at:
The Information Officer
+27 67 138 3770
sashgtreasurer@gmail.com
#SASHG acknowledges the support received from Rare Diseases South Africa in compiling various POPIA documentation for compliance purposes.