This Policy should be read in conjunction with 360 Hospitality Solutions’ Protection of Information Statement (POPI Statement) and Terms of Service.
For the purposes of this Policy, Personal Information will be understood in accordance with the definition provided in the Protection of Personal Information Act 4 of 2013 (“the Act”). We also subscribe to the principles for electronically collecting Personal Information outlined in the Act, and the further legislation referred to therein. We endeavour to ensure the quality, accuracy and confidentiality of Personal Information in our possession.
In utilising our services, using our website, surveys / other data gathering processes or otherwise providing us with your information, you agree to be subject to this Policy and as such, you may be asked or required to provide us with Personal Information.
We will however remain committed to protecting privacy is guided by our information security principles. These include but are not limited to the following underlying principles:
Accuracy – We will endeavour to make it as easy as possible for personal data to be kept up to date.
Consent – If for any reason we should need to undertake further processing of information provided by you, we shall not do so without your consent, unless legally obliged.
Confidentiality –Fundamentally, we want to give you peace of mind, so that you can share information with us with confidence! This will mean you can focus on the excellent service we provide.
Data Minimisation – Once information provided, shared or made available to us is no longer necessary to fulfil our contractual obligations, we shall ensure that any data which isn’t erased, is retained in a non-identifiable form.
Openness – We pride ourselves in exceptional customer service, helping make your life easier, whilst also guarding your interests. Therefore, should you require further explanation on a subject, we will happily clarify our role and involvement with you.
Processing Limitation – We will only process data which has been provided, shared or made available to us with the necessary consent and for the purpose which the data was provided, shared or made available to us.
Collection of Personal Information
We may obtain your personal data in the following ways:
- From service providers, primarily in the hospitality industry, with whom you may contract, interact or communicate (although we do so as their data processor);
- Directly from you when you contract, interact or communicate with us, for instance where you create an online account with us, complete a survey or a consumer review and ratings report or otherwise voluntarily providing personal data to us;
- From your accounts on other online services, where you give us permission to do so. For instance, if you use Google, Facebook or Twitter to log into our website or grant us access to data they hold, we may obtain some information from those services;
- From third parties or publicly available sources. We may obtain information about you from other sources, such as public databases, review or rating databases, joint marketing partners, social media platforms (such as Facebook), as well as from other third parties. Examples of the information we receive from other sources, may include any social media profile information or any other information that you choose to make public, as well as search results and links, including paid listings (such as sponsored links);
Depending on the relationship we hold with you, we may collect or obtain, amongst others, the following Personal Information:
- Contact Data including your address, e-mail address and telephone numbers;
- Financial Data including bank account information, company registration, VAT registration numbers etc;
- Legally Required Information, which includes any additional information that the law requires from us to verify your identity.
- Identity Data including your name, identity number, company, job title, and other facts about yourself i.e., your marital status, title, date of birth and gender;
- Marketing and Communications Data including your preferences in receiving marketing from us, our associated service providers and third parties as well as your communication preferences;
- Non-Identifiable Information such as anonymous demographic information, which is not unique, to an individual person such as their age, postal code, interests and preferences;
- Technical Data including automatically collected website usage information, your IP address, your login data, your browser type and version, your time zone setting and location, browser. plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website;
- Transaction Data including details about service orders and payments to and from you and other details about offerings / services you have purchased from us;
- Usage Data including how long you may use our website or the website of a service provider, as well as the number of times and frequency which you may access or use our website or the website of a service provider.
We may collect, in instances where you have provided it, information about other data subjects / individuals, including their Contact Data and Identity Data. If you are sharing information with us about other data subjects / individuals, you must first obtain their consent and ensure that they understand and accept how we may use their Personal Information.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data), without your consent.
Information on Children
Our Services are not intended for children, which we consider to be individuals that are 18 years of age or under, or the age of privacy consent in your jurisdiction; or when processing data on the basis of a contract, the age of legal capacity to enter into the agreement.
We will only collect or process information belonging to children under very limited circumstances. We might need to collect Personal Information belonging to children as part of our Service if, for example, the Personal Information is required by law. We will only collect Personal Information belonging to children if it is provided by and with consent of a parent or guardian. If we become aware that we have processed the Personal Information of a child without the valid consent of a parent or guardian, we will delete the Personal Information.
Use of Personal Information
We will only use your personal data when you or the law allows us to. Most commonly, we may use your personal data in the following circumstances:
- the provision and performance of our services to you including legitimate business interests;
- informing you of changes made to our terms and conditions and related policies;
- the provision of marketing related activities by us;
- responding to any queries or requests you may have;
- developing a more direct and substantial relationship with customers;
- to conduct market or customer satisfaction research or for statistical analysis
- for security, administrative and legal purposes; and
- the creation and development of market data profiles.
Save for circumstances where we have your express consent, the information that we collect is not shared with or sold to other organisations for commercial purposes. We will only disclose your Personal Information, without notice, if required to do so by law or in the good faith belief that such action is necessary to:
- Conform to the edicts of the law or comply with legal process served on we;
- Protect and defend the rights or property of 360 Hospitality Solutions by taking action in situations including, but not limited to, suspected illegal activities, fraud or violations of Terms of Service; and
- Act under exigent circumstances, including but not limited to situations involving potential threats to the physical safety of any person, whether employees or users of 360 Hospitality Solutions or members of the public.
Should we merge with or be acquired by another entity, your information will be transferred subject to the provision of us providing you with reasonable notice of our impending merger or acquisition.
Security and Storage of Personal Information
While we cannot ensure or warrant the security of any Personal Information you provide us, we will continue to maintain and improve these security measures over time in line with legal and technological developments.
We may store your Personal Information directly, or alternatively, we may store your Personal Information on, and transfer your Personal Information to a central database. If the location of the central database is located in a country that does not have substantially similar laws which provide for the protection of Personal Information, we will take the necessary steps to ensure that your Personal Information is adequately protected in that jurisdiction by means of ensuring that standard data protection clauses are enforced.
The Personal Information we collect from users shall only be accessed by our employees, representatives and consultants on a need-to-know basis, and subject to reasonable confidentiality obligations binding such persons.
We shall have the right, but shall not be obliged, to monitor or examine any information and materials including any website link that you may submit to us. You shall be solely responsible for the contents of all material you submit.
We will not sell, share, or rent your Personal Information to any third party or use your e-mail address for unsolicited mail. Any emails sent by us will only be in connection with the provision of our services and/or the marketing thereof.
We have appointed an Information Officer / Compliance Officer (CO), whose role is to ensure that we remain compliant with data protection legislation and honours this Policy.
If you have any questions about this Policy or any of our privacy practices, please contact our CO in the following ways:
Full name of legal entity: 360 Hospitality Solutions (Pty) Ltd.
Email address: firstname.lastname@example.org
Physical address: 24 Weeromkeer Nook, Die Hoes X31, Centurion, Gauteng, South Africa, 0157.
Telephone number: 071 523 6600 (ask to speak with our Information Officer).
Personal Information from Third Parties
It is important to note that the majority of the personal data we receive and process has been supplied to us by third party providers, including service providers in the hospitality industry, to whom you provide your Personal Information and grant permission, under their respective terms and conditions and/or other policies, to collect, use and share your personal data, which may include them sharing your Personal Information with us, so that we may render our services to them. As personal data held by third party providers is not under our control, we have no responsibility towards or control over how they may use any personal data they may hold.
Should you believe your personal data has been shared with us incorrectly, we urge you to review the third party providers terms and conditions and respective policy(ies) to understand how they may collect, use, and share your Personal Information, and to further better understand how you can set your privacy preferences and if required, contact the respective service provider or other third party directly, to address your concerns and if necessary withdraw your consent.
The personally identifiable information we collect about you is stored in limited access servers. Web Maniacs maintains safeguards to protect the security, integrity, and privacy of these servers and your personally identifiable information.
Retention of Personal Data (How long will you use my personal data for?)
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.
In some circumstances you can ask us to delete your data and, in some circumstances, we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
A Data Subject / Individual’s Rights (Your Rights)
A data subject / individual has the right:
- To access their Personal Information stored and processed by us. This may be done by emailing our CO at email@example.com;
- To correct any errors with the Personal Information that we may hold on them, in instances where their Personal Information is incorrect or incomplete;
- To have their Personal Information deleted (“right to be forgotten”) if it is no longer needed for the original processing purpose, or if they withdraw their consent and there is no other reason or justification for us to retain their Personal Information, or if they have objected to their Personal Information being processed and there is no justified reason for us to use or process their Personal Information;
- To restrict / suspend the processing of their Personal Information to that which is strictly necessary to enable us to perform or render our services or such other legitimate business interest;
- To lay a complaint to the appropriate data protection authority, should we breach any of the terms of this Policy;
- To at any time, withdraw their consent allowing us to process their Personal Information, the provided they have previously given us consent to process their Personal Information;
- To object to us processing their Personal Information, in instances where the processing of their Personal Information used for a legitimate business interest; and
- To object to the processing of their Personal Information for direct marketing purposes.
Disclosure of Personal Information
We may need to disclose or share your Personal Information with our business partners or service providers, including technology / software service providers, fraud prevention service providers, marketing service providers, customer support and complaints management service providers, for the purposes of our rendering our services, as well as those business partners or service providers which that assist us to protect our interest.
If our services are provided in conjunction with, or through the involvement of any service providers and/or third parties, we may provide these service providers and/or third parties with access to your Personal Information, in order to fulfil our obligations and responsibilities or protect our interest.
Cookies and Similar Technologies
A cookie is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet enabled device when you visit an on-line site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences. For simplicity, we refer to all these technologies as “cookies”.
Some of our website pages may contain electronic images known as web beacons (also known as clear gifs, tags or pixels) that allow us to count users who have visited our pages. Web beacons collect only limited information, e.g. a cookie number, time and date of a page view, and a description of the page on which the web beacon resides. We may also carry web beacons placed by third party advertisers. These beacons do not carry any information that could directly identify you.
One of the primary purposes of cookies is convenience. Cookies save you time by telling our server that you have returned to a specific page. This allows you to store certain information such as username and password, simplifying the process of accessing your account.
No Personal Information is collected or stored unless you explicitly capture it through one of the forms on our website.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
Changes to This Policy
We may, from time to time, update our policies and so encourage you to periodically visit this page in order to review any changes that may have been made. We will also notify you by e-mail should we make any significant changes that will directly affect how we handle your Personal Information.
We welcome any feedback that you may have regarding this Policy or any of our privacy practices in general. Furthermore, if you believe that we have not adhered to this Policy or your expectations, we invite you to contact us at firstname.lastname@example.org and we will use commercially reasonable efforts to promptly determine and remedy the problem.
Promotional offers from us
We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing or if we are legally entitled to send you such marketing.
Lodging a Complaint