Privacy Policy

Your privacy is important to us

SomeWatt Solar is located at:

SomeWatt Solar

Capricorn Business Park, Muizenberg
Cape Town, South Africa
+27 60 544 6651

It is SomeWatt Solar’s policy to respect your privacy regarding any information we may collect while operating our website. This Privacy Policy applies to somewattsolar.co.za/ (hereinafter, “us”, “we”, or “somewattsolar.co.za/”). We respect your privacy and are committed to protecting personally identifiable information you may provide us through the Website. We have adopted this privacy policy (“Privacy Policy”) to explain what information may be collected on our Website, how we use this information, and under what circumstances we may disclose the information to third parties. This Privacy Policy applies only to information we collect through the Website and does not apply to our collection of information from other sources.

This Privacy Policy, together with the Terms of service posted on our Website, set forth the general rules and policies governing your use of our Website. Depending on your activities when visiting our Website, you may be required to agree to additional terms of service.

Contents

Click below to jump to any section of this privacy policy

  1. Website Visitors
  2. Personally-Identifying Information
  3. Security
  4. Links To External Sites
  5. SomeWatt Solar uses Google AdWords for remarketing
  6. Cookies
  7. E-commerce
  8. Privacy Policy Changes
  9. Contact Information & Credit
  10. POPI

1. Website Visitors

Like most website operators, SomeWatt Solar collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. SomeWatt Solar’s purpose in collecting non-personally identifying information is to better understand how SomeWatt Solar’s visitors use its website. From time to time, SomeWatt Solar may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.

SomeWatt Solar also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on http://solar.somewattsolar.co.za/ blog posts. SomeWatt Solar only discloses logged in user and commenter IP addresses under the same circumstances that it uses and discloses personally-identifying information as described below.

Back to table of contents

2. Personally-Identifying Information

Certain visitors to SomeWatt Solar’s websites choose to interact with SomeWatt Solar in ways that require SomeWatt Solar to gather personally-identifying information. The amount and type of information that SomeWatt Solar gathers depends on the nature of the interaction. For example, we ask visitors who leave a comment at http://solar.somewattsolar.co.za/ to provide a username and email address.

Back to table of contents

3. Security

The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

Back to table of contents

Our Service may contain links to external sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy and terms of service of every site you visit.

We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites, products or services.

Back to table of contents

5. SomeWatt Solar uses Google AdWords for remarketing

SomeWatt Solar uses the remarketing services to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits. Of course, any data collected will be used in accordance with our own privacy policy and Google’s privacy policy.

You can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin.

Back to table of contents

6. Cookies

To enrich and perfect your online experience, SomeWatt Solar uses “Cookies”, similar technologies and services provided by others to display personalised content, appropriate advertising and store your preferences on your computer.

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. SomeWatt Solar uses cookies to help SomeWatt Solar identify and track visitors, their usage of http://solar.somewattsolar.co.za/, and their website access preferences. SomeWatt Solar visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using SomeWatt Solar’s websites, with the drawback that certain features of SomeWatt Solar’s websites may not function properly without the aid of cookies.

By continuing to navigate our website without changing your cookie settings, you hereby acknowledge and agree to SomeWatt Solar’s use of cookies.

Back to table of contents

7. E-commerce

Those who engage in transactions with SomeWatt Solar – by purchasing SomeWatt Solar’s services or products, are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, SomeWatt Solar collects such information only insofar as is necessary or appropriate to fulfil the purpose of the visitor’s interaction with SomeWatt Solar. SomeWatt Solar does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Back to table of contents

8. Privacy Policy Changes

Although most changes are likely to be minor, SomeWatt Solar may change its Privacy Policy from time to time, and in SomeWatt Solar’s sole discretion. SomeWatt Solar encourages visitors to frequently check this page for any changes to its Privacy Policy. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.

Back to table of contents

9. Contact Information & Credit

This privacy policy was created at privacyterms.io privacy policy generator. If you have any questions about our Privacy Policy, please contact us via email or phone.

Back to table of contents

10. POPI

SomeWatt Solar

hereinafter referred to as “The Company

Policy on Data Privacy & the Protection of Personal Information

Executive Summary

This Data Policy Set Out:

  • Legal requirements in respect of Personal information and data privacy
  • What is Personal Information and who it belongs to
  • What Personal Information will be processed by The Company
  • Why The Company needs to process a Data Subject’s Personal Information
  • What The Company will do with a Data Subject’s Personal Information
  • Who The Company will share a Data Subject’s Personal Information with
  • What The Company will do with a Data Subject’s Personal Information once the purpose for the processing comes to an end
  • How The Company will treat Personal Information belonging to another.

Contents

  1. Introduction
  2. Definitions
  3. Purpose & Objectives
  4. Application & Scope
  5. The Data Protection Principles & Conditions
  6. How Personal Information is Processed & Used
  7. Safeguarding Personal Information
  8. Access & Correction of Personal Information
  9. Information Officer
  10. Operators & Service Providers
  11. General
  12. Version & Amendments
  1. Introduction

The Protection of Personal Information Act, 4 of 2013 (POPI) regulates and controls the processing of Personal Information.

The Company is an Information Technology company which is doing business in South Africa.

The Company for the purposes of carrying out its business and related objectives, does and will from time to time, processes the Personal Information of living individuals and legal entities including public and private entities, such as Personal Information in respect of employees and staff, prospective employees and job applicants, students and interns, service providers and contractors, vendors, clients, customers, and other third parties.

The Company is obligated to comply with POPI and the data protection conditions set out in POPI with respect to the processing of all and any Personal Information.

This Policy set out how The Company will discharge its duties to ensure continuing compliance with POPI, in general, and the information protection conditions and rights of Data Subjects, in particular.

  1. Definitions

To understand the implications of this document and the objectives of POPI the reader is to take note of the following explanatory notes and POPI definitions which will be used throughout this POLICY and which may be used in the interpretation of this document:

  • biometrics” means a technique of personal identification that is based on physical, physiological or behavioural characterisation including blood typing, fingerprinting, DNA analysis, retinal scanning and voice recognition;
  • child” means a natural person under the age of 18 years who is not legally competent, without the assistance of a competent person, to take any action or decision in respect of any matter concerning him-or herself;
  • competent person” means any person who is legally competent to consent to any action or decision being taken in respect of any matter concerning a child;
  • consent” means any voluntary, specific and informed expression of will in terms of which permission is given for the processing of Personal Information;
  • Data Subject” means the person who will provide The Company or its Operator (s) with Personal Information and who consents when providing such Personal Information, to The Company‘s use thereof in accordance with the Informed Consent Notice;
  • Operator” means a natural person or a juristic person who processes a Data Subject’s Personal Information on behalf of The Company in terms of a contract or mandate, without coming under the direct authority of The Company;
  • person” means a natural person or a juristic person.
  • Personal Information” means information relating to any identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, namely the Data Subject, including, but not limited to—
    • information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person –
      • information relating to the education or the medical, financial, criminal or employment history of the person;
        any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other assignment to the person;
      • the biometric information of the person;
      • the individual opinions, views or preferences of the person;
      • correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
      • the views or opinions of another individual about the person; and
      • the name of the person if it appears with other Personal Information relating to the person or if the disclosure of the name itself would reveal information about the person.
  • processing” means any operation or activity or any set of operations, whether by automatic means, concerning Personal Information, including—
    • the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
    • dissemination by means of transmission, distribution or making available in any other form; or
    • merging, linking, as well as restriction, degradation, erasure or destruction of information; or
    • sharing with, transfer and further processing, to and with such information.
  • record” means any recorded information—
    • regardless of form or medium, including any of the following:
      • Writing on any material;
      • information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software or both, or other device, and any material subsequently derived from information so produced, recorded or stored;
      • label, marking or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means;
      • book, map, plan, graph or drawing;
      • photograph, film, negative, tape or other device in which one or more visual images are embodied to be capable, with or without the aid of some other equipment, of being reproduced;
      • in the possession or under the control of a responsible party;
      • whether or not it was created by a responsible party; and
      • regardless of when it came into existence;
  • Responsible Party” means The Company including without detracting from the generality thereof, its directors, management, executives, HR practitioners, payroll department, core benefits provider, retirement funding department, internal auditors, legal practitioner and compliance officers, company secretary, and all other employees and Operators who need to process a Data Subject’s personal Information for The Company business purposes;
  • Special Personal Information” includes any information relating to an individual’s: Ethnicity, Gender, Religious or other beliefs, Political opinions, Membership of a trade union, Sexual orientation, Medical history, Offences committed or alleged to have been committed by that individual, Biometric details, and Children’s details.
  1. Purpose & Objectives
  • The Company does on an on-going basis collect and process Personal Information belonging to Data Subjects, to carry out and pursue its business and related operational interests. This may without detracting from the generality thereof include:
    • recruitment and employment purposes;
    • concluding contracts and business transactions;
    • for risk assessments, insurance and underwriting purposes;
    • assessing and processing queries, enquiries, complaints, and/or claims;
    • conducting criminal reference checks and/or conducting credit reference searches or verification;
    • confirming, verifying and updating persons details;
    • for purposes of personnel and other claims history;
    • for the detection and prevention of fraud, crime, money laundering or other malpractice;
    • conducting market or customer satisfaction research;
    • promotional, marketing and direct marketing purposes;
    • financial, audit and record keeping purposes;
    • in connection with legal proceedings;
    • providing services to clients to carry out the services requested and to maintain and constantly improve the relationship;
    • communicating with employees, third parties, customers, suppliers and/or governmental officials and regulatory agencies; and
    • in connection with and to comply with legal and regulatory requirements or when it is otherwise required or allowed by law.
  • The objective and purpose of this Policy is therefore to set out The Company’s policy on the processing of Personal Information and to provide guidelines on how Personal Information is to be processed and safeguarded to ensure compliance with POPI.
  1. Application & Scope
  • This Policy will apply to the processing by The Company of all and any Data Subjects’ Personal Information.
  • This Policy without exception will apply to:
    • The Company and its subsidiary companies, including all employees –
      • permanent, fixed term, and temporary staff, as well as directors, executives and secondees;
    • any entity or person who processes Personal Information on behalf of The Company, whether residing or operating in South Africa, or internationally, who will hereinafter be referred to as an “Operator”, provided they have been made aware of this Policy.
  1. The Data Protection Principles & Conditions
  • Any Employee or Operator who processes Personal Information belonging to a Data Subject on behalf of The Company, shall comply with all the provisions of POPI, including the eight data protection conditions set out under section 4 of POPI, referred to below:
    • Personal Information shall be obtained and processed fairly and lawfully;
    • Personal Information shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes, unless specific consent to do so has been obtained;
    • Personal Information shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed;
    • Personal Information shall be accurate and, where necessary, kept up to date;
    • Personal Information processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes;
    • Personal Information shall be processed in accordance with the rights of data subjects under POPI;
    • Appropriate technical and organisational safeguards and measures must be put in place to protect and guard against unauthorised or unlawful processing of Personal Information and against accidental loss or destruction of, or damage to, Personal Information; and
    • Personal Information shall not be transferred outside South Africa to another country unless that country has similar Data Privacy laws to those under POPI in place, or the person to whom the Personal Information is being transferred provides a written undertaking to apply the principles set out in POPI to the processing of the personal Information.
  1. How Personal Information is Processed & Used
  • Before any Personal Information is processed, the person processing such information on behalf of The Company must bring to the Data Subject’s attention the provisions set out in The Company Consent to process Personal Information Consent Document, which is available on The Company website, and which for ease of reference is attached hereto marked Annexure “A”. This document amongst others contains the following instructions and details:
    • why the processing of the Data Subject’s Personal Information is necessary,
    • what Personal Information is required and the purpose for the requirement;
    • what will be done with the Personal Information;
    • that to use the Personal Information, the Data Subject must provide consent for such processing, unless such processing is necessary –
      • to carry out actions for the conclusion or performance of a contract to which the Data Subject is a party;
      • or is required and complies with an obligation imposed by law on either the Data Subject or the Responsible Party;
      • or is necessary to protect the legitimate interest (s) of the Data Subject or the Responsible Party;
      • or is necessary for the proper performance of a public law duty by a public body;
      • or is necessary for pursuing the Data Subject or the Responsible Party’s legitimate interests, or that of a third party to whom the Personal Information is supplied;
    • who the Personal Information will be shared with;
    • whether the Personal Information will be sent outside the borders of South Africa and what data security measures are in place to protect the information;
    • what will be done with the Personal Information once the purpose for its collection and use has expired.
  • When processing a Data Subjects Personal Information, the person processing such information must ensure that:
    • they only process Personal Information, which is relevant and accurate and only for the purpose for which it is required; and
    • Special Personal Information will only be processed in line with the provisions set out under POPI and in accordance with instructions set out by the Information Officer from time to time.
  1. Safeguarding Personal Information
  • All Company employees and where applicable, Operators and persons acting on behalf of The Company, must before processing Personal Information ensure that the record containing the Personal Information, will be kept secure and that appropriate measures and safeguards are in place to prevent any unauthorised access, disclosure and / or loss of such Personal Information.
  • Removing and Downloading Personal Information on to portable devices from workplace equipment, or taking soft copies of Personal Information off-site, must be authorized in writing by the manager of the relevant department from where the information emanates and a copy of such authorisation must be sent to the Information Officer. This removal will be subject to the following provisions:
    • the person removing the Personal Information must explain and justify the operational need for the removal in relation to the volume and sensitivity of the Personal Information and ensure that the details of the Personal Information being removed is documented and recorded under a “removal register”;
    • the Personal Information to be removed must be strongly encrypted;
    • the person removing and using said data should only store the data necessary for their immediate needs and should remove the data as soon as possible once dealt with and such removal should be confirmed by way of a recordal in the removal register;
    • to avoid loss of encrypted data, or in case of failure of the encryption software, an unencrypted copy of the data must be held in a secure environment.
  • Where it is necessary to store Personal Information on portable devices such as laptops, USB flash drives, portable hard drives, CDs, DVDs, or any computer not owned by The Company, employees and where applicable, Operators and persons acting on behalf of The Company, without exception, must before storing the said Personal Information, ensure that the data is encrypted and is kept secure and that appropriate measures and safeguards are in place to prevent unauthorised access, disclosure and loss of such Personal Information. Clauses 7.2.1 – 7.2.5 will apply mutatis mutandi to the said data.
  • Where paper or hard copies of Personal Information are removed from The Company premises, employees and where applicable, Operators and persons acting on behalf of The Company, without exception, must before removing said Personal Information ensure that only that data necessary for the purpose it is being removed is taken, is documented in a removal register and is thereafter whilst away from The Company premises kept safe and secure and that appropriate measures and safeguards are in place to prevent any unauthorised access, disclosure and loss of such Personal Information.
  • Paper or hard copies of Personal Information and portable electronic devices containing Personal Information, should be stored in locked units, which should not be left on desks overnight, or in view of other employees, or third parties.
  • Personal Information, which is no longer required, should be securely archived and retained, as per The Company record retention and destruction policy.
  • Personal Information must not be disclosed unlawfully to any third party.
  • Where an OPERATOR is to process Personal Information on behalf of The Company, such processing will be subject to a written OPERATOR agreement concluded between The Company and the OPERATOR, which agreement is to be substantially in same format as the standard The Company OPERATOR agreement annexed hereto marked Annexure “B”.
  • All losses of Personal Information must be reported to the relevant manager of the department from where the information emanates, the departmental Data Protection Coordinator and the Information Officer.
  • Negligent loss or unauthorised disclosure of Personal Information, or failure to report such events, will be subject to disciplinary proceedings.
  • The Company, via its Information Security Officer and IT department, will continuously review its security controls and processes to ensure that all Personal Information is secure.
  1. Access & Correction of Personal Information
  • In terms of POPI, a Data Subject has the right to:
    • request access to their Personal Information which The Company holds, provided that they follow the “Access to Information Procedure” set out in The Company PAIA Manual published on The Company website;
    • ask The Company to update, correct or delete any of its Personal Information, which The Company thereafter has a duty to correct, except if The Company is of the view that the request is incorrect, invalid and/or unreasonable.
    • object to The Company processing their Personal Information, which The Company holds about them, by filing a notice of objection.
  • In the event of any of the above mentioned instances, such request should be submitted to The Company Information Officer for further attention and action.
  1. Information Officer
  • The Company has appointed an Information Officer who has been tasked with the primary responsibility for compliance with POPI.
  • All The Company employees must:
    • raise any concerns in respect of the processing of Personal Information with the Information Officer;
    • promptly pass on to the Information Officer all Data Subject access requests and requests from third parties for Personal Information;
    • report losses or unauthorised disclosures of Personal Information to the Information Officer as soon as such loss or disclosure has been noted; and
    • address any queries or concerns about this Policy and/or compliance with POPI with the Information officer.
  1. Operators & Service Providers

Where any COMPANY employee requires a COMPANY service provider, contractor and/or agents (Operator) to process Personal Information for or on behalf of The Company, such employee shall ensure that prior to such processing a standard COMPANY Operator Agreement is concluded with the Operator in respect of such processing.

  1. General

Any transgression of this Policy will be investigated and may lead to disciplinary action being taken against the offender.

  1. Version & Amendments

This Policy is effective as 11 February 2021.