.png)
Johnny Nel Global Growth Partnership (“us,” “we,” or “our”) www.johnnynel.com thanks you for visiting the online and mobile resources we publish. The terms “you” and “your” refer to you, the reader, and other visitors to our online and mobile resources who are, in all cases, over the age of 13. This privacy statement (“this statement,” “this privacy statement,” and “our statement”) informs you about from whom and the types of personal information we collect, how we use it, who we share it with, why we share it, and what we do to try to protect it.
Online and mobile resources refer to the websites and other internet-based features we own that allow you to interact with our websites, as well as apps we’ve created and distributed to let our
customers and followers view our online and mobile resources or otherwise interact with the content we provide.
To learn more about your California privacy rights, please scroll down to the section titled “THE CALIFORNIA CONSUMER PRIVACY ACT.”
Johnny Nel Global Growth Partnership is a Private Growth Partner Establishment. For residents from the GDPR jurisdictions, as defined below, some U.S. state privacy laws, and South African privacy laws, PRIXGIG PTY LTD www.prixgig.com is the data controller responsible for your personal data. For residents of California, PRIXGIG PTY LTD is a “Business” under the CCPA.
We may collect personal information from the following groups of data subjects: visitors to, and users of, our online and mobile resources; our customers; current members of our workforce and those who apply for posted jobs; and third-party vendors and business partners.
Personal information generally means information that can be used to identify you or that can be easily linked to you (for example, your name, address, telephone number, email address, Social Security number, and date of birth). Privacy laws in some jurisdictions include unique elements in what they consider to be personal information of consumers or data subjects they protect. If those laws apply to us, such as the California Consumer Privacy Act (“CCPA”) or the European General Data Protection Regulation (“GDPR”), our use of the phrase “personal information” includes the unique elements required by such laws.
The categories of information we collect from each of these groups, and how we use it, differ. As you may have noticed, it’s possible that the same person could fall into more than one group. Most of this statement addresses our processing and sharing of personal information collected from visitors to and users of our online and mobile resources and our customers.
There are two types of information that we obtain from you online and then store and use:
Non-personal information that is collected automatically from each visitor, such as your device’s operating system; and
Personal information that you voluntarily provide to us or that is collected automatically.
By using our online and mobile resources or purchasing our products or services, you agree to this section of our privacy statement, indicating that we may use and disclose your information as described.
Voluntarily Submitted Information
If you participate in certain activities via our online and mobile resources, you may be asked to provide us with information about yourself. The types of personal information we collect in those situations include identifiers (such as your name, email address, physical address, and phone number), professional information (such as the business you are in), and financial account information (such as your credit card information). We do not sell, rent, or trade voluntarily submitted personal information with third parties.
If you do not want us to collect this type of personal information, please do not provide it. This means you should not participate in the activities on our online and mobile resources that request or require it. You may prefer to communicate with us by phone or regular mail instead. Participation is strictly your choice. Not participating may limit your ability to take full advantage of the online and mobile resources, but it will not affect your ability to access certain information available to the general public on the online and mobile resources.
Emails and Online Forms – When you send us an email or fill out an online form, such as to contact us, your email address and any other personal information (e.g., home address or phone number) that may be in the content of your message or attached to it, are retained by us
and used to respond back directly to you and to process your request. Depending on the
personal information provided, communications from us may be in the form of emails, telephone calls, and/or text messages. We may also send you information about any of our products or services we think may be of interest to you.
Registering for an Account – When you register for an account, you submit personal information such as your name and email address which we then retain. We use that information to create and manage your account and, in some cases, establish a password and profile to communicate with you via email.
Registering for Events – When you register for services, webinars, events, conferences, or programs we host (rather than outsourced to a third-party event manager with its own privacy policies), you will be submitting the types of identifiers described above. If the event requires a fee, we may also ask you to submit credit card or other financial information. We use this information to register you for the event and send you communications regarding the event.
Becoming a Subscriber to Our Service – We use any information provided from our customers to perform our contractual obligations and provide the products and services purchased to them, to manage their accounts, and communicate with them.
Social Media and Community Features – Some of our online and mobile resources may offer social media-like community features letting users post messages and comments, and/or upload an image or other files and materials. If you choose to make use of these features, the information you post, including your screen name and any other personal information, will be in the public domain and not covered/protected by this statement.
Automatically Collected Information
When you visit our online and mobile resources, basic information is passively collected through your web browser via use of tracking technologies, such as a “cookie” which is a small text file that is downloaded onto your computer or mobile device when you access the online and mobile resources. It allows us to recognize your computer or mobile device and store some information about your preferences or past actions.
We allow third-party vendors to use cookies or similar technologies to collect information about your browsing activities over time following your use of the site. For example, we use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how you use the online and mobile resources and enhance your experience when you visit the online and mobile resources. For more information on how Google uses this data, go to
You can learn more about how to opt out of Google Analytics by going to .
The internet activity information collected through cookies and other similar means includes such things as: the domain name and IP address from which you accessed our online and mobile resources; the type of browser and operating system you use; the date and time and length of your visit; the specific page visited, graphics viewed, and any documents downloaded; the specific links to other sites you accessed from our online and mobile resources; and the specific links from other sites you used to access our online and mobile resources.
Additionally, if you access our online and mobile resources from a phone or other mobile device, the mobile services provider may transmit to us uniquely identifiable mobile device information which
allows us to then collect mobile phone numbers and associate them with the mobile device identification information. Some mobile phone vendors also operate systems that pinpoint the physical location of devices and we may receive this information as well if location services are
enabled on your device. If you do not want us to collect and use geolocation data, disable location services through your device settings.
Regardless, we use both automatically collected information and mobile device information to compile generic reports about popular pages on our online and mobile resources and to see how our customers and followers are accessing our online and mobile resources. We then use that data to administer the online and mobile resources and make them better, make your activities more convenient and efficient, and to enhance the functionality of our online and mobile resources, such as by remembering certain of your information to save you time.
We use and retain your personal information in accordance with applicable law and as long as necessary to carry out the purposes described above in accordance with our internal data retention procedures.
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period unless this data is used to strengthen the security or to improve the functionality of Our Service, or we are legally obligated to retain this data for longer time periods.
We maintain a presence on one or more external social media platforms such as Twitter, Facebook, Instagram, YouTube, and LinkedIn. We may further allow features of our online and mobile resources to connect with, or be viewable from, that external social media presence. Similarly, our online and mobile resources may contain links to other websites or apps controlled by third parties.
We are not responsible for either the content on or the privacy practices of social media platforms or any third-party sites or apps to which we link. Those apps, sites, and platforms are not controlled by us and, therefore, have their own privacy policies and terms of use. If you have questions about how those apps, sites, and platforms collect and use personal information, you should carefully read their privacy policies and contact them using the information they provide.
Johnny Nel Global Growth Partnership may use the information we collect from and about you for a variety of business purposes; in general, to provide the services, improve customer experience and engagement, and develop the services. We are committed to protecting and maintaining the privacy of your information. Therefore, we will process your data only in accordance with applicable data protection law and this Privacy Statement.
We will have a lawful basis for processing your data if:
We need to process your information in order to provide you with the products or service you have requested or to enter into a contract;
You have consented to such processing;
We have a legitimate interest for processing your data – e.g., for fraud prevention, direct marketing, network and information systems security, data analytics, enhancing or improving our
services, identifying usage trends, determining the effectiveness of promotional campaigns, and personalizing our advertising to make it easier and faster for you to place orders; and/or
We are legally obliged to process it.
We may use any and all information that we collect from you for the following customer service and transaction purposes:
To provide the requested Services to you.
To manage your account.
To personalize your experience: Your information helps us to better respond to your individual needs.
To improve our website: We continually strive to improve our website offerings based on the information and feedback we receive from you.
To diagnose problems with our servers or our Services.
To improve customer service: Your information helps us to more effectively respond to your customer service requests and support needs.
To process transactions, such as purchases and subscriptions.
To use and disclose your credit, debit, or payment card or other financial information only to process payments and prevent fraud.
To administer a contest, promotion, survey, or other site feature.
To develop new products or services and to enhance current products and services.
To send periodic emails about Services updates, your orders, or your subscription.
To protect the security or integrity of our Services and our business, such as by protecting against and preventing fraud, unauthorized transactions, claims, and other liabilities.
We may also use your information for the following commercial purposes:
To send you marketing and promotional emails.
To target prospective customers with our services (such targeting is only performed with your permission where your consent is required by applicable law).
We may also use information you provide to us for other purposes as disclosed at the time you provide your personal information or otherwise with your consent.
We use voluntarily provided personal information to respond to your inquiries and provide you with the services you have requested, among other uses as further described below. We do not sell or rent your personal information to third-party data vendors or marketing companies. As you might expect, we disclose your information when required by law.
Affiliates
In addition to those third parties set forth above, we may share your information, including personal information, within our family of companies. Those companies will use such information in generally the same manner as we do under this privacy statement, which includes sending you information about their products, services, or initiatives that may be of interest to you.
Legally Compelled Disclosures
We may disclose your information, including personal information, to government authorities, and to other third parties when compelled to do so by such government authorities, or at our discretion or otherwise as required or permitted by law, including but not limited to responding to court orders and subpoenas.
To Prevent Harm
We may disclose your information, including personal information, when we have reason to believe that someone is causing injury to or interference with our rights or property, other users of the online and mobile resources, or anyone else that could be harmed by such activities.
Business Transfer
If we or any of our affiliates, or substantially all their assets, are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, consolidation, or liquidation, personal information may be one of the transferred assets.
Vendors and Business Partners
We may share your information, including personal information, with our vendors and other third parties with whom we have a contractual relationship. We may also share your information, including personal information, with vendors who provide third-party software services that you have chosen to assist you. We do our best to disclose only the information each of those parties needs.
We have adopted standards for those vendors and business partners who receive personal information from us. We attempt to bind such vendors and business partners to those standards via written contracts. We further attempt to contractually restrict what our vendors and business partners can do with the personal information we provide to them, such that it is used only to the extent necessary to carry out the business purpose for which it was provided; is not disclosed to anyone else without our consent or under our instruction; remains, as between us and the applicable vendor or business partner, our property; and is not transferred out of the United States without our consent. Please note, however, that we cannot guarantee that all of our vendors and business partners will agree to these contractual requirements; nor can we ensure that, even when they do agree, they will always fully comply.
We may use your personal data to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt out of receiving any or all of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.
We may provide paid products and/or services within the Service. In certain cases, we collect and store payment information provided by you for the purpose of processing payments, including instances where payments may be late or overdue. While we take reasonable precautions to protect your payment information, we cannot be held liable for any loss, theft, or unauthorized access to this information.
Additionally, we may use third-party services for payment processing (e.g., payment processors). These third-party payment processors adhere to the standards set by PCI-DSS, as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of payment information. Please note that any payment card details you provide directly to these third-party
processors are governed by their respective Privacy Policies, and we disclaim any responsibility for their use or mishandling of your personal information.
You may have to provide personal information to enjoy most of the features of our online and mobile resources. Moreover, you can opt out of certain activities like newsletters and announcements.
Residents of California and EU data subjects whose personal information was obtained while they were in California or a GDPR Jurisdiction, respectively, have certain additional rights.
When you access your account on the Services, you have the option to change certain information about yourself, such as your billing or shipping address and telephone number.
Emails
If you consented to receive direct marketing from Johnny Nel Global Growth Partnership, we provide you with the opportunity to opt-out of our marketing communications or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at . Some communications from us are considered transactional or service communications (for example, account notifications and billing information). To ensure you have accurate information about your account and purchases, you do not have the option to unsubscribe from these messages.
GDPR Jurisdictions include the European Economic Area and other jurisdictions recognized by the European Commission as having adequate data protection laws. We process personal data collected from these regions in accordance with applicable laws.
We do collect or otherwise obtain personal information from data subjects located in GDPR Jurisdictions. We fulfill our GDPR obligations with respect to our customers (and their own
end-clients), and our vendors and business partners through a series of separate notices, contracts, or other terms provided to them at the time, and in the manner and form required by the GDPR and local law within each GDPR Jurisdiction.
We describe, in the following section of this statement, how we comply with the GDPR for personal information collected from visitors to and users of our online and mobile resources while they were in a GDPR Jurisdiction. For purposes of that section, the words “you” and “your” mean only GDPR Jurisdiction-based visitors and users.
What Do We Collect from You in the GDPR Jurisdictions and How Do We Use It?
We collect from you the categories of personal information already described. The lawful basis on which we rely for such collection, later use, and disclosure is what the GDPR refers to as “legitimate interest.” As stated elsewhere in this statement, we do not sell any of your personal information to third parties nor do we use it for automated decision making.
Cross-border Data Transfers and Third-Party Processors
If we transfer personal information from the GDPR Jurisdictions to a location that has not been deemed by the European Commission to have adequate privacy protections, we do so in the manner the GDPR permits.
Rights of Data Subjects in the GDPR Jurisdictions
While we attempt to allow all visitors and users of our online and mobile resources to exercise a degree of control over their personal information, under the GDPR we have a legal obligation to do so for you. More specifically, with respect to personal information collected from you while you were in a GDPR Jurisdiction, you have these rights:
Transparency
Access
Correction and deletion
Portability
Who, what, why, and where (request details on processing)
Restriction/objection
If you would like to exercise any of these rights, please contact us at Your ability to exercise these rights is subject to certain conditions and exemptions that you can read about in Articles 12 through 23 of the GDPR. Among those conditions is our right to decline part or all of a request if we cannot satisfy our reasonable doubts and concerns about your identity in a manner that helps us minimize the risk that unauthorized persons might use a GDPR right to access your personal information.
We will respond to all requests without undue delay, and in accordance with the time frames, if any, prescribed by the GDPR. If you are not satisfied with how we use your personal information or respond to your requests, you have the right to complain to your data protection regulator. Contact information for the EU data protection regulators can be found .
You may authorize someone to make a privacy rights request on your behalf (an authorized agent). Authorized agents need to demonstrate that you’ve authorized them to act on your behalf or must demonstrate they have power of attorney pursuant to applicable probate law. Johnny Nel Global Growth Partnership retains the right to request confirmation directly from you confirming that the agent is authorized to make such a request or to request additional information to confirm the
agent’s identity. An authorized agent is prohibited from using a consumer’s personal information, or any information collected from or about the consumer, for any purpose other than to fulfill the consumer’s requests, for verification, or for fraud prevention.
In other jurisdictions, with similar data privacy regulations, we may collect from you the categories of personal information already described. We collect and manage (including disclose) such data in compliance with applicable local law(s). As noted, we do not sell any of your personal information to third parties nor do we use it for automated decision-making.
Federal law imposes special restrictions and obligations on commercial website operators who direct their operations toward, and collect and use information from, children under the age of 13. We take those age-related requirements very seriously, and consistent with it, do not intend for our online and mobile resources to be used by children under the age of 18.
If we become aware that anyone under the age of 18 has submitted personal information to our online and mobile resources, we will delete that information and will not use it for any purpose whatsoever. If you believe that someone under the age of 18 has submitted personal information to our online and mobile resources, please contact us at
We encourage parents and legal guardians to talk with their children about the potential risks of providing personal information over the Internet.
We will take all reasonable security precautions to protect your personal information provided to our online and mobile resources. We have adopted a security program that includes technical, organizational, administrative, and other security measures designed to protect, in a manner consistent with accepted industry standards and applicable law, against anticipated or actual threats to the security of personal information (the “Security Program”).
We cannot, however, guarantee that your information, whether during transmission or while stored on our systems or otherwise in our care, will be free from unauthorized access or that loss, misuse, destruction, or alteration will not occur. Except for our duty to maintain the Security Program under applicable law, we disclaim any other liability for any such theft or loss of, unauthorized access or damage to, or interception of any data or communications including personal information.
We have every reason to believe our Security Program is reasonable and appropriate for our business and the nature of foreseeable risks to the personal information we collect. We further periodically review and update our Security Program, including as required by applicable law. Nonetheless, as part of our Security Program, we have specific incident response and management procedures that are activated whenever we become aware that your personal information was likely to have been compromised.
We further require, as part of our vendor and business partner oversight procedures, that such parties notify us immediately if they have any reason to believe that an incident adversely affecting personal information we provided to them has occurred.
When we collect personal information from California residents, we become subject to, and those residents have rights under, the California Consumer Privacy Act or “CCPA.” This section of our statement is used to allow us to fulfill our CCPA obligations and explain your CCPA rights. For purposes of this section, the words “you” and “your” mean only such California residents.
What Did We Collect from California Residents?
We collect the following categories of personal information: identifiers such as name, address, IP address, and other similar identifiers; personal information described in subdivision (e) of Section 1798.80 (California customer records statute) such as a name, address, telephone number, credit card number; commercial information such as products or services purchased; internet/electronic activity such as browsing history and search history; geolocation data including geographic
coordinates/physical location; and audio, video, electronic, or other similar information.
We may disclose this information for one or more business purposes permitted by the CCPA. We do not sell, and within the last 12 months have not sold, personal information to third parties.
Rights of California Residents
If you are a California resident, you have the right to request the following:
Access: Up to two times per year, you can request that we disclose to you (1) the categories and specific pieces of personal information that we have collected from you; (2) the sources of that personal information; (3) the business or commercial purpose for that collection; (4) the categories of personal information we have disclosed for a commercial purpose; and (5) the categories of third parties with whom we have shared your personal information.
Deletion: You may also request that we delete any personal information that we have collected from or about you. There may be instances where we will not be able to fully comply with your request, such as if we need the personal information to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, for our internal purposes, or to comply with a legal obligation.
More information can be found . It’s important to us that you know that if you exercise these rights, we will not “discriminate” against you by treating you differently from other California residents who use our sites and mobile resources or purchase our services but did not exercise their rights.
To exercise your rights under California law, just contact us at We may ask you to fill out a request form. The CCPA only allows us to act on your request if we can verify your identity or your authority to make the request, so you will also need to follow our instructions for identity verification.
If you are a Virginia resident, you may take advantage of certain privacy rights pursuant to Virginia Code 59.1-577. For example, you may request to access, correct, or delete your personal information.
Because “selling” personal information and engaging in “targeted advertising” as these terms are defined in Virginia law, you may also exercise your right to opt-out of such sales or targeted advertising. You have the right to appeal a denial of your privacy rights.
To take advantage of either of your rights under Virginia law, or to submit an appeal to a denial of these rights, please contact us at We may ask you to fill out a request form. We can only act on your request if we can verify your identity or your authority to make the request, so you will also need to follow our instructions for identity verification.
GDPR Jurisdictions refer to the countries composed of the European Economic Area (including Iceland, Liechtenstein, and Norway) and the following countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden.
Furthermore, Andorra, Argentina, Canada (only commercial organizations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay, and Japan have received an “adequacy decision” from the European Commission, adhering to the material terms of the GDPR. Switzerland also has its own data protection via its Federal Act of Data Protection (DPA).
GDPR no longer has jurisdiction over the United Kingdom. Since the United Kingdom (“UK”) has formally left the European Union, it is no longer regulated domestically by the material terms of the GDPR. The United Kingdom General Data Protection Regulation (“UK-GDPR”) is the UK’s data privacy law that governs the processing of personal data domestically.
We do collect or otherwise obtain personal information from data subjects located in the GDPR Jurisdictions. We fulfill our GDPR obligations with respect to our customers (and their own
end-clients), and our vendors and business partners through a series of separate notices, contracts or other terms provided to them at the time, and in the manner and form, GDPR and local law within each GDPR Jurisdiction requires.
We describe, in the immediately following section of this statement, how we comply with the GDPR for personal information collected from visitors to and users of our online and mobile resources while they were in a GDPR Jurisdiction. Thus, for purposes of that section, the words “you” and “your” mean only such GDPR Jurisdiction-based visitors and users.
We collect from you the categories of personal information already described. The lawful basis on which we rely for such collection, later use and disclosure, is what the GDPR refers to as legitimate interest. As stated elsewhere in this statement, we do not sell any of your personal information to third parties nor do we use it for automated decision making.
If we transfer personal information from the GDPR Jurisdictions to a location that has not been deemed by the European Commission to have adequate privacy protections, we do so in the manner the GDPR permits.
While we attempt to allow all visitors and users of our online and mobile resources to exercise a degree of control over their personal information, under the GDPR we have a legal obligation to do so for you. More specifically, with respect to personal information collected from you while you were in a GDPR Jurisdiction, you have these rights: transparency, access, correction and deletion, portability, who, what, why and where, and restriction/objection (for more information click here).
If you would like to exercise any of these rights, please contact .Your ability to exercise these rights is subject to certain conditions and exemptions that you can read about in Articles 12 through 23 of the GDPR. Among those conditions is our right to decline part or all a request if we cannot satisfy our reasonable doubts and concerns about your identity in a manner that helps us minimize the risk that unauthorized persons might use a GDPR right to access your personal information. We will respond to all requests without undue delay, and in accordance with the time frames, if any, prescribed by the GDPR. If you are not satisfied with
how we use your personal information or respond to your requests, you have the right to complain to your data protection regulator. Contact information for the EU data protection regulators can be found here - .
This policy forms part of the policy owner’s internal business processes and procedures. Any
reference to the “organisation” shall be interpreted to include the “policy owner”. The organisation’s governing body, its employees, volunteers, contractors, suppliers and any other persons acting on behalf of the organisation are required to familiarise themselves with the policy’s requirements and undertake to comply with the stated processes and procedures. Risk owners and control owners are responsible for overseeing and maintaining control procedures and activities.
The right to privacy is an integral human right recognised and protected in the South African Constitution and in the Protection of Personal Information Act 4 of 2013 (“POPIA”).
POPIA aims to promote the protection of privacy through providing guiding principles that are intended to be applied to the processing of personal information in a context-sensitive manner. Through the provision of quality goods and services, the organisation is necessarily involved in the collection, use, and disclosure of certain aspects of the personal information of clients, customers, employees, and other stakeholders.
A person’s right to privacy entails having control over his or her personal information and being able to conduct his or her affairs relatively free from unwanted intrusions.
Given the importance of privacy, the organisation is committed to effectively managing personal information in accordance with POPIA’s provisions.
Commercially, Johnny Nel Global Growth Partnership is a provider of growth partnership services to businesses. Under the definition of POPI, Johnny Nel Global Growth Partnership will be the responsible party, as it determines the purpose for and means by which personal information will be collected from the data subject (a client business or individual). As such, Johnny Nel Global Growth Partnership is responsible for processing personal information received as part of its growth partnership services in compliance with the POPI Act.
Johnny Nel Global Growth Partnership is a responsible party when it is processing personal information of its staff, contractors, clients, and other stakeholders and will meet all processing requirements in respect of such information. However, Johnny Nel Global Growth Partnership will not be held liable for any loss or compromise of personal information resulting from third-party security breaches, malicious attacks, or unforeseen cyber incidents, provided all reasonable and industry-standard safeguards have been implemented. The organisation will take necessary and reasonable measures to mitigate risks but cannot guarantee the security of data that has been unlawfully accessed by unauthorized parties.
The aim of the Protection of Personal Information policy is to establish a framework and set out the guiding principles and the efforts of Johnny Nel Global Growth Partnership to process personal
information of our clients, employees, and any other stakeholders in a lawful manner and ensure that the rights of the data subject are protected in accordance with the POPI Act.
The policy is applicable to all employees of Johnny Nel Global Growth Partnership, and staff members shall receive training with regards to the Protection of Personal Information policy. Failure to adhere to the policy will result in disciplinary action.
Personal information is any information that can be used to reveal a person’s identity. Personal information relates to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person (such as a company), including, but not limited to information concerning:
race, gender, sex, pregnancy, marital status, national or ethnic origin, colour, sexual orientation, age, physical or mental health, disability, religion, conscience, belief, culture, language and birth of a person;
information relating to the education or the medical, financial, criminal or employment history of the person;
any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
the biometric information of the person;
the personal opinions, views or preferences of the person;
correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
the views or opinions of another individual about the person;
the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
This refers to the natural or juristic person to whom personal information relates, such as an
individual client, customer, or a company that supplies the organisation with products or other goods.
The responsible party is the entity that needs the personal information for a particular reason and determines the purpose of and means for processing the personal information. In this case, Johnny Nel Global Growth Partnership is the responsible party.
An operator means a person who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party. For example, a
third-party service provider that has contracted with Johnny Nel Global Growth Partnership to shred documents containing personal information. When dealing with an operator, it is considered good practice for a responsible party to include an indemnity clause.
The Information Officer is responsible for ensuring the organisation’s compliance with POPIA. Where no Information Officer is appointed, the head of the organisation will be responsible for performing the Information Officer’s duties. Once appointed, the Information Officer must be registered with the South African Information Regulator established under POPIA before performing his or her duties.
Deputy Information Officers can also be appointed to assist the Information Officer.
The act of processing information includes any activity or set of operations, whether or not by automatic means, concerning personal information. This includes:
The collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, or use;
Dissemination by means of transmission, distribution, or making available in any other form; or
Merging, linking, as well as any restriction, degradation, erasure, or destruction of information.
Means any recorded information, regardless of form or medium, including:
Writing on any material;
Information produced, recorded, or stored by means of any tape-recorder, computer equipment, or other device, and any material subsequently derived from information so produced, recorded, or stored;
Label, marking, or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means;
Book, map, plan, graph, or drawing;
Photograph, film, negative, tape, or other device in which one or more visual images are embodied so as to be capable, with or without the aid of some other equipment, of being reproduced.
Any structured set of personal information, whether centralised, decentralised, or dispersed on a functional or geographical basis, which is accessible according to specific criteria.
Any identifier assigned to a data subject and used by a responsible party for purposes related to the operations of that responsible party, and which uniquely identifies the data subject in relation to that responsible party.
This means to delete any information that identifies a data subject or can be used by a reasonably foreseeable method to identify the data subject.
In relation to personal information of a data subject, this means to resurrect any information that has been de-identified that identifies the data subject, or can be used or manipulated by a reasonably foreseeable method to identify the data subject.
Any voluntary, specific, and informed expression of will in terms of which permission is given for the processing of personal information.
The act of approaching a data subject, either in person or by mail or electronic communication, for the direct or indirect purpose of:
Promoting or offering to supply, in the ordinary course of business, any goods or services to the data subject; or
Requesting the data subject to make a donation of any kind for any reason.
A technique of personal identification that is based on physical, physiological, or behavioural characterisation including blood typing, fingerprinting, DNA analysis, retinal scanning, and voice recognition.
Accept your invite to our Agile Growth Newsletter
Providing strategies to help founders build agile, high-performing businesses. Get actionable insights, strategies, and tools—delivered to your inbox every Friday.
No thanks, take me back to the site.