TSHOLO Consulting Services
(referred to as “Company”, “our”, “we”, “us”)
WEBSITE AND GENERAL PRIVACY POLICY
1. INTRODUCTION
1.1 Thank you for your interest in our business. We take the protection of your personal information
seriously and want you to feel safe when you are visiting our website and/or engaging with us.
1.2 This Policy sets out how we will handle your personal information, as defined under applicable law,
and covers any information, including personal and special personal information (where relevant),
that you give to us or which we collect from third parties (“Personal Information”).
1.3 In carrying out our services, we will use your Personal Information in accordance with this Policy and
applicable law.
1.4 Whilst we try to balance our legitimate interests with your reasonable expectation to privacy and to
take all reasonable measures to prevent unauthorised access to, or disclosure of your Personal
Information, it is impossible to guarantee that your Personal Information will be 100% secure.
2. HOW THIS POLICY APPLIES TO YOU
2.1 This Policy will apply whenever you submit Personal Information to us, which will include (but is not
limited to) when you browse our website and software applications and/or any related (and/or
enhanced) mobile-sites, software applications or any other portals specifically made available by the
Company in relation to this platform (“Website”) or engage with us or any of our service offerings
including instances where your Personal Information is submitted to us through or by a third party
(collectively “Services”).
2.2 Your continued use of our Website and Services indicates that you (which may include any
representative acting on your behalf) have both read and consented to the terms of this Privacy
Policy and hereinafter you shall be referred to as “you”, “your or “user”).
2.3 If you do not agree to any of the provisions of this Policy, then you should not submit any Personal
Information to the Company. However, we note that if you do not consent to this Policy, or any parts
thereof, we may not be able to provide you with our services.
3. SCOPE OF OUR PROCESSING
3.1 What we Collect
We may collect information that allows you to be identified, such as:
(a) your name, age, sex, addresses, e-mail address, bank account details, identity number,
electronic identifying data (including the internet address of your domain, cookies, web forms,
IP addresses, activity logs);
(b) records of correspondence or enquiries from you or anyone acting on your behalf;
(c) details of contracts, sales, or leases you carry out with us; and
(d) sensitive and special categories of personal information, including biometric information (e.g.,
images).
3.2 How we Collect
3.2.1 You may provide Personal Information to us either directly or indirectly (through an agent or
intermediary) or through completing an application form for services or requesting further
information about our services, whether in writing, through our website or any other means.
3.2.2 We may also collect your personal information from your appointed agent, any regulator, or
other third party that may hold such information.
3.3 How we Use Personal Information
3.3.1 We may collect, use, transfer or process your Personal Information:
3.3.1.1 to provide and perform our Services to you and to improve or evaluate the
effectiveness of the Company, its services, or offerings.
3.3.1.2 to respond to and comply with your instructions, complaints, or requests.
3.3.1.3 to operate, develop and manage our website/other platforms.
3.3.1.4 for security (including fraud and crime prevention/reporting), administrative, auditing,
operational, marketing, and legal or regulatory purposes (which will include
complying with any law enforcement agency requests).
3.3.1.5 for operational, marketing, auditing, legal and record keeping requirements.
3.3.1.6 to third parties for reasons set out in this Policy or where it is not unlawful to do so.
3.3.1.7 outside of the Republic of South Africa, in accordance with applicable law, including
for cloud storage and payment purposes and the use of any of our websites.
3.3.2 We may from time to time (and at any time) contact you for market research about services
and offerings available from the Company or specific affiliates or subsidiaries which we believe
may be of interest to you, by email, phone, text, or other electronic means, unless you have
unsubscribed from receiving such communications.
3.4 Disclosure of Personal Information
3.4.1 Your Personal Information may be disclosed to the Company’s affiliates, subsidiaries,
employees, agents, sub-contractors and selected third parties who process the information on
our behalf.
3.4.2 We may also disclose your Personal Information to third parties for the purposes of rendering
our Services and for the reasons recorded in clause 3.3 above, including any third parties with
whom our supplies and services are carried out/provided in conjunction with and/or who are
involved in the completion of our supplies and services and who may need to have your
Personal Information in order to fulfil your request or the services (e.g. Third party payment
platform providers or cloud service providers).
3.4.3 Wherever these persons are located outside of the country (and your Personal Information
may be transferred cross-border) we will adhere to applicable laws.
3.5 Security
While we cannot ensure or warrant security on the internet or of any of the Personal Information you
provide us, we do continue to maintain and improve our security measures over time and in line with
legal and technological developments.
3.6 Retention
3.6.1 We may store your Personal Information directly or on a central or separate database. If the
location of the central database is in a country that does not have substantially similar data
protection laws, we will take all legally mandatory required steps to ensure that your Personal
Information is adequately protected.
3.6.2 We may retain your personal information indefinitely, unless you object, in which case we will
only retain it if we are permitted or required to do so in terms of applicable law. However,
generally, we will not retain your information for longer than is necessary or for the periods
required by applicable law.
4. YOUR RIGHTS
4.1 As a user/data subject, you have certain rights, including the right:
4.1.1 to access your Personal Information stored and processed by us. This may be done by
emailing us at the address referred to in clause 5 below;
4.1.2 to correct/rectify Personal Information that we hold on to your behalf, in instances where such
Personal Information is incorrect or incomplete;
4.1.3 to erase Personal Information (also known as ‘the right to be forgotten’). In simple terms, this
enables you to request the deletion or removal of your information where there is no compelling
reason for us keep using it. This is not a general right to erase; there are exceptions. For
example, we have the right to continue using your personal data if such use is necessary for
compliance with our legal obligations or for the establishment, exercise, or defence of legal
claims;
4.1.4 to restrict/suspend processing of Personal Information to only that which is strictly necessary
for us to perform our services to you. Please note that this right is limited in certain situations:
when we are processing your personal information that we collected from you with your
consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our
processing is unlawful and you don’t want your personal information erased; (c) you need it
for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold
it. When processing is restricted, we can still store your information, but may not use it further;
4.1.5 to complain- if we breach any of the terms of this Privacy Statement, to complain to the
requisite data protection authority in South Africa;
4.1.6 to withdraw your consent at any time, if the processing of the Personal Information is based
on consent;
4.1.7 to object to processing of Personal Information if such processing is based on legitimate
interests; and
4.1.8 to object to the processing of Personal Information for direct marketing purposes.
4.2 The exercise of these rights is free of charge.
5. Complaints
5.1 If, you wish to raise a complaint regarding the processing of your Personal Information then please
first reach out to the Company’s designated Information Officer at:
noloyiso.tlali@tsholoconsulting.co.za
5.2 However, if you are still unsatisfied with how we have handled your Personal Information, you can
lodge your complaint with the Information Regulator or authority in the applicable and relevant
country. We are happy to share further information or guidance in this regard should you
need it.
5.3 The South African Information Regulator’s contact details are set out below.
The Information Regulator
Contact Details: Tel: 012 406 4818
Fax: 086 500 3351
Email: inforeg@justice.gov.za
Website: https://www.inforegulator.org.za/
6. INDEMNITY
In agreeing to the provisions of this Statement, you hereby unconditionally agree to indemnify us
against any liability that may result from your use of this website and the processing of your Personal
Information, including any loss, damage or injury arising from any inaccurate or incomplete Personal
Information provided to us by you and/or any third party and/or any unintentional disclosure of your
Personal Information to any unauthorised persons.
7. COOKIES (not the yummy kind)
7.1 We use cookies. A cookie is a small piece of information stored on your computer, smart phone, or
device by the web browser for record-keeping purposes.
7.2 You can view and edit cookies by looking in the cookies’ directory of your browser installation. Certain
cookies are not required for the Website to work but may enhance your browsing experience.
Likewise, if you do not accept certain cookies, you may not be able to use some portions of the
Website/our Services.
7.3 The following types of cookies are used on the Website:
7.3.1 “Session cookies”: which are used to maintain a so-called ‘session state’ and only last for the
duration of your use of the website. A session cookie expires when you close your browser, or
if you have not visited the server for a certain period. Session cookies are required for the
Platform to function optimally but are not used in any way to identify you personally; and
7.3.2 “Permanent and/or Functional cookies”: these cookies permanently store a unique code on
your computer or smart device to be able to identify you as an individual user.
8. THIRD PARTY LINKS ON THE WEBSITE
The Services available through the Website, may contain links to other third-party websites. We are
not responsible for the content or privacy policies of these third-party websites.
9. AMENDMENT OF THIS STATEMENT
9.1 We may amend this Policy from time to time.
9.2 Any such amendment will come into effect and become part of any agreement you have with the
Company when notice is given to you of the change by publication on our website. It is your responsibility to check the website often.