This Policy includes the Company’s data protection and information security policy, and applies to the Company’s End Users and Website Users. The Company, as a responsible party, will only process Personal Information in a lawfull and reasonable manner in order not to infringe the privacy of the User and/or End User.

Should any of the provisions of this Policy conflict with any terms and conditions contained in the Company‘s Terms and Conditions, then the terms and conditions, to the extent of any conflict, contained in this Policy shall prevail.

 

Binding Acceptance of Policy:

By accessing, using and/or interacting with this Website and submitting contact forms, each User signifies his/her acceptance of this Policy and agrees to be bound by the terms and conditions as recorded herein.

For as long as the End User makes use of the Products and Services, he/she/it signifies his/her acceptance of this Policy and agrees to be bound by the terms and conditions as recorded herein.

  1. Introduction

The Company is committed to protecting the personal information and privacy of our Users and End Users. A User can visit most pages on the Website without providing us with any Personal Information. Notwithstanding the aforesaid, the Company is required to process certain Personal Information in order for the User to enjoy full use of the Website, as well as to enable the Company to properly and sufficiently provide the Products and Services to our End Users. The Company, as Responsible Party, is responsible for the processing of Personal Information, which processing must be done under and in terms of POPIA. In light of the aforesaid, the Company only processes Personal Information in accordance with the contents of this Policy, the POPIA and the Regulations.

This Policy indicates which Personal Information the Company process when a User is accessing/making use of the Website, for what purpose it is being processed for, and according to which principal the processing is being permitted.

In addition, this Policy indicates which Personal Information the Company will process when an End User is making use of the Products and/or Services, for what purpose it is being processed for, and according to which principal the processing is being permitted.

  1. Definitions

In this Policy, and unless the context clearly indicates a different intention, the following expressions bear the meanings given to them below and equivalent expressions will have similar meanings:

Company” – means ITR Technology (Pty) Ltd (Registration Number: 2005/034144/07);

Domain Name” – means the domain name/s and/or internet address/es via which the Website is accessible, and more specifically https://itrtech.africa/;

End User“ – means the Company’s customers/clients who purchased a software license from the Company in order to utilise and make use of the Products and Services under and in terms of an end user license agreement;

Information Officer“ – means the Company’s  information officer, as defined in chapter 1 of the POPIA, and as recorded below;

IP” – means internet protocol;

PAIA” – means the Promotion of Access to Information Act, Act 2 of 2000;

Personal Information” – means personal information as defined in terms of section 1 of the POPIA;

Policy” – means this privacy policy;

POPIA” – means the Protection of Personal Information Act, Act 4 of 2013;

Processing” – means processing as defined under and in terms of section 1 of the POPIA;

Products ” – means the products and solutions being sold/licensed by the Company to its End Users, and more specifically the Products listed on the https://itrtech.africa/products/ and https://itrtech.africa/itr-solutions/;

Regulator” – means the regulator as defined in Chapter 1 of the POPIA;

Regulations” – means the POPIA regulations published from time to time;

Resellers” – means the entities who are granted the right to promote market and sell the Products in a specific territory, under and in terms of a reseller agreement;

Services” – means the Product support services rendered by the Company to its End Users from time to time;

Users” – means individuals who access, use and/or interact with the Website from time to time;

Terms and Conditions” – means the terms and conditions regulating and governing the relationship (i.e. rights and obligations) between the Company and its End Users, located at https://itrtech.africa/terms-and-conditions/; and

Website” – means and includes the website accessible via the Domain Name, each associated microsite and each sub-page, owned, operated and maintained by the Company.

  1. Personal Information to be processed when you access the Website

The Company automatically collects and stores certain information in its server log files that the User’s browser transmits back to the Company. This data cannot be assigned by the Company to specific individuals and this data is not merged with other data sources. The following data is collected:

  • Browser type/version;
  • Operating system used;
  • Referrer URL (the previous page visited);
  • Host name of the accessing computer (IP addresses) v4 and v6 are anonymized); and
  • Time of the server request.

The IP address is valid worldwide and uniquely identifies the User’s computer at the time of allocation by the User’s internet provider. IP, in its most common form (IPv4), consists of four blocks of digits separated by dots or extended by additional digits (IPv6). In most cases, as a private user, the User will not use a constant IP address, as this is only temporarily assigned to the User by the respective User’s internet provider. In the case of permanently assigned IP addresses, a clear assignment of user data via this feature is technically quite straightforward.

The aforementioned data will be processed by the Company for the following purposes:

  • Ensuring a smooth connection to this Website;
  • Ensuring convenient use of this Website;
  • Evaluation of system security and system stability; and
  • For further administrative and statistical purposes.

The abovementioned Personal Information, where applicable, in the server log files is processed on the basis of section 11(1)(f) of the POPIA. This authorization allows the processing of Personal Information for the purpose of a “legitimate interests” pursued by the Company, except where such interests are overridden by your fundamental rights, freedoms or interests. The Company’s legitimate interest is the facilitation of administration and the ability to detect and track hacking.

In terms of section 11(3)(a) of the POPIA, the User may object at any time to the processing of the User’s Personal Information where the Personal Information is being processed pursuant to a legitimate interest of the Company. In terms of the Regulations, a User who wishes to object to the processing of the Personal Information as outlined in this clause 3, must submit the objection to the Company on Form 1, attached to the Regulations.

In the event of the User objecting to the processing of the Personal Information as recorded in this clause 3 the Company will immediately stop and refrain from processing the above-mentioned Personal Information.

The server log files containing the abovementioned Personal Information are automatically deleted within a period of between 1 (one) to 14 (fourteen) months, depending on the Company’s applicable service provider, or anonymized if used for statistical purposes. The Company reserves the right to store the server log files for a longer period, if facts are present which could lead the Company to assume that unauthorized access has taken place.

  1. End User Personal Information

The following Personal Information of End User is processed by the Company:

  • Name and Surname;
  • Email Address;
  • Physical Work Location (i.e. geographical work location);
  • Online Usernames (i.e. Skype/Twitter/LinkedIn etc.);
  • Mobile and/or Telephone number;
  • the User and/or End User’s company name and details;
  • Software Licenses and Software codes, linked to the User/End User’s email address.

When the End User provides the Company with the Personal Information recorded in this clause 4, the Company processes same in order to sell/license and implement the Products, and in order to provide the Services to the End User, as required from time to time. In addition, the Personal Information recoded in this clause 4 is processed by the Company in order for it to respond to the End User’s enquiries, for technical administration, for login activities and for security purposes (i.e. safeguard purposes).

The End User hereby consents to the processing of the Personal Information as provided for under and in terms of this clause 4.

The End User can revoke his/her/its consent to the use/process of the Personal Information provided at any time via notice to the Company’s Information Officer, whose details are recorded below.

  1. Contact Forms

5.1 Get in Touch

The following Personal Information of Website Users is processed by the Company when the User completes and submits the “Get in Touch” contact form:

  • Name;
  • Surname;
  • Email Address;
  • Mobile and/or Telephone number; and
  • the User’s company name and details, if applicable.

When a User provides Personal Information via the Website’s “get in touch” function, the Personal Information provided is processed by the Company solely in order to contact the User.

The User hereby consents to the Processing of the Personal Information, as requested via the Website’s “get in touch” function, which consent is confirmed when the User accepts/ticks the consent “box” and submits the request.

5.2 Get a Quote

The following Personal Information of Website Users is processed by the Company when the User completes and submits the “Get a Quote” contact form:

  • Name;
  • Surname;
  • Email Address;
  • Mobile and/or Telephone number; and
  • the User’s company name and details, if applicable.

When a User provides Personal Information via the Website’s “get a quote” function, the Personal Information provided is processed by the Company solely in order to contact the User to provide feedback to the User’s enquiries and to provide the User with the quote requested.

The User hereby consents to the Processing of the Personal Information, as requested via the Website’s “get a quote” function, which consent is confirmed when the User accepts/ticks the consent “box” and submits the request.

5.3 License Renewal

The following Personal Information of End Users is processed by the Company when an End User completes and submits the “License Renewal” contact form:

  • Name;
  • Surname;
  • Email Address;
  • Mobile and/or Telephone number; the
  • the End User’s company name and details, if applicable.

When an End User provides Personal Information via the Website’s “License Renewal” function, the Personal Information provided is processed by the Company solely for the purpose of renewing the End User’s license and applicable end user license agreement.

The End User hereby consents to the Processing of the Personal Information, as requested via the Website’s “license renewal” function, which consent is confirmed when the End User accepts/ticks the consent “box” and submits the request.

5.4 Request for Training

The following Personal Information of Users and/or End Users, as the case may be, is processed by the Company when an End User/User completes and submits the “Request for Training” contact form:

  • Name;
  • Surname;
  • Email Address;
  • Mobile and/or Telephone number; the
  • the End User’s company name and details, if applicable.

When an End User and/or User provides Personal Information via the Website’s “Request For Training” function, the Personal Information provided is processed by the Company solely for the purpose of scheduling the Product training requested.

The End User/User hereby consents to the Processing of the Personal Information, as requested via the Website’s “Request for Training” function, which consent is confirmed when the End User/User accepts/ticks the consent “box” and submits the request.

5.5 Resources Subscription

The following Personal Information of Users and/or End Users, as the case may be, is processed by the Company when an End User/User completes and submits the “Resources Subscription” contact form:

  • Name;
  • Surname; and
  • Email Address.

When an End User and/or User provides Personal Information via the Website’s “Resources Subscription” function, the Personal Information provided is processed by the Company solely for subscription purposes.

The End User/User hereby consents to the Processing of the Personal Information, as requested via the Website’s “Resources Subscription” function, and opts- in to receive the Company’s resources from time to time, which consent is confirmed when the End User/User accepts/ticks the consent “box” and submits the request.

  1. Google Analytics

The Website uses Google Analytics, a web analysis service from Google Inc. (“Google“). Google Analytics uses cookies – text files that are stored on the User’s computer and enables an analysis of how the User used the Website. The information gathered by the cookie about the User’s usage of this website is generally transferred to a Google server in the United States of America (“USA”) and stored there. On behalf of the operator of the Website, Google will use this information to analyze the User’s usage of the Website, compile reports about Website activities and provide the Website operator with further services related to the Website and internet usage. The IP address transferred by the User’s browser as part of Google Analytics is not combined with other Google data. The User can prevent cookies being stored by adjusting his/her browser software accordingly, however, we would then inform the User that he/she may then not be able to make use of the full scope of functions available on the Website.

  1. Google remarketing

This Website uses Google remarketing. Google remarketing is an advertising service of Google Inc. (“Google”, Mountain View, USA), with which the Company can provide the User with targeted adverts of presumed interest, based on the User’s usage behavior during previous visits to the Website. Such adverts only appear on Google advertising spaces, either those of Google Adwords or the Google Display Network.

The User can object to Google remarketing in the Google Ad Settings or edit his/her settings. Alternatively, the User can prevent remarketing by deactivating cookies in his/her browser settings.

  1. Facebook remarketing

This Website uses the “Custom Audiences” remarketing function from Facebook Inc. (“Facebook“). This function is used to present interest-based adverts (“Facebook ads“) to visitors to this Website when the said visitors visit the social network Facebook. For this purpose, Facebook’s remarketing tag has been implemented on this Website. This tag establishes a direct connection to the Facebook servers when you visit the Website. The fact that the User visited this Website is then transmitted to the Facebook server and Facebook assigns this information to the User’s personal Facebook user account. Further information about how Facebook collects and uses data, as well as your rights and options in this regard for protecting the User’s privacy, can be found in Facebook’s privacy policy at https://www.facebook.com/about/privacy/. Alternatively, the User can deactivate the “Custom Audiences” remarketing function at https://www.facebook.com/settings/?tab=ads#_=_. The User must be logged into Facebook to do this.

  1. Google reCAPTCHA service

The Company uses the Google reCAPTCHA service to determine whether certain data entered in our online forms comes from an actual person or a computer. Google uses the following information to determine whether the Users of this Website are humans or a computer: (i) the IP address of the device the Users are using; (ii) the website the Users are visiting in which the CAPTCHA is integrated; (iii) the date and duration of the Users’ visit; (iv) the identification data of the browser and operating system which the Users are using; (v) the Google account if the Users are logged into Google; (vi) mouse movements and clicks (i.e. selecting the “I am not a Robot” option) on the reCAPTCHA images and tasks where the Users have to identify images. The legal basis for the data processing described above is section 11(1)(f) of the POPIA. The Company has a legitimate interest in the Processing of the abovementioned Personal Information to ensure the security of the Website and to protect the Company from automated input (attacks).

  1. Marketing and Direct Marketing

The Company carries out its direct marketing operations in accordance with this Policy and under and in terms of the POPIA.

The Company makes use of content/lead generation email marketing (i.e. direct/automated), online events (i.e. webinars and training) and events (seminars and training), Google marketing, social media marketing, website marketing. The Personal Information collected via the aforesaid is stored and processed for marketing purposes.

As provided for under and in terms of section 69 of the POPIA, the Company will only process Personal Information for direct marketing purposes if the User/End User has provided the requisite consent, or in the case of an End User, is an existing client/customer of the Company.

The Company makes use of and operates an “Opt – In” policy. The aforesaid entails that Users/End Users will only receive marketing/direct marketing communications from the Company if the User/End User consented (i.e. Opt – In).

If the User/End User no longer wish to receive marketing/direct marketing communications from the Company, the User/End – User can at any time revoke his/her consent by unsubscribing to receive the applicable marketing communication by clicking and submitting our unsubscribe option. The User/End User will no longer receive any marketing/direct marketing communications and the User’s/End User’s Personal Information will be deleted.

  1. Third Party Websites

On the Website the User will find links to third party websites, including the social network websites. The User can recognize the links by the respective provider’s logo. We do not process any data in this regard.

By clicking on the links, the corresponding social media pages, or third-party websites, are opened, to which this Policy does not apply. Please refer to the privacy policies of the individual providers, which will apply should the User follow the abovementioned links.

  1. Minors

The Website is not targeted at children under the age of 18. The Company will not knowingly collect information from persons under the age of 18.

  1. Collection

The Company will in most instances collect Personal Information from data subjects directly. However, Personal Information may be collected from other sources. The Company will only collect/obtain and process Personal Information obtained from other sources where the data subject provided his/her consent thereto.

  1. Retention and Destruction

The Company will retain records of Personal Information only for as long as it is necessary for achieving the purpose for which the Company collected and/or processed same, unless the Company is required to retain the applicable Personal Information for longer periods in accordance with certain legislation (i.e. law), or as otherwise authorised under and in terms of section 14 (1) of the POPIA.

Records that are no longer required, or have satisfied their required periods of retention, shall be destroyed as required under and in terms of sections 14 (4) and 15 (5) of the POPIA.

  1. Further processing of Personal Information

Unless a User and/or End User provides the Company with the required consent, further processing of Personal Information by the Company will only be done in accordance- or compatible with the purpose for which the applicable Personal Information has been collected and processed.

The Company may from time to time share Personal Information with trusted third parties (i.e. operators) to help us deliver efficient and quality services. Any such recipients (i.e. third parties/operators) will be contractually bound to safeguard the Personal Information and specifically to ensure that the Personal Information is processed under and in terms of POPIA.

  1. Information Quality

The User/End User warrants that any and all Personal Information provided to the Company from time to time is complete, accurate, up to date and not misleading. In addition, the User/End User agrees that all Personal Information processed by the Company under and in terms of this Policy is adequate, relevant and not excessive in relation to the purpose for which the Personal Information is being processed.

In order to comply with the rights of the data subject pursuant the POPIA and in order to ensure that all Personal Information is complete, accurate, up to date and not misleading, it may be necessary for the Company to contact the User/End user from time to time in order to request  confirmation of the accurateness and completeness of the applicable Personal Information, which may include further information to verify your identity as required under and in terms of POPIA.

  1. PAIA Manual

The Company’s PAIA manual, as required under and in terms of section 51 of the PAIA can be obtained at https://itrtech.africa/wp-content/uploads/2021/07/2021-07-08-ITR-PAIA-Manual.pdf.

  1. Access and Correction of Personal Information

The User/End User, who provided adequate proof of identity and in the prescribed manner and form has the right to access and request correction of his/her Personal Information as recorded under and in terms of sections 23 – 25 of the POPIA.

  1. Transborder Information Flows

The Company may be required from time to time to transfer Personal Information of the User/End User to ManageEngine’s office based in India. The aforesaid will only be done in order to effectively operate this Website as well as in order for the Company to effectively deliver its Products and render its Services to the End Users.

The User/End User hereby consents to the transfer of his/her Personal Information to ManageEngine’s office in India for the purposes outlined above.

  1. Complaints

If a User/End User believes that the Company is not processing Personal Information in accordance with this Policy or the applicable data protection legislation and/or regulations, you can lodge a complaint to the Regulator. All complaints lodged will be dealt with under and in terms of the applicable sections of Chapter 10 of the POPIA.

  1. Disclosure and Policy Changes

Disclosure of Personal Information to third parties.

As a general principle, the Company does not transfer any Personal Information to third parties other than for the purposes explained in this Policy. However, if the Company is obliged to do so by law or court order, we will transfer the applicable Personal Information to the authorities accordingly.

 

Transfer of Personal Information to our Resellers

The Company may transfer personal information of the User/End User to its Resellers, as may be required from time to time. The User/End User hereby consents to the transfer of his/her/its Personal Information by ITR to the Resellers, as may be required from time to time.

 

Changes to this Policy.

The status of this Policy is indicated by the date shown (below). The Company reserves the right to amend this Policy at any time. The latest version can be accessed directly via the Company’s Website.

In order for the End User/User to exercise any of its rights under and in terms of this Policy, kindly contact the Company’s Information officer at the following address/contact details:

 

 

INFORMATION OFFICER DETAILS

 

Information Officer:  Philip Slimowitz;

Tel:  012 665 5551;

Email:  philip@itrtech.africa;

Address:  Central Park Building 10, 13 Esdoring Nook, Highveld Techno Park, Centurion, 0169

 

LAST UPDATED: March 2022