• Asia
  • Australia
  • South Africa
  • United Kingdom
  • United States
Contact Us
Facebook Linkedin Twitter Youtube Instagram Pen Envelope Phone-alt
LogoSmall
Careers

Privacy Policy

  1. INTRODUCTION
    1. CallForce ‘(the Company’ / ‘the Data Controller’) is committed to compliance with the Protection of Personal Information Act (POPIA), for South Africa and the General Data Protection Regulation (GDPR) for EU and UK and any other data protection laws that may be introduced/amended from time to time in these territories and other geographies where we do business.
    2. CallForce adheres to applicable data protection laws in the UK. All the personal information provided by data suppliers is sourced in the UK and compiles to the GDPR and privacy regulations. This data will be processed and serviced conducted within the CallForce headquarters in South Africa. Once the data has been used it will be purged within the strict data and compliance guidelines. Some basic information such as telephone numbers will be stored for a set period (as per the guideline requirements) and the other data will be purged.
    3. The Company acknowledges that it is obliged to comply with the Protection of Personal Information Act No. 4 of 2013 (“POPIA”) South Africa , because it processes the personal information of its employees, clients, customers and candidates (‘data subjects’) from time to time.
    4. The Company has the utmost respect for privacy and takes data protection very seriously. As a contact centre business, the Company collects information about data subjects. We will do our upmost to protect information and to store personal data in a controlled, secure environment, protected from unauthorised access, use or disclosure.
    5. The Company guarantees its commitment to protecting its data subjects’ privacy and ensuring that personal information is used appropriately, transparently, securely and in accordance with applicable laws. To hold personal data securely and for the right purpose. Not to sell information to third parties.
    6. POPIA requires the Company to inform its data subjects as to how their personal information is used, disclosed and destroyed, and to give data subjects control over their data and preferences.
    7. This Policy sets out the how the Company deals with such personal information and data and stipulates the general purpose for which such information is used and shall apply to any personal information which the Company collects and processes.
    8. Data subjects should be made aware of the contents of this Policy when their consent is requested for the processing of their personal information.
  2. COLLECTION OF PERSONAL INFORMATION
    1. The Company collects and processes various types of information pertaining to its data subjects. The type of information will depend on the need for which it is collected and will be processed for that procedure only. Whenever possible, the Company will inform the data subject of the information required and which information is deemed optional.
    2. The Company must indicate to the data subject the consequence of failing to provide such personal information and indicate any prejudice which may be incurred due to non-disclosure. For example, the Company may not be able to employ an individual without certain personal information relating to that individual or the Company may not be in a position to render services to a client in the absence of certain information which is required.
    3. he company undertakes to: – Ensure we only have the minimum information required to conduct our business. – Hold the personal data securely and for the right purpose. – Not sell any personal information to third parties – Give data subjects control over their data and preferences.
    4. Examples of the personal information the Company collects includes, but is not limited to: • Information relating to the race, gender, pregnancy, marital status, national, ethnic or social origin, age, physical or mental health, well-being, disability, culture, language and birth. • Information relating to the education or the medical, financial, criminal or employment history (this includes disciplinary action) of an employee or candidate. • Banking and account information. • Contact information. • Any identifying number, symbol, email address, telephone number, location information, online identifier or other particulars specific to the data subject. • The biometric information of the data subject. • The personal opinions, views or preferences of an employee or candidate (also performance appraisals or correspondence). Other people’s views or opinions about the employee or candidate.
  3.  COLLECTION OF EMPLOYEE INFORMATION
    1. For the purposes of this Policy, employees include potential, past and existing employees of the Company.
    2. The Company will, when appointing new employees, require information, including, but not limited to that listed above, from the prospective employee in order to process the prospective employee’s information on the Company’s system. Such information is reasonably necessary for the Company’s record purposes as well as to ascertain if the prospective employee meets the requirements for the position to which he/she is being appointed and is suitable for appointment.
    3. The Company will use and process employee information as set out in point 4, for including but not limited to, its employment records and to make lawful decisions in respect of that employee and its business.
  4. USE OF EMPLOYEE INFORMATION
    1. Employees’ personal information will only be used for the purpose for which it was collected and intended. This would include, but is not limited to: • Submissions to the Department of Labour. • Submissions to the Receiver of Revenue. • For submission to the SETAS. • For audit and record keeping purposes. • In connection with legal proceedings. • In connection with and to comply with legal and regulatory requirements. • In connection with any administrative functions of the Company. • Disciplinary action or any other action to address the employee’s conduct or capacity. • In respect of any employment benefits that the employee is entitled to. • Pre- and post-employment checks and screening. • Any other relevant purpose of which the employee has been notified.
    2. If information is processed for any other reason, the Company will inform the employee accordingly.
    3. The Company acknowledges that personal information may only be processed if certain conditions are met: • The employee consents to the processing. • The processing is necessary. • The processing complies with an obligation imposed by law on the Company. • Processing protects a legitimate interest of the employee. • Processing is necessary for pursuing the legitimate interests of the Company or of a third party to whom information is supplied.
  5. COLLECTION OF CLIENT INFORMATION
    1. For purposes of this Policy, clients include potential, past and existing clients.
    2. The Company collects and processes its clients’ personal information, such as that mentioned hereunder.
    3. The type of information will depend on the need for which it is collected and will be processed for that purpose only.
    4. Further examples of personal information collected from clients include, but is not limited to: • The client’s identity number, name, surname, address, postal code. • The client’s residential and postal address. • Contact information. • Banking details. • Company registration number. • Full name of the legal entity. • Tax and/or VAT number. • Details of the person responsible for the client’s account.
    5. The Company also collects and processes clients’ personal information for marketing purposes in order to ensure that our products and services remain relevant to our clients and potential clients.
  6. USE OF CLIENT INFORMATION
    1. The client’s personal information will only be used for the purpose for which it was collected and as agreed. This may include, but not be limited to: • Providing products or services to clients. • In connection with sending accounts and communication to a client in respect of services rendered. • Referral to other service providers. • Confirming, verifying and updating client details. • Conducting market or customer satisfaction research. • For audit and record keeping purposes. • In connection with legal proceedings. • In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law.
    2. The Company acknowledges that personal information may only be processed if any of the conditions set out hereunder are met: • Client consents to the processing. • The processing is necessary. • The processing complies with an obligation imposed by law on the Company. • Processing protects a legitimate interest of the client. • Processing is necessary for pursuing the legitimate interests of the Company or of a third party to whom information is supplied.
  7. COLLECTION OF APPLICANT / CANDIDATE INFORMATION
    1. For purposes of this policy:
      1. Applicants include people who in the past, in the present or may in future apply for jobs/work/employment through CallForce and/or have posted their information on job portals seeking employment opportunities.
      2. Candidates are people who have engaged with CallForce and who have given consent to be referred by CallForce for possible jobs/work/employment with both internal and external clients.
    2. The Company collects and processes its applicant/candidate personal information, such as that mentioned hereunder.
    3. The type of information will depend on the need for which it is collected and will be processed for that purpose only.
    4. Examples of personal information collected from applicants/candidates includes, but is not limited to: • CV’s, Resumes. • References. • Qualifications. • Integrity checks (Criminal and Credit checks). • Identity number, name, surname. • Residential and postal address. • Contact information including but not limited to telephone numbers and email addresses.
  8. USE OF APPLICANT/CANDIDATE’S PERSONAL INFORMATION
    1. The applicant/candidate’s personal information will only be used for the purpose for which it was collected and as agreed. This may include, but not be limited to: • Enable CallForce to refer them to internal and external clients for the purpose of recruitment. • Confirming, verifying and updating applicant/candidate details. • For audit and record keeping purposes. • In connection with legal proceedings. • In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law.
    2. The Company acknowledges that personal information may only be processed if any of the conditions set out hereunder are met: • Applicant/Candidate consents to the processing. • The processing is necessary. • The processing complies with an obligation imposed by law on the Company. • Processing protects a legitimate interest of the Applicant/Candidate. • Processing is necessary for pursuing the legitimate interests of the Company or of a third party to whom information is supplied.
  9. DISCLOSURE OF PERSONAL INFORMATION
    1. The Company may share data subjects’ personal information with third parties as well as obtain information from such third parties for reasons set out above.
    2. Once in the Company’s possession, data subject information will only be processed and or shared with their consent, except where the company is required to do so by the law. In the latter the data subject will be informed.
    3. The Company may also disclose information where there is a duty or a right to disclose in terms of applicable legislation, the law or where it may be necessary to protect the Company’s rights.
  10. SAFEGUARDING PERSONAL INFORMATION AND CONSENT
    1. It is a requirement of POPIA and GDPR to adequately protect the personal information the Company holds and to avoid unauthorised access and use of personal information. The Company will, therefore, ensure that informed consent is obtained from the data subject where necessary.
    2. The Company shall review its security controls and processes on a regular basis to ensure that personal information is secure.
    3. The Company shall appoint an Information Officer who is responsible for the encouragement of compliance with the conditions of the lawful processing of personal information and other provisions of POPIA and/or GDPR.Information Officer details: • Name: Mr Bronwen Brown • Telephone number: 011 519 9900 • Postal address: PO Box 4129, Rivonia, 2128, South Africa • Physical address: Block B, 11 Naivasha Road, Sunninghill • Email address: bronwenit@callforce.co.za
    4. The Company’s suppliers, insurers and other third-party service providers will be required to sign a service level agreement guaranteeing their commitment to the protection of personal information; this is, however, an ongoing process that will be evaluated as required.
    5. Consent to process client information is obtained from clients (or a person who has been given authorisation from the client to provide the client’s personal information) during the introductory, appointment and needs analysis stage of the relationship.
    6. Every employee currently employed within the Company will be required to sign an addendum to their employment contract containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPIA.
    7. Each new employee will be required to sign an employment contract containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPIA.
  11. SECURITY BREACHES
    1. Should the Company detect a security breach on any of its systems that contain personal information, the Company shall take the required steps to assess the nature and extent of the breach in order to ascertain if any information has been compromised.
    2. The Company shall notify the affected parties should it have reason to believe that their information has been compromised. Such notification shall only be made where the Company can identify the data subject to which the information relates. Where it is not possible it may be necessary to consider website publication and whatever else the Information Regulator prescribes.
    3. Notification will be provided in writing by means of either: • Email. • registered mail. • placed on our website.
    4. The notification shall provide the following information where possible: • Description of possible consequences of the breach. • Measures taken to address the breach. • Recommendations to be taken by the data subject to mitigate adverse effects. • the identity of the party responsible for the breach.
    5. In addition to the above, the Company shall notify the Regulator of any breach and/or compromise to personal information in its possession and work closely with and comply with any recommendations issued by the Regulator.
  12. ACCESS AND CORRECTION OF PERSONAL INFORMATION
    1. Data subjects have the right to request access to any personal information that the Company holds about them.
    2. Data Subjects have the right to request the Company to update, correct or delete their personal information on reasonable grounds. Such requests must be made to the Company’s Information Officer (see details above) or to the Company’s head office (see details below)
    3. Where an employee or client objects to the processing of their personal information, the Company may no longer process said personal information. The consequences of the failure to give consent to process the personal information must be set out before the data subject confirms their objection.
    4. The data subject must provide reasons for the objection to the processing of their personal information.
    5. Head office details • Name: Amanda Douglas • Telephone number: 011 519 9900 • Postal address: PO Box 4129, Rivonia, 2128, South Africa • Physical address: Block B, 11 Naivasha Road, Sunninghill • Email address: mandy@callforce.co.za
  13. RETENTION OF RECORDS
    1. The Company shall ensure the safeguarding and protection of all personal information or data. The Company is obligated to retain certain information as prescribed by law. This includes but is not limited to the following:
      1. According to the Companies Act, No. 71 of 2008 and the Companies Amendment Act No 3 of 2011, hard copies of the documents mentioned below must be retained for 7 years: • Any documents, accounts, books, writing, records or other information that a company is required to keep in terms of the Act. ª Notice and minutes of all shareholders meetings, including resolutions adopted and documents made available to holders of securities. • Copies of reports presented at the annual general meeting of the company. • Copies of annual financial statements required by the Act and copies of accounting records as required by the Act.
      2. The Basic Conditions of Employment No. 75 of 1997, as amended requires the Company to retain records relating to its employees for a period of no less than 3 years.
  14. AMENDMENTS TO THIS POLICY
    1. Amendments to this Policy will take place from time to time subject to the discretion of the Company and pursuant to any changes in the law. Such changes will be brought to the attention of data subjects where it affects them.

Company Name

CallForce Direct (Pty) Ltd

Registration No. 1998/009988/07

Address + Telephone

Block B, 11 Naivasha Road, Sunninghill, Johannesburg, South Africa
011 519 9900

Document Owner/ Responsibility

Amanda Douglas

Group HR and Training Manager

Contact Details

enquiries@callforce.co.za
082 876 5463

Document Name

CallForce Data Protection and Privacy Policy Version 2

01 February 2021

CallForce PIAI and POPIA documents can be accessed here

CallForce is a registered Authorised Financial Services Provider (FSP #49936) | B-BBEE Contributor Level 1

All Rights Reserved © 2021 | Privacy Policy

Careers

Stay informed by visiting the South African COVID-19 Corona Virus Resource Portal https://sacoronavirus.co.za

learn More

Home

Sub menu text goes here

about

Sub menu text goes here

our work

Sub menu text goes here