Privacy Policy

Home / Privacy Policy

 

 

 

GROW EDUCARE CENTRES’ (GW FOUNDATION) DATA PROTECTION AND PRIVACY POLICY

This Policy governs your visit to www.growecd.org.za and your use of the GROW Mobile App Suite or any part of it (together defined as the “Service”), and explains how we collect, safeguard and use the information that you (the Data Subject defined below) disclose while using the Service. Your registration for and/or continued use of the Service is your consent to the terms set out herein.

  1. DEFINITIONS

Unless the context requires otherwise, the capitalised terms set out above and below shall have the meanings given to them –

    1. Child” means any natural person under the age of 18 (eighteen) years;
    2. Data Subject” means early childhood development (ECD) facility owners, their learners, staff and parents or caregivers of learners who may be natural or juristic persons or any other person(s) in respect of whom GW Foundation Processes Personal Information as part of their use of the Service;
    3. GW Foundation” means Grow Foundation NPC, a non profit company 2011/106929/08 duly incorporated in the Republic of South Africa with its registered address at Unit 2, Viking Place, 33 Thor Circle, Thornton, Cape Town;
    4. Personal Information” means information relating to any Data Subject, including but not limited to (i) views or opinions of another individual about the Data Subject; and (ii) information relating to such Data Subject’s –
      1. race, sex, gender, sexual orientation, pregnancy, marital status, nationality, ethnic or social origin, colour, age, physical or mental health, well-being, disability, religion, conscience, belief, cultural affiliation, language and birth;
      2. education, medical, financial, criminal or employment history;
      3. names, identity number and/or any other personal identifier, including any number(s), which may uniquely identify a Data Subject, account or client number, password, pin code, customer or Data Subject code or number, numeric, alpha, or alpha-numeric design or configuration of any nature, symbol, email address, domain name or IP address, physical address, cellular phone number, telephone number or other particular assignment;
      4. blood type, fingerprint or any other biometric information;
      5. personal opinions, views or preferences;
      6. correspondence that is implicitly or expressly of a personal, private or confidential nature (or further correspondence that would reveal the contents of the original correspondence); and
      7. corporate structure, composition and business operations (in circumstances where the Data Subject is a juristic person) irrespective of whether such information is in the public domain or not;
    5. POPIA” or “Act” means the Protection of Personal Information Act, No 4 of 2013;
    6. Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information, including –
      1. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
      2. dissemination by means of transmission, distribution or making available in any other form by electronic communications or other means; or
      3. merging, linking, blocking, degradation, erasure or destruction. For the purposes of this definition, “Process” has a corresponding meaning;
    7. Regulator” means the information regulator established in terms of the Act;
    8. Responsible Party” means a public or private body or any other person which alone or in conjunction with others, determines the purpose of and means for Processing Personal Information;
    9. Special Personal Information” means Personal Information concerning a Data Subject’s religious or philosophical beliefs, race or ethnic origin, trade union membership, political opinions, health, sexual life, biometric information or criminal behaviour; and
    10. Third-Party” means independent contractor, agent, consultant, sub-contractor or other representative of GW Foundation.</br>
  1. INTRODUCTION
    1. This Policy regulates the use and protection of Personal Information that GW Foundation
    2. GW Foundation acknowledges the need to ensure that Personal Information is handled with care and is committed to ensuring that it complies with the requirements of the Act for the Processing of Personal Information.
  2. PURPOSE OF THIS POLICY
    1. POPIA imposes obligations on both public and private bodies for the processing of Personal Information.
    2. The purpose of this Policy is to inform Data Subjects about how GW Foundation Processes their Personal Information by, inter alia, collecting or collating, receiving, recording, storing, updating, distributing, erasing or destroying, disclosing and/or generally using the Data Subject’s Personal Information.
  3. APPLICATION
    1. GW Foundation, in its capacity as Responsible Party, shall strive to observe, and comply with, its obligations under the POPIA as well as internationally accepted information protection principles, practices and guidelines when it Processes Personal Information from or in respect of a Data Subject.
    2. This Policy applies to Personal Information collected by GW Foundation in connection with the Service. This Policy is hereby incorporated into and forms part of the GW Foundation’s website and GROW Mobile App Suite terms and conditions of use. This Policy does not apply to the information practices of Third Parties (including, without limitation, their websites, platforms and/or applications) which GW Foundation does not own or control; or individuals that GW Foundation does not manage or employ. These Third-Party sites may have their own privacy policies and terms and conditions which the Data Subject should read before using.
  4. PURPOSE OF PROCESSING
    1. Data Subject agrees that GW Foundation Processes Personal Information for the following purposes:
      1. to conduct the Service for the purposes of the operation of an early learning centre;
      2. to provide and maintain the Service;
      3. to notify the Data Subject about changes to the Service;
      4. to allow the Data Subject to participate in interactive features of the Service when he/she/it chooses to do so;
      5. to provide support;
      6. to gather analysis or valuable information so that GW Foundation can improve the Service;
      7. to monitor the usage of the Service;
      8. to detect, prevent and address technical issues;
      9. to carry out GW Foundation’s obligations and enforce its rights arising from any contracts entered into by it with the Data Subject;
      10. in any other way described when the Data Subject provides the information.
    2. GW Foundation will not use the Personal Information of a Data Subject for any purpose other than the disclosed purpose without the consent of the Data Subject unless GW Foundation is permitted or required to do so by law.
    3. GW Foundation will only Process a Data Subject’s Personal Information for a specific, lawful and clear purpose (or for specific, lawful and clear purposes) and as set out above.
    4. It will ensure that there is a legal basis for the Processing of any Personal Information. Further, GW Foundation will ensure that Processing will relate only to the purpose for and of which the Data Subject has been made aware (and where relevant, consented to) and will not Process any Personal Information for any other purpose(s).
    5. If Data Subjects do not register for the Service directly, ECD facility owners shall be responsible for ensuring that they procure the written consent of the Data Subjects for the Processing of Personal Information via the Service as set out in paragraph 1. As per paragraph 9.3, this is of special importance where the Data Subject is a Child.
    6. ECD facility owners shall be responsible for ensuring the lawful use of the Personal Information by their employees and contractors, whether during their employment/engagement or after its termination/expiry, and shall indemnify GW Foundation against any claims against it arising as a result of the unlawful Processing of Personal Information by ECD facility employees and/or contractors.
  5. COLLECTING PERSONAL INFORMATION
    1. GW Foundation will always collect Personal Information in a fair, lawful and reasonable manner to ensure that it protects the Data Subject’s privacy and will Process the Personal Information based on legitimate grounds in a manner that does not adversely affect the Data Subject in question.
  6. LAWFUL PROCESSING OF PERSONAL INFORMATION
    1. In terms of POPIA, GW Foundationas the Responsible Party can only Process a Data Subject’s Personal Information where –
      1. consent of the Data Subject (or a competent person where the Data Subject is a Child) is obtained;
      2. Processing is necessary to carry out the actions for conclusion of a contract to which a Data Subject is party;
      3. Processing complies with an obligation imposed by law on GW Foundation;
      4. Processing protects a legitimate interest of the Data Subject;
      5. Processing is necessary for pursuing the legitimate interests of GW Foundation or of a third party to whom the information is supplied.
    2. GW Foundationwill only Process Personal Information where one of the legal bases referred to in paragraph 1 above is present.
    3. Where required (i.e. where we are not relying on a legal ground listed in paragraphs 7.1.2 to 7.1.5 above), and where the Processing is not listed in paragraph 5.1, GW Foundation will obtain the Data Subject’s consent prior to collecting, and in any case prior to using or disclosing, the Personal Information for any purpose.
    4. GW Foundation will make the manner and reason for which the Personal Information will be Processed clear to the Data Subject.
    5. Where GW Foundation is relying on a Data Subject’s consent as the legal basis for Processing Personal Information, the Data Subject may withdraw his/her/its consent or may object to GW Foundation’s Processing of the Personal Information at any time. This will not affect the lawfulness of any Processing done prior to the withdrawal of consent or any Processing justified by a legal ground set out in paragraphs 7.1.2 to 7.1.5 above.
    6. If the consent is withdrawn or if there is otherwise a justified objection against the use or the Processing of such Personal Information, GW Foundation will ensure that the Personal Information is no longer Processed.
  7. STORAGE OF PERSONAL INFORMATION
    1. GW Foundation will keep the Personal Information that it Processes on behalf of Data Subjects at its offices or Cape Town.
    2. GW Foundation’s Third-Party service providers, including data storage and processing providers, may from time to time also have access to a Data Subject’s Personal Information in connection with purposes for which the Personal Information was initially collected to be Processed.
    3. GW Foundation will ensure that such Third-Party service providers will process the Personal Information in accordance with the provisions of this Policy, all other relevant internal policies and procedures and the Act.
    4. GW Foundation may store your Personal Information using GW Foundation own secure on-site servers or other internally hosted technology. Your personal data may also be stored by Third Parties, via cloud services or other technology, to whom GW Foundation has contracted with, to support GW Foundation’s business operations.
    5. These Third Parties do not use or have access to your Personal Information other than for cloud storage and retrieval, and GW Foundation requires such parties to employ at least the same level of security that GW Foundation uses to protect your personal data.
  8. SPECIAL PERSONAL INFORMATION AND PERSONAL INFORMATION OF A CHILD
    1. Special Personal Information is sensitive Personal Information of a Data Subject.
    2. GW Foundation acknowledges that it is not allowed to Process Special Personal Information unless:
      1. Processing is carried out in accordance with the Data Subject’s express consent;
      2. Processing is necessary for the establishment, exercise or defence of a right or obligation in law;
      3. Processing is necessary to comply with an obligation of international public law;
      4. Processing is for historical, statistical or research purposes, subject to stipulated safeguards;
      5. information has deliberately been made public by the Data Subject; or
      6. specific authorisation has been obtained in terms of POPIA.
    3. GW Foundation acknowledges that it may not Process any Personal Information concerning a Child and will only do so where it has obtained the consent of the parent or guardian of that Child or where it is permitted to do so in accordance with applicable laws.
  9. RETENTION OF PERSONAL INFORMATION
    1. GW Foundation may keep records of the Personal Information it has collected, correspondence or comments in an electronic or hardcopy file format.
    2. GW Foundation will retain Personal Information for as long as necessary to fulfil the purposes for which that Personal Information was collected and/or as permitted or required by applicable law.
    3. GW Foundation may retain Personal Information for longer periods for statistical, historical or research purposes, and should this occur, GW Foundation will ensure that appropriate safeguards have been put in place to ensure that all recorded Personal Information will continue to be Processed in accordance with this Policy and the applicable laws.
    4. Once the purpose for which the Personal Information was initially collected and Processed no longer applies or becomes obsolete, GW Foundation will ensure that the Personal Information is deleted, destroyed or de-identified sufficiently so that a person cannot re-identify such Personal Information.
  10. SAFE-KEEPING OF PERSONAL INFORMATION
    1. GW Foundation has implemented physical, organisational, contractual and technological security measures to keep all Personal Information secure, including measures protecting any Personal Information from loss or theft, and unauthorised access, disclosure, copying, use or modification.
    2. GW Foundation will notify the Regulator and the affected Data Subject in writing in the event of a security breach (or a reasonable belief of a security breach) in respect of that Data Subject’s Personal Information.
    3. GW Foundation will provide such notification as soon as reasonably possible after it has become aware of any security breach of such Data Subject’s Personal Information.
  11. PROVISION OF PERSONAL INFORMATION TO THIRD PARTIES
    1. GW Foundation may disclose Personal Information to Third-Parties and will enter into written agreements with such Third-Parties to ensure that they Process any Personal Information in accordance with the provisions of this Policy and the Act.
    2. GW Foundation will disclose Personal Information with the consent of the Data Subject or if GW Foundation is permitted to do so without such consent in accordance with the applicable laws.
    3. GW Foundation may also make disclosures of Personal Information to a potential acquirer in connection with a transaction involving the sale of business or as otherwise permitted or required by law
    4. Further, GW Foundation may also send Personal Information to a foreign jurisdiction outside of the Republic of South Africa in order to achieve the purpose(s) for which the Personal Information was collected and Processed, including for Processing and storage by Third-Parties.
    5. When Personal Information is transferred to a jurisdiction outside of the Republic of South Africa, GW Foundation will obtain the necessary consent to transfer the Personal Information to such foreign jurisdiction or may transfer the Personal Information without the necessary consent where GW Foundation is permitted to do so in accordance with the laws applicable to the trans-border flows of Personal Information under the Act.
    6. The Data Subject should also take note that the Processing of Personal Information in a foreign jurisdiction may be subject to the laws of the country in which the Personal Information is held, and may be subject to disclosure to the governments, courts of law, enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
  12. ACCESS TO PERSONAL INFORMATION
    1. GW Foundation may request the Data Subject to provide sufficient identification to permit access to, or provide information regarding the existence, use or disclosure of the Data Subject’s Personal Information.
    2. Any such identifying information shall only be used for the purpose of facilitating access to or information regarding the Personal Information.
    3. The Data Subject can, request in writing, to review any Personal Information about the Data Subject that GW Foundation holds including Personal Information that GW Foundation has collected, utilised or disclosed.
    4. GW Foundation will provide the Data Subject with any such Personal Information to the extent required by law and any of GW Foundation’s policies and procedures which apply in terms of the Promotion of Access to Information Act, No 2 of 2000 (“PAIA“).
    5. The Data Subject can challenge the accuracy or completeness of his/her/its Personal Information in GW Foundation’s records at any time in accordance with the process set out in GW Foundation’s PAIA Manual for accessing information.
    6. If a Data Subject successfully demonstrates that their Personal Information in our records is inaccurate or incomplete, GW Foundation will ensure that such Personal Information is amended or deleted as required (including by any Third Parties).
  13. KEEPING PERSONAL INFORMATION ACCURATE
    1. GW Foundation will take reasonable steps to ensure that all Personal Information is kept as accurate, complete and up-to-date as reasonably possible.
    2. GW Foundation may not always expressly request the Data Subject to verify and update his/her/its Personal Information, unless this process is specifically necessary.
    3. GW Foundation, however, expects that the Data Subject will notify GW Foundation from time to time in writing of any updates required in respect of his/her/its Personal Information.
  14. COSTS TO ACCESS TO PERSONAL INFORMATION
    1. The prescribed fees to be paid for copies of the Data Subject’s Personal Information are listed in GW Foundation’s PAIA Manual.
  15. CHANGES TO THIS POLICY
    1. GW Foundation reserves the right to make amendments to this Policy from time to time and will use reasonable efforts to notify Data Subjects of such amendments.
  16. CONTACTING GW FOUNDATION
    1. All comments, questions, concerns or complaints regarding Personal Information or this Policy, should be forwarded to  —
      Email: info@growecd.org.za
      Tel. 021 5312134
      Unit 2, Viking Place, 33 Thor Circle, Thornton, Cape Town
    2. If a Data Subject is unsatisfied with the manner in which GW Foundation addresses any complaint with regard to GW Foundation’s Processing of Personal Information, the Data Subject can contact the office of the Regulator, the details of which are set out below –
      Website: http://justice.gov.za/inforeg/
      Tel: 012 406 4818
      Fax: 086 500 3351
      Email: inforeg@justice.gov.za