1. PRIVACY POLICY ON WEBSITE
1.1. The Privacy Policy on the SA website follows GDPR principles. It is summarized and easy for any person accessing the website to use. This is for external and public use.
1.2. The principles of POPIA largely follow the GDPR thus the Website Privacy Policy may remain the same for public use.
1.3. We have however amended the website Privacy Policy to reflect the provisions of POPIA. Please find attached document “WEBSITE PRIVACY POLICY –SUNGROW”.
1.4. Please note that some reference to GDPR has remained as POPIA may not have similar provisions as of yet (for example South African law does not yet deal adequately with “cookies”; and POPIA does not specifically address consent with processing of data “for performance of contracts”; rather POPIA applies its principles to any and all purposes of collecting data in general).
1.5. While this does comply with the principles of POPIA, our South African law requires a detailed policy of how data is handled by the company. This leads us to the second point.
2. DATA PROTECTION POLICY
2.1. We have drafted you a separate South African data protection policy that is detailed and which may be too long to place on a website.
2.2. Please note that this is an internal data protection policy that goes into far more detail that the website (external) Privacy Policy to meet requirements for POPIA of how the Company internally deals with personal information.
2.3. This will is NOT published on the website or in the public domain.
2.4. Included in the Data Protection Policy, are the following:
2.4.1. Framework of data collection compliance
2.4.2. Data Subject Access to Information Policy
2.4.3. Retention of Personal Information Policy
2.4.4. Data Security Policy
2.4.5. Data Breach Policy
2.4.6. Forms relating to –
2.4.6.1. Objection to processing of personal information form (in terms of POPIA)
2.4.6.2. Request for access to record of private body (in terms of PAIA)
2.4.6.3. Request for correction of deletion (in terms of POPIA)
2.4.6.4. Data Breach Report
2.5. Please find attached “SUNGROW – DATA PROTECTION POLICY”
2.6. It will be ideal to have training with you to discuss this data protection policy and explain the company’s obligations, as well as duties of the information officer. Training would be for the South African offices so they are aware of the policy. Please let us know when you would be available for such training.
Last updated: October 2023