Shangri-La Academy

 

Privacy Policy

Last updated: April 16,2024

1. SCHEDULE

 

2. COMMITMENT TO YOUR PRIVACY

2.1 Welcome to the Website outlined in item 1.5 of the Schedule (“Website”), owned and operated by the Organisation specified in item 1.1 of the Schedule (“Organisation”). The Organisation is committed to protecting the privacy of the users of the Website. The Organisation values the trust of its subscribers and all others who work with it, and recognises that maintaining your trust requires transparency and accountability in how the Organisation handles your Personal Information. This privacy policy (“Policy”) is incorporated into and is subject to the Organisation’s standard terms and conditions and the general terms relating to the use of the Website.

2.2 In providing services, the Organisation may collect, use, and disclose Personal Information as needed. Those from whom the Organisation collects such information can expect that it will be appropriately and lawfully protected and that any use of or other dealing with this information is subject to consent, where required by law.

2.3 This Policy sets out how the Organisation collects, uses, discloses, and safeguards the Personal Information it processes in the course of its business.

3. DEFINITIONS

3.1 In this Policy, in addition to other terms defined in the body of the Policy, the Organisation uses the following terms:

3.1.1 “Personal Information” means all information which may be considered personal in nature or information about an identifiable natural and/or existing juristic person, in terms of the Electronic Communications and Transactions Act 25 of 2002 (“ECTA”), the Consumer Protection Act 68 of 2008 (“CPA”), and the Protection of Personal Information Act 4 of 2013 (“POPIA”).

3.1.2 “User, you, your or yourself” refers to any person who uses the Website for any purposes whatsoever, whether such use is free of charge or paid for.

3.1.3 In addition, unless the contrary is specified, terms that are used in the Policy that are specifically defined in POPIA, are given the meanings ascribed to them in POPIA.

4. WHAT PERSONAL INFORMATION DOES THE ORGANISATION COLLECT AND WHY?

The Organisation may collect Personal Information in conducting its ordinary business operations, including through the use of its Website. In processing such Personal Information, the Organisation at all times ensures that (i) it complies with the provisions of POPIA, and (ii) such Personal Information is used for legitimate business purposes.

5. OBTAINING CONSENT

The Organisation does not, except where otherwise permitted by law, collect, use, or disclose your Personal Information without your consent.

6. USE AND DISCLOSURE OF PERSONAL INFORMATION

6.1 The Organisation operates its Website and conducts its business in general in accordance with South African legislation, considering it imperative to protect the privacy interests of data subjects.

6.2 In the event that the Organisation sends Personal Information outside of South Africa (including if such information is hosted offshore), the Organisation will ensure that it takes all reasonable steps to ensure that it complies with all applicable laws in this regard, including POPIA. .

7. RETENTION OF PERSONAL INFORMATION

All Personal Information retained on the Organisation’s database, including such information obtained through the use of the Website, is in accordance with the retention provisions set out in the applicable laws and regulations of South Africa, including those set out in POPIA.

8. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION 

8.1 It is important to note that you have rights in relation to your Personal Information.

8.2 You have the right to contact the Organisation at any time to

8.2.1 Confirm that it holds your Personal Information (at no charge);

8.2.2 Provide you access to any records containing your Personal Information or a description of the Personal Information that the Organisation holds about you (subject to payment of a prescribed fee); and

8.2.3 Confirm the identity or categories of third parties who have had, or currently have, access to your Personal Information (also subject to payment of a prescribed fee).

8.3 The Organisation’s contact information is as set out in item 1.1 of the Schedule.

8.4 When you make a request regarding your Personal Information, the Organisation will take reasonable steps to confirm your identity.

8.5 There may be times when the Organisation cannot grant access to your Personal Information, including where granting you access would:

8.5.1 Interfere with the privacy of others; or

8.5.2 Result in a breach of confidentiality. The Organisation will always provide you with reasons if this is the case.

8.6 If you are of the view that any Personal Information that the Organisation holds about you is incorrect in any way, including that it is inaccurate, irrelevant, outdated, incomplete, or misleading, you are allowed to ask the Organisation to correct it. If you believe that any Personal Information that the Organisation holds about you is excessive or has been unlawfully obtained, you can ask the Organisation to destroy or delete it. You may do the same if you think that the Organisation has retained it for longer than necessary, given the purpose. The Organisation will do so unless there are good grounds not to (such as that the Organisation is required to hold it for a period prescribed by any applicable legislation).

8.7 It is important, however, to understand that if you withdraw your consent for the Organisation to use some of your Personal Information, it may affect the quality and level of service that the Organisation can provide to you.

9. SECURITY

9.1 The Organisation has adopted a security model to protect your Personal Information that complies with generally accepted information security practices and procedures. As part of the Organisation’s security systems, the Organisation has implemented firewall technology, password controls, encryption processes, and antivirus software. This is in addition to the physical security measures adopted by the Organisation to ensure that all appropriate, reasonable technical and organisational measures are taken to prevent:

9.1.1 Loss of, damage to, or unauthorised destruction of Personal Information; and

9.1.2 Unlawful access to or processing of Personal Information. The Organisation has a stringent security policy in place that every officer, employee, and supplier of the Organisation must adhere to.

9.2 The Organisation confirms that it takes all reasonable measures to:

9.2.1 Identify all reasonably foreseeable internal and external risks to any Personal Information in its possession or under its control;

9.2.2 Establish and maintain appropriate safeguards against the risks identified;

9.2.3 Regularly verify that these safeguards are effectively implemented by or on behalf of the Organisation; and

9.2.4 Ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.

10. COOKIES

10.1 The Website uses cookies to enhance user experience and functionality. Cookies are small files that a website stores on your device, which are used to maintain session information, user preferences, and other details necessary for the effective operation of our website.

10.2 The types of cookies used on our website include:

Session cookies: These are temporary cookies that remain in the cookie file of your browser until you leave the site. They enable the website to recognise you as you navigate between pages during a single browser session, making your interactions faster and more secure.

Persistent cookies: These cookies remain in the cookie file of your browser for much longer (though how long will depend on the lifetime of the specific cookie). They are used to recall your preferences when you return to our site and to enhance the experience according to your needs.

10.3 The Organisation ensures that cookies are used responsibly and transparently. The Website settings are configured to ensure that session cookies do not remain on your device after the end of your visit and cannot be used to obtain any personally identifiable details.

10.4 Users have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

10.5 Cookies are also used to collect general usage and volume statistical information that does not include personal information. This data helps us understand how our site is used and provides insights for improving user experience.

11. THIRD-PARTY WEBSITES

11.1 The Website may contain links to third-party websites. These are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).

11.2 It is important to note that these third-party websites have their own privacy policies and terms of use. We do not accept any responsibility or liability for these policies. Therefore, we advise you to check these policies before you submit any personal information to these websites.

11.3 Interacting with any third-party content or navigating to a third-party website is at your own risk. You should always exercise caution and look at the privacy statement applicable to the website in question.

11.4 We aim to ensure that only relevant and ethically managed third-party links are provided on our website, but we cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

12. UPDATING OF PRIVACY POLICY

The Organisation, in its sole discretion, reserves the right to update, modify, or amend this Policy from time to time with or without notice. You therefore agree and undertake to review the Policy whenever you visit the Website. Save as expressly provided to the contrary in this Policy, any amended version of the Policy shall supersede and replace all previous versions thereof.

13. CONTACT INFORMATION

Questions, concerns or complaints related to this Policy or the Organisation’s treatment of Personal Information should be directed to the email address set out in item 1.4 of the Schedule (admin@shangri-laacademy.co.za) or you can reach us by phone at +27 (0)11 391 1419. You are also welcome to send correspondence to our physical address at 17 Fiskaal Street, Glen Marais, Kempton Park.