fbpx
PRIVACY POLICY2021-08-03T11:56:39+02:00

PRIVACY POLICY

PRIVACY POLICY FOR INTERMARKET

When you use our services, you’re trusting us with your information. We understand that this is a big responsibility and work hard to protect your information and ensure that it is not used for the purpose unintended by you. At Intermarket we are committed to protecting your privacy and confidentiality to ensure that your personal information is collected and used properly, lawfully and transparently.

 

WHO ARE WE

We are Clare Smith Amenities (PTY) LTD, registration number: 2015/158325/07, trading as Intermarket.

Intermarket provides stylish, classic and economical guest amenities to hotels, guest houses and Airbnb’s. Over the past 30 years we have built our business and culture towards efficient and consistent service delivery together with exceptional products, while staying current with trends in design and industry requirements. We are located in 6 Wetton Park, Dolphin Way,Wetton, Cape Town, 7780. Our contact details are as follows:

Telephone: 0217614246

WhatsApp: 0604901879

We are also available on Instagram and Facebook: intermarketguestamenities

Our website address is: https://intermarket.co.za.

 

WHAT INFORMATION DO WE COLLECT 

  • Contact details: Including your first name, last name, company name, contact number, email address.
  • Name of business.
  • Delivery Details: Country, Province, Town/City, postal code.
  • Billing details.

 

WHY WE COLLECT THE INFORMATION? 

The main purpose of collecting the above mentioned information is to understand your requirements and deliver an outstanding service. In addition, we collect the information for the following reasons:

  • Record keeping and auditing purposes.
  • To confirm and verify your identity, basically verify that you are an authorized user.
  • To conduct market or customer satisfaction research in order to improve our products and service.
  • We may send promotional emails about new products and specials on offers. However, you have the option to unsubscribe to the promotional emails.
  • To detect and prevent fraud and other malpractices.
  • For legal proceedings when necessary.

 

COMMENTS

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

 

CONTACT FORM

We collect the following personal information from a contact form submitted by a customer:

  • Contact details: Including your first name, last name, company name, contact number, email address.
  • Name of business.
  • Delivery Details: Country, Province, Town/City, postal code.

 

This information is kept for a period of 2 years for customer service purposes and not for marketing purposes.

COOKIES

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience and prevent you from having to re-enter your identification and password information each time you visit our site. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

We also use Cookies to enhance the user experience. Cookies allow us to statistically monitor how many people are using the Site and for what purposes, how often someone visits the Site, and the length of their stay. This information helps us dynamically generate advertising and information specifically designed for your interests.

 

EMBEDDED CONTENT FROM OTHER WEBSITES

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

 

DISCLOSURE OF INFORMATION

Your information will be disclosed to our service providers who deliver our products and services to you and for payment details. We have agreements in place to ensure that they comply with the privacy requirements.

  • Where we have a duty or a right to disclose in terms of law or industry codes.
  • Where we believe it is necessary to protect our rights.

 

PAYMENTS

We accept payments through SagePay. When processing payments, some of your data will be passed to SagePay, including information required to process or support the payment, such as the purchase total and billing information.

Please see the SagePay Privacy Policy for more details:

https://sagepay.co.za/privacy-policy/

 

HOW LONG WE RETAIN YOUR DATA

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

 

SECURITY

We are committed to providing adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. In order to prevent unauthorised access or disclosure, we have put in place suitable electronic and managerial procedures to safeguard and secure the information we collect online.

Our contracts with third parties state the appropriate security, privacy and confidentiality obligations in order to ensure that the personal information we are responsible for, is kept secure. We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

At Intermarket, we will continuously review our security controls and related processes to ensure that your personal information remains secure.

 

ACCESS TO INFORMATION/ CORRECTION OF YOUR INFORMATION

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In order to do this, simply send us an email specifying the information you require or would like to change/delete, accompanied by your ID copy.

 

POPIA CONDITIONS

1.  Accountability

The responsible party must ensure that the conditions and all the measures set out in the Act that give effect to such conditions, are complied with at the time of the determining the purpose and means of the processing.

Questions to ask:

  • Who will be tasked with the responsibility of compliance in your organisation? Megan will be held liable for non-compliance in certain situations.
  • How will this individual ensure the organisation is POPI compliant?  Please refer to our Privacy Policy & Terms of Service. Intermarket is POPIA Compliant and will ensure that Intermarket is in accordance with the requirements of the Protection of Personal Information Act (“POPIA”)

2.  Processing Limitation

Personal information may only be processed in a fair and lawful manner and only with the consent of the data subject.

  • Was the personal information obtained directly from the Data Subject? Any personal information must be obtained directly from the Data Subject. Intermarket will only gather and process information of users who are willing to give out their personal information for purchasing, subscription and special offers on the Intermarket Store. This is in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).
  • Is the Data Subject aware that you have gathered his/her information and consented to the information being used? Consent from the Data Subject is essential before gathering or processing any personal information. Intermarket ensures that every user that shares their personal information with Intermarket have shared their personal details in accordance with the Protection of Personal Information Act (POPIA).
  • If the personal information has been gathered from a third party, has the Data Subject consented to this information being shared and used by you? Every Data Subject who has shared personal information with Intermarket has done so within their own control and understanding of the Intermarket Privacy Policy.

3.  Purpose Specific

Personal information may only be processed for specific, explicitly defined and legitimate reasons.

  • For what specific, explicit and lawful purpose is the personal information being collected?The main purpose of collecting the above mentioned information is to understand your requirements and deliver an outstanding service. In addition, we collect the information for the following reasons:
    • Record keeping and auditing purposes.
    • To confirm and verify your identity, basically verify that you are an authorized user.
    • To conduct market or customer satisfaction research in order to improve our products and service.
    • We may send promotional emails about new products and specials on offers. However, you have the option to unsubscribe to the promotional emails.
    • To detect and prevent fraud and other malpractices.
    • For legal proceedings when necessary.

     

  • Is the Data Subject aware of the purpose for which the data has been collected? Data Subject has the right to know what information you have and for what purpose it was gathered.We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.

    We may also disclose your information:

    • Where we have a duty or a right to disclose in terms of law or industry codes;
    • Where we believe it is necessary to protect our rights.
  • For what time period may you retain specific personal information? Personal information may only be used for the specific purpose for which it was gathered and thereafter it must be destroyed.You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require.  We will need a copy of your ID document to confirm your identity before providing details of your personal information.

    Please note that any such access request may be subject to a payment of a legally allowable fee. 

    This information is kept for a period of 2 years for customer service purposes and not for marketing purposes.

 

  • How will you keep track of when personal information must be destroyedYou will be required to account for what information you hold, for what purpose it was gathered and a date that that information must be destroyed.Intermarket will hold onto data subject information if the user has purchased from the store as well as subscribers who shared their information, they have done willingly in accordance with the Intermarket Privacy Policy and Terms of Service. You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require.  We will need a copy of your ID document to confirm your identity before providing details of your personal information.

    Please note that any such access request may be subject to a payment of a legally allowable fee. 

  • What process will be used to destroy Personal Information, in a manner that prevents its reconstruction, after you are no longer authorized to retain such records? If Data subject wishes to remove their personal information on the store, they can contact Intermarket and Intermarket will make sure that all personal information is destroyed by going into the customer list and remove any and all related information regarding the Data Subject. Intermarket will keep Data Subject information for a period of up to and not exceeding 2 years, after the period, Intermarket will destroy all Data Subjects Information by removing all customer-related data on the store’s customer list.

4.  Further Processing Limitation

Personal information may not be processed for a secondary purpose unless that processing is compatible with the original purpose.

  • If you intend to reuse personal information is it in accordance and compatible with the purpose for which it was collected? Intermarket does not intend to use Data Subject personal information for anything other than the sole purpose of sharing personal information with Intermarket. Intermarket will not share any customer inforamtion with any party other than Intermarket themselves.
  • Is the Data Subject aware of the continued use of their personal information? Intermarket ensures that every user that shares their personal information with Intermarket have shared their personal details in accordance with the Protection of Personal Information Act (POPIA). Intermarket does not intend to use Data Subject information for anything other than the sole purpose of collecting user information for their intended purpose. Please refer to Point 3 of the POPIA Conditions on Intermarket’s Privacy Policy.

5.  Information Quality

The responsible party must take reasonable steps to ensure that the personal information collected is complete, accurate, not misleading and updated where necessary.

  • What process do you have in place to allow Data Subjects to update their information or withdraw consent?Your Rights: Access to information

    You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require.  We will need a copy of your ID document to confirm your identity before providing details of your personal information.

    Please note that any such access request may be subject to a payment of a legally allowable fee.

6.  Openness

The data subject whose information you are collecting must be aware that you are collecting such personal information and for what purpose the information will be used.

  • How do you gather personal information from Data Subjects and what process do you have in place to get consent for collecting and using personal information?We will use your personal information only for the purposes for which it was collected and agreed with you.  In addition, where necessary your information may be retained for legal or research purposes.
    • To gather contact information;
    • To confirm and verify your identity or to verify that you are an authorised user for security purposes;
    • For the detection and prevention of fraud, crime, money laundering or other malpractice;
    • To conduct market or customer satisfaction research or for statistical analysis;
    • For audit and record-keeping purposes;
    • In connection with legal proceedings.

You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

  • How do you inform the Data Subject of the purpose for which the information is being gathered? The Data Subject must be informed of how the data will be used at the time of gathering the information.
  • What evidence do you have that Data Subjects have consented to the collection of their personal information? You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.
  • Does the Data Subject know who the responsible party is in your organization?       When gathering information, Data Subjects must be given the details of the responsible person in your organization including contact details.
  • How do you inform the Data Subjects of their right to lodge a complaint with the Information Regulator? At the time that the personal information is gathered, the Data Subject must be advised of his/her rights to complain to the Information Regulator if misuse is suspected. The Information Regulator’s information and contact details must be provided to the Data Subject.
  • Have you advised the Data Subject of his/her rights to access his/her information and to object to the processing of said information? This is a requirement.
  • What procedure do you have in place to identify any foreseeable internal and external risks to personal information? A safety and security risk assessment is required.
  • What processes do you have in place to prevent personal information from falling into unauthorized hands? Strict adherence to safety and security policies must be enforced. This procedure should be covered in the POPIA policies and procedures manual.
  • What procedure do you have in place to establish and maintain appropriate safeguards against the identified risks? The responsible person must enforce strict policies and procedures to safeguard personal information in your possession.       This procedure should be covered in the POPIA policies and procedures manual.
  • How do you determine which employees are permitted access personal information and what information they are permitted to access? Strict policies and procedures are required regarding who has access, and how they gain access, to the personal information in your possession.       This procedure should be covered in the POPIA policies and procedures manual.
  • What processes do you have in place to alert you when personal information is accessed or modified without authorization? This procedure should be covered in the POPIA policies and procedures manual.
  • What processes do you have in place to identify the source of a data breach and the procedure to follow to neutralize such breach? WordPress is constantly creating updates, bug fixes, and security improvements to protect you. If a Data Breach Occurs on Intermarket, the store will ensure that all Data Subjects will be notified about the data breach via email.
  • What process do you have in place to ensure that safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards? This procedure should be covered in the POPIA policies and procedures manual. It is the duty of the Responsible Person to ensure this process is followed.
  • What processes do you have in place to prevent the reoccurrence of a data breach?If someone is alleged to be in breach of the POPI Act, a complaint may be submitted to the Information Regulator.

    This complaint will be dealt with by an adjudicator. If a person is not happy with the determination of the adjudicator, they can still approach the Information Regulator for another ruling.

    This article must be read in conjunction with the POPI Act which can be downloaded from Act No. 4 of 2013 : Protection of Personal Information Act, 2013

  • What procedure is to be followed when sharing personal information with an external operator? Intermarket must, in terms of a written contract between the responsible party and the operator, ensure that the operator establishes and maintains the required security measures. The operator (Intermarket) must advise immediately if there is the possibility that personal data has been accessed or acquired by any unauthorized person.
  • What procedure is in place to inform the Data Subject that their personal information has been compromised? The Data Subject must be advised via e-mail or in writing immediately if it is suspected that their personal information has been accessed by unauthorized persons. Sufficient information must be provided to allow the Data Subject to put measures in place to safeguard themselves against potential consequences of the security compromise. 
  • What procedure is in place to inform the Information Regulator of any security breach? The Information Regulator must be informed in the event of a security breach where personal information could be compromised. Intermarket has a duty to protect all user information that Intermarket holds, this is in relation to possible security breaches, if a security breach has been indicated, Intermarket’s Information Officer (Megan) will contact the Information Regulator Immediately via email to notify that there has been a breach on the Intermarket Store. Intermarket will follow any and all instructions from the Information Regulator.  

7.  Security Safeguards

Personal information must be kept secure against the risk of loss, unlawful access, interference, modification, unauthorized destruction and disclosure.

  • What procedure do you have in place to identify any foreseeable internal and external risks to personal information?Intermarket is powered by WordPress. WordPress stays on top of vulnerabilities in their software and releases security updates to patch their core files. Whenever WordPress releases an update, Intermarket installs it as soon as we can, since the issues each update solves are public knowledge.

    There are additional measures on Intermarket’s end to keep WordPress functioning at its safest. These include:

    • The User needs to ensure the protection of their login with strong passwords. Additional features like two-factor authentication and plugins to limit login attempts and add captchas are implemented on the Intermarket store to ensure a safe and strong security presence.
    • Intermarket has enabled Web Application Firewall on the store, that can scan the site for malware on a regular basis.
    • Intermarket has enabled SSL so visitors can securely connect to the site.
    • Intermarket is hosted with a secure provider.

 

  • What processes do you have in place to prevent personal information from falling into unauthorized hands? Strict adherence to safety and security policies must be enforced. Intermarket will ensure that all security patches are addressed and vulnerabilities are highlighted and resolved in software, operating systems and drivers. The Data Subjects also have a responsibility to ensure that their operating systems, software and drivers are all maintained to prevent security breaches on the Data Subject side, Intermarket will not be held responsible for negligent Data Subjects that have not adhered to safety and security measures on their operating systems and software, that have been breached.  
  • What procedure do you have in place to establish and maintain appropriate safeguards against the identified risks? Strict adherence to safety and security policies must be enforced. Intermarket will ensure that all security patches are addressed and vulnerabilities are highlighted and resolved in software, operating systems and drivers. Intermarket has enabled Web Application Firewall on the store that can scan the site for malware on a regular basis. Intermarket has enabled SSL so visitors can securely connect to the site. Intermarket is hosted with a secure provider.
  • How do you determine which employees are permitted access to personal information and what information they are permitted to access? Strict policies and procedures are required regarding who has access, and how they gain access, to the personal information in your possession. Only the Administrators, Owner and Information Officer for Intermarket will have access to Intermarket’s Data Subject Personal Information. The Information Regulator will be notified if there is unauthorised access into the Personal Information Page for Data Subjects for Intermarket and in accordance with the guidelines and regulation within the POPIA Act, Intermarket will follow the instruction of the Information Regulator on the matter. There will be harsh penalties and consequences for unauthorised access into the Intermarket Data Subject Information Page for any employee that has accessed the personal information of users; other than the administrators, owners and information officer, this may result in the termination of said employee and other repercussions according to the guidance and counsel of the Information Regulator.
  • What processes do you have in place to alert you when personal information is accessed or modified without authorization? Intermarket has enabled notifications for any and all amendments made to user’s personal information. This means that the Administrators, Owners and Information Officer for Intermarket are notified if any changes are made to any user information.
  • What processes do you have in place to identify the source of a data breach and the procedure to follow to neutralize such breach? Intermarket is powered by WordPress and WordPress stays on top of vulnerabilities in their software and releases security updates to patch their core files. Whenever WordPress releases an update, Intermarket installs it as soon as we can, since the issues each update solves are public knowledge. If a breach occurs on the store, Intermarket will be notified by WordPress and the Web Application Firewall, the Information Regulator must be informed in the event of a security breach where personal information could be compromised. Intermarket has a duty to protect all user information that Intermarket holds, this is in relation to possible security breaches, if a security breach has been indicated, Intermarket’s Information Officer (Megan) will contact the Information Regulator Immediately via email to notify that there has been a breach on the Intermarket Store. Intermarket will follow any and all instructions from the Information Regulator.   
  • What process do you have in place to ensure that safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards?Intermarket is powered by WordPress. WordPress stays on top of vulnerabilities in their software and releases security updates to patch their core files. Whenever WordPress releases an update, Intermarket installs it as soon as we can, since the issues each update solves are public knowledge.

    There are additional measures on Intermarket’s end to keep WordPress functioning at its safest. These include:

    • The User needs to ensure the protection of their login with strong passwords. Additional features like two-factor authentication and plugins to limit login attempts and add captchas are implemented on the Intermarket store to ensure a safe and strong security presence.
    • Intermarket has enabled Web Application Firewall on the store, that can scan the site for malware on a regular basis.
    • Intermarket has enabled SSL so visitors can securely connect to the site.
    • Intermarket is hosted with a secure provider.
  • What procedure is to be followed when sharing personal information with an external operator? A responsible party must, in terms of a written contract between the responsible party and the operator, ensure that the operator establishes and maintains the required security measures. The operator must advise immediately if there is the possibility that personal data has been accessed or acquired by any unauthorized person.Intermarket are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your personal information remains secure.

    Our security policies and procedures cover:

    • Physical security;
    • Computer and network security;
    • Access to personal information;
    • Secure communications;
    • Security in contracting out activities or functions;
    • Retention and disposal of information;
    • Acceptable usage of personal information;
    • Governance and regulatory issues;
    • Monitoring access and usage of private information;
    • Investigating and reacting to security incidents.

    When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

    We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

    We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.

    We may also disclose your information:

    • Where we have a duty or a right to disclose in terms of law or industry codes;
    • Where we believe it is necessary to protect our rights.
  • What procedure is in place to inform the Data Subject that their personal information has been compromised? The Data Subject must be advised via e-mail or in writing immediately if it is suspected that their personal information has been accessed by unauthorized persons. Sufficient information must be provided to allow the Data Subject to put measures in place to safeguard themselves against potential consequences of the security compromise. 
  • What procedure is in place to inform the Information Regulator of any security breach? The Information Regulator must be informed in the event of a security breach where personal information could be compromised. The Information Regulator must be informed in the event of a security breach where personal information could be compromised. Intermarket has a duty to protect all user information that Intermarket holds, this is in relation to possible security breaches, if a security breach has been indicated, Intermarket’s Information Officer (Megan) will contact the Information Regulator Immediately via email to notify that there has been a breach on the Intermarket Store. Intermarket will follow any and all instructions from the Information Regulator.

8.  Data Subject Participation

Data subjects may request whether their personal information is held, as well as the correction and/or deletion of any personal information held about them.

  • What are the Data Subject’s rights regarding access to information being held by you?We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.

    We may also disclose your information:

    • Where we have a duty or a right to disclose in terms of law or industry codes;
    • Where we believe it is necessary to protect our rights.

You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require.  We will need a copy of your ID document to confirm your identity before providing details of your personal information.

Please note that any such access request may be subject to a payment of a legally allowable fee. 

You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

According to the Act ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.  Further to the POPI Act, COR Concepts also includes the following items as personal information:

All addresses including residential, postal and email addresses.

Change of name – for which we require copies of the marriage certificate or official change of name document issued by the state department.

  • What processes do you have in place to ensure such a request from a Data Subject is adhered to? If you have any queries about this notice; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact us at the numbers/addresses listed on our website.
  • What processes do you have in place to allow Data Subjects to correct personal information that you hold or withdraw consent to use such information? The Data Subject has the right to correct the personal information that Intermarket holds. They also have the right to withdraw consent at any time. You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

UPDATE AND REVISION OF POLICY

As the user of this website, you are encouraged to regularly review this page for the latest information on our privacy practices.

 

 

Go to Top