Privacy Policy
1. INTRODUCTION
The FAIS Act and the Protection of Personal Information Act, 2013 (“POPIA”) ensure the protection of personal data, with POPIA delineating 8 data protection principles applicable to all data concerning companies, staff, and Clients. Additionally, the Promotion of Access to Information Act, 2 of 2000, addresses access to such information and outlines instances where access may be refused.
2. PURPOSE
Data privacy and protection are paramount to Stocks+Wealth Financial Planning, hereafter referred to as S+W, a licensed financial services provider. This Policy articulates the POPIA principles aligned with existing FAIS requirements, aimed at safeguarding all data by S+W and relevant parties. The Policy encompasses all data acquired through S+W’s products, services, websites, events, or any other means.
3. DEFINITIONS
Information: Refers to any data pertaining to the Data Subject, including personal information.
Data Subject: The individual to whom the personal information relates, encompassing Clients, staff, and/or company information.
Processing: Denotes any use of a Data Subject’s information by any means.
4. THE 8 POPIA PRINCIPLES
Principle 1: Accountability: S+W must designate an Information Officer responsible for implementing and enforcing the 8 POPIA information principles.
Principle 2: Processing Limitation: Only necessary information, obtained directly from the relevant individual with their consent, should be processed for lawful purposes.
Principle 3: Purpose Specification: Personal information should be collected for specific purposes, with the Data Subject made aware of the collection purpose.
Principle 4: Further Processing Limitation: Subsequent processing of Personal Information must align with the initial purpose of collection.
Principle 5: Information Quality: Reasonable measures must ensure that all information collected is accurate, complete, and not misleading, in line with the collection purpose.
Principle 6: Openness: Transparent communication is essential during information collection, with the Party collecting the Information informing the applicable regulator and ensuring Data Subjects are aware of the collection.
Principle 7: Security Safeguards: Technical and operational measures must safeguard the integrity of information under a party’s control.
Principle 8: Data Subject Participation: Data Subjects have the right to request confirmation from the party holding their Information, free of charge, and may request amendments or deletions.
5. PRACTICAL IMPLICATIONS OF THE POPIA DATA PROTECTION PRINCIPLES
(i) Appointment of the Information Officer
As the sole proprietor, Robert Taylor, licensed FSP trading as Stocks+Wealth Financial planning, bears responsibility for all information. Robert Taylor can be reached at 021-433-1934 or via Email: admin@stocksandwealth.co.za.
(ii) Information Purpose
The type of information collected depends on the purpose for which it is collected and used. S+W gathers necessary information from Data Subjects for various purposes, including rendering financial and administrative services, improving service offerings, providing relevant resources, appointing suitable service providers, and ensuring legislative compliance.
(iii) Access to Information
Data Subjects have the right to request a copy of their information held by S+W. Requests can be made by contacting the Information Officer. Access may be subject to an allowable administration fee. S+W will not disclose information unless agreed with the Data Subject, already publicly available, in the public interest, required by law, or if S+W believes, in good faith, that the law necessitates disclosure.
(iv) Collection of Information
General
S+W collects information through various means, including direct acquisition from individuals (e.g., when purchasing financial products), employers, publicly available sources, and through cookies or similar technology. S+W informs Data Subjects about the information legally required and optional for them to provide.
With Data Subject consent, S+W may supplement information with data from other entities, such as the South African Revenue Services (SARS), to facilitate the provision of suitable services.
User Supplied Information
Data Subjects may be required to provide personal information, such as name, address, phone number, email address, and payment card information, as a result of using or receiving financial services or products. S+W stores this information in a contact database for future reference.
Marketing
S+W may use information provided by Data Subjects for offering further services or conducting market research, subject to prior consent. Data Subjects can unsubscribe from services or contact the Information Officer to opt out.
Usage and Web server logs
S+W may track a Data Subject’s usage and visits on the Stocksandwealth.com website. Information collected may include the Data Subject’s unique internet protocol address, Internet Service Provider, location, browser type, page views, and searches conducted. This information aids in administering services, analyzing usage, protecting content, and enhancing user experience.
Cookies
S+W utilizes cookies to offer customized services and track user information. Cookies store limited data about the Data Subject’s use of S+W’s services, products, or website, enabling access to secure areas and personalizing content. Retaining of Information
S+W may retain personal information for reporting, administration, monitoring, or communication purposes. Information is retained until the collection purpose is fulfilled, subject to regulatory requirements. Client and/or employee records are stored for five years before disposal.
(v) Correcting/Amending/Updating/Deletion of Information
Data Subjects must inform S+W of any changes to their information. Requests for corrections, amendments, updates, or deletions can be made to the Information Officer. S+W verifies the Data Subject’s identity before making changes.
(vi) Information Security
S+W takes reasonable precautions to protect information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Information is not sold, rented, or leased to third parties, except as necessary for enhancing services or meeting legal obligations.
S+W implements security measures, including restricted access servers, monitoring, intrusion detection, and virus protection software. Information may be stored and processed outside S+W’s premises or the Data Subject’s country, with measures in place to ensure compliance with relevant Data Protection/Privacy laws.
Access to some services and content may be password protected, and non-disclosure of usernames and passwords is required. S+W is committed to safeguarding Data Subject information and may transfer information globally in compliance with regulations.
Persons/employees/parties are prohibited from disclosing information to unauthorized third parties, which may result in breach consequences. While S+W endeavours to ensure information protection, it cannot guarantee security for electronically transmitted information. Compliance with Data Protection/Privacy regulations and industry standards remains a priority.
Despite efforts to ensure information protection, transferring personal information to countries with different data protection/privacy laws may not guarantee the same level of protection. By providing information to S+W, Data Subjects consent to such transfers.