Menu

PROTECTION OF PERSONAL INFORMATION ACT (“POPIA”) POLICY

POPIA & Privacy

INTRODUCTION

Compound Growth Wealth Management (Pty) Ltd (“CGWM”) is an authorised financial service provider in terms of the Financial Advisory and Intermediary Services Act, 2002 (“FAIS Act”). We specialise in providing financial advice and estate planning services in respect of high net worth individuals.

BACKGROUND AND PURPOSE OF THIS POLICY

The Protection of Personal Information Act, 2013 (“POPIA”) aims to give effect to the constitutional right to privacy, by safeguarding personal information when processed, regulate the manner in which personal information may be processed and provide persons with rights and remedies to protect their personal information from processing that is not in accordance with POPIA.

We respect the privacy of our clients, partners and service providers and employees and safeguarding their personal information is important to us. To do so, we follow general principles in accordance with POPIA.

We have developed this policy to;

  • Enable you to understand where, why, and how we process and safeguard your personal information.
  • to outline how we ensure compliance with the conditions for the lawful processing of personal information as set out in POPIA and
  • To outline your rights in relation to personal information.

The word “Processing” in this policy means any operation or activity concerning personal information including collection, use, storage, distribution or making available in any form, updating or modification, as well as restriction erasure or destruction of information.

COLLECTION OF PERSONAL INFORMATION

We collect your personal information directly from you or a person legally authorised by you for the purpose of providing you with financial services or products and/or related services such as responding to your queries or instructions.. We will only collect information that we specifically and lawfully need for this purpose.

You will be aware of the information being collected as the information will be declared by you in response to application form or mandate/agreement questions or fields. The purpose for which the information is being collected will be indicated by or agreed upon with you.

The Financial Intelligence Centre Act, 2001 requires us to collect your personal information when we are transacting or establishing a business relation with you, failure to provide this information may prevent us from providing you with financial products or services.

Please be aware of your rights below when providing us with your information;

  • the existence of the right of access to information as per paragraph 12 below.
  • the existence of the right to rectify the information collected as per paragraph 13 below.
  • the existence of the right to object to the processing of personal information for purposes of direct marketing other than direct marketing by means of unsolicited electronic communications as per paragraph 14 below; and
  • the right to lodge a complaint to the Information Regulator (“the Regulator”) and the contact details of the Regulator as per paragraph 15 below.

PROCESSING PERSONAL INFORMATION

We will only process your personal information if you or a person legally authorised by you, the law or a court or a competent person if you are a minor has consented thereto for the purpose indicated by or agreed upon with you in a manner that does not infringe your privacy which may include;

  • For underwriting purposes;
  • To assess and process claims and/or instructions;
  • To confirm and verify your identity or to verify that you are an authorised user for security purposes;
  • For the detection and prevention of fraud, crime, money laundering or other malpractice;
  • To conduct market or customer satisfaction research or for statistical analysis;
  • complying with legal and regulatory requirements;
  • In connection with legal proceedings.

We may share your personal information with our service providers who are involved in the delivery of products or services directly to you. We have agreements in place to ensure that all service providers establish and maintain the security measures with regard to processing of your personal information.

RETENTION AND DESTRUCTION OF RECORDS

We will retain your personal information in order to comply with legal and regulatory requirements, for the prescribed minimum periods are required under FAIS, CISCA and FICA. to keep client records which include personal information for at least five years from the date on which a transaction is concluded or a business relationship is terminated.

We will destroy or delete a record of personal information in a manner that prevents its reconstruction in an intelligible form as soon as reasonably practicable after we are no longer authorised or required to retain the record.

RESTRICTION OF RECORDS

We will restrict processing of your personal information if;

  • you contest its accuracy, for a period enabling us to verify the accuracy of the information,
  • you oppose its destruction or deletion and requests the restriction of its use instead, or
  • you have terminated the business relationship with us, in this case your personal information will only be maintained in order to comply with FICA requirements.

Where processing of personal information is restricted, we will inform you before lifting the restriction on processing.

FURTHER PROCESSING OF PERSONAL INFORMATION

We will further process your personal information subject to your consent, where applicable, in accordance with the purpose for which it was collected. Further processing may also be necessary;

  • to avoid prejudice to the maintenance of the law by us including the prevention, detection, investigation, prosecution and punishment of offences,
  • to comply with an obligation imposed by law or to enforce legislation concerning the collection of revenue as defined in section 1 of the South African Revenue Service Act, 1997 (Act No. 34 of 1997),
  • for the conduct of proceedings in any court or tribunal that have commenced or are reasonably contemplated;
  • or in the interests of national security

PROCESSING OF PERSONAL INFORMATION FOR DIRECT MARKETING

We will process your personal information for the purpose of direct marketing by means of electronic communication only once we have obtained your consent. We will only approach you once in order to request the consent to process personal information for the purpose of direct marketing if you have not previously withheld such consent.

We may process your personal information if you are an existing client of ours for the purpose of direct marketing of our own similar products or services, however, we will give you an option to object to this at the time when we collect your information and on each occasion of communication for the purpose of marketing if you had not initially refused such use.

Any communication for the purpose of direct marketing will contain:

  • details of the identity of the sender; and
  • the contact details to which you may send a request that such communications cease.

QUALITY OF INFORMATION

We take reasonable steps to ensure that the personal information relating to data subjects is complete, accurate, not misleading and updated where necessary; however, it is the responsibility of the data subject to inform us of any changes to personal information which was previously provided.

INFORMATION SECURITY SAFEGUARDS

We secure the integrity and confidentiality of personal information in our possession or under our control by taking appropriate, reasonable technical and organisational measures to prevent;

  • loss of, damage to or unauthorised destruction of personal information; and
  • unlawful access to or processing of personal information. We achieve this by implementing measures to;
  • identify all reasonably foreseeable internal and external risks to personal information in our possession or under our control,
  • establish and maintain appropriate safeguards against the risks identified,
  • regularly verify that the safeguards are effectively implemented; and
  • ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards.
  • Anyone processing personal information on behalf including employees or third-party service providers are contractually required to;
    • process such information only with our knowledge or authorisation,
    • establish and maintain the security measures to prevent loss of, damage to or unauthorised destruction of personal information and unlawful access personal information, and
    • to treat personal information which comes to their knowledge as confidential and must not disclose it, unless required by law or in the course of the proper performance of their duties.
    • immediately notify us where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person.
    • When we contract with third parties, we impose security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

NOTIFICATION OF SECURITY COMPROMISES

Where there are reasonable grounds to believe that your personal information has been accessed or acquired by any unauthorised person, we will as soon as reasonably possible after the discovery of the breach or compromise notify you (if permitted by law) in writing via e-mail to your last known email address, the Regulator will also be informed in this regard.

We will only delay notifying you if a public body responsible for the prevention, detection or investigation of offences or the Regulator determines that notifying you will impede a criminal investigation by the public body concerned.

ACCESS TO PERSONAL INFORMATION

You have the right to;

  • request us to confirm, free of charge, whether we hold personal information about you. To do this, you may send an email to compliance@cgwm.co.za. We will take all reasonable steps to verify your identity before providing you with such confirmation and
  • request from us a record or a description of your personal information held by us, including information about the identity of all third parties who have, or have had, access to the information, we will advise if you are required to pay a fee in this regard prior to providing this service.

CORRECTION OR DELETION OF PERSONAL INFORMATION

You have the right to request us to;

  • correct or delete personal information about you in our possession or under our control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained unlawfully. To do this, you may send an email to compliance@cgwm.co.za. We will take all reasonable steps to verify your identity before correcting or deleting personal information about you that is in our possession or under our control.

OBJECTION TO THE PROCESSING OF PERSONAL INFORMATION

You may object, at any time, to the processing of your personal information;

  • in terms of Section 11 (1)(d) to (f) of POPIA on reasonable grounds relating to your particular situation, unless legislation provides for such processing; or
  • for purposes of direct marketing other than direct marketing by means of unsolicited electronic communications.

To do this, you may send an email to compliance@cgwm.co.za. Once you have objected to the processing of your personal information, we will cease processing that personal information.

COMPLAINTS

Any person may submit a complaint to the Regulator on Part I of Form 5 of the POPI Regulations alleging interference with the protection of the personal information of that person to

complaints.IR@justice.gov.za

Address of the Regulator: JD House, 27 Siemens Street, Braamfontein, Johannesburg 2001

CGWM INFORMATION OFFICER

All requests or queries relating to personal information may be sent to our Information Officer at compliance@cgwm.co.za

CloseMenu

Global Markets are changing. Making your investments go Further requires innovative thinking.

Subscribe to our "Monthly comment"

  • +27-11-591 0596
  • hello@cgwm.co.za
  • 158 Standard Drive, Randburg