Can!do Privacy Notice

1. Introduction

Can Do Holdings and its subsidiaries (collectively “Can!do” “us” and “we”) are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently.

This Privacy Notice describes how Can!do obtain, use and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).

It applies to personal information that we collect from you during your interactions with us, whether online, including through our website (including mobile sites) and social media sites (“Sites”), mobile applications (“Apps”) (collectively “Online Services”) that link to this Privacy Notice, in writing or orally, or personal information that we may collect offline or receive from third parties.

2. The type of personal information we collect

Personal information is any information that identifies you as an individual or relates to you as an identifiable individual. Depending on how you interact with us, personal information we collect may include:

  • your name;
  • e-mail address;
  • postal address;
  • telephone number;
  • log-in and account information for authentication purposes and account access;
  • your gender; and
  • social media account information.

We may also collect other information that does not personally identify you. Such other information includes browser and device information, website and application usage information, IP addresses, demographic information such as marketing preferences, geographic location, primary language, and information collected through cookies and other technologies or information that has been anonymised or aggregated. If we link this information with your personal information, we will treat that linked information as personal information.

You can choose not to provide personal information to us when requested. However, if this is necessary to provide you with our solutions and services, access to our Online Services, or to perform administrative functions, we may be unable to do these things.

3. Sensitive personal information

We do not collect sensitive personal information about you, e.g. information relating to your health, religion, political beliefs, race or sexual orientation and ask that you do not send or provide this information to us.

4. How we collect your personal information

We may collect your personal information from you in a variety of ways when you interact with us, including:

  • when you access our Online Services, or interact with us in any other way, or use our solutions and services.

We collect personal information when you place orders for our solutions and services, you create an account with us, we process your orders and payment transactions, perform administrative and business functions, market our solutions and services to you and when you register for our events, workshops and seminars or subscribe to our mailing lists and newsletters.

  • when you communicate with us.

We collect personal information when we respond to your inquiries and requests, obtain feedback from you about our solutions and services or you apply for employment with us.

  • from third party sources.

We collect personal information from third parties, including public databases, social media sites, business partners with whom we offer co-branded services or engage in joint marketing activities and third parties that provide list enhancement or similar services.

When you use our Online Services, we may, and third parties we engage may automatically collect information, including personal information through use of cookies and similar technologies. For more information, see the “Cookies and Similar Technologies” section below.

5. Legal basis for processing your personal information

When we process your personal information in connection with the purposes set out in this Privacy Notice, we may rely on one or more of the following legal bases, depending on the purpose for which the processing activity is undertaken and the nature of our relationship with you:

our legitimate interests (or those of a third party with whom we share your personal information) for the purpose of managing, operating or promoting our business, including direct marketing, and intra group transfers of personal information for business and administrative purposes, except where such interests are overridden by your interests or fundamental rights or freedoms which require protection of personal information.

  • where this is necessary to comply with a legal obligation on us.
  • to protect the vital interests of any individual.
  • where you have consented.

6. Use of your personal information

In terms of the Protection of Personal Information Act (POPIA), the justification ground which we base our processing on consist of the following:

  • The data subject or a competent person where the data subject is a child consents to the processing. Kindly note that you have the right to withdraw your consent;
  • The processing is necessary to carry out actions for the conclusion or performance of a contract to which the data subject is a party;
  • The processing complies with an obligation imposed by law on the business;
  • The processing protects a legitimate interest of the data subject;
  • The processing is necessary for the proper performance of a public law duty by the business; or
  • The processing is necessary for pursuing the legitimate interests of the business or of a third party to whom the information is supplied.

We may use your personal information to:

  • enable you to effectively use and to improve our solution and services. For example, to:
  • perform administrative and business functions and internal reporting.
  • send administrative information to you.
  • obtain feedback from you about our services and solutions including through client satisfaction surveys, in which event, we will only use your personal information for the sole purpose of sending you a survey.
  • respond to your inquiries and fulfil requests by you.
  • assess the performance of our Online Services and to improve their operation.
  • inform you about and provide you with our services and solutions.
  • update our records and keep contact details up to date.

We engage in these activities:

To manage our contractual relationship with you, to comply with our legal obligations, or for our legitimate business interests.

To provide you with marketing materials and to personalise your experience. For example, to:

  • send marketing communications to you.
  • provide you with a more personalised experience when you interact with us.
  • enable you to subscribe to our newsletters and mailing lists.
  • enable you to register for Can!do events and workshops.
  • We engage in these activities with your consent or for our legitimate business interests.

To achieve our business purposes and analyse information. For example, to:

  • establish, manage, and maintain our business relationship with you.
  • compile usage statistics for our Online Services.
  • recruit staff.
  • process and respond to privacy requests, questions, concerns and complaints.
  • fulfil legal and contractual obligations.

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation and for our legitimate business interests.

7. Sharing your personal information

  • We may share your personal information for the purposes set out in this Privacy Notice (as applicable):
  • with our affiliates and subsidiaries for the purposes set out in this Privacy Notice. A list of our affiliates is available here. Can Do Holdings Pty Ltd is the party responsible for the management of jointly used personal information.
  • with business partners with whom we offer co-branded services or engage in joint marketing activities.
  • with service providers to provide operational services or facilitate transactions on our behalf, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, email delivery, information analytics and auditing.
  • where you consent to the sharing of your personal information.
  • in connection with, any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company.
  • for other legal reasons.

We may share your personal information in response to a request for information by a competent authority in accordance with, or required by any applicable law, regulation or legal process;

  • where necessary to comply with judicial proceedings, court orders or government orders; or
  • to protect the rights, property or safety of Can!do, its business partners, you, or others, or as otherwise required by applicable law.

Any third parties with whom we share personal information are contractually required to implement appropriate information protection and security measures to protect personal information and are not permitted to use personal information for any purpose other than the purpose for which they are provided with or given access to personal information.

8. Security of your personal information

Can!do is committed to protecting your personal information from accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure by using a combination of physical, administrative and technical safeguards and contractually requiring that third parties to whom we disclose your personal information do the same.

9. Collection of information by “Cookies” and Similar Technologies

You are aware that information and data is automatically collected through the standard operation of the Internet servers and through the use of cookies. Cookies are small text files a Website can use to recognise repeat users, facilitate the user’s ongoing access to and use of the Website and allow a Website to track usage behaviour and compile aggregate data that will allow content improvements and targeted advertising. Cookies are not programs that come onto your system and damage files. Generally, cookies work by assigning a unique number to you that has no meaning outside the assigning site. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature; however, you should note that cookies may be necessary to provide you with certain features available on our Websites. We use cookies to assist us with activities such as:

  • enabling you to sign in to our Online Services;
  • authenticating you;
  • keeping track of information you have provided to us;
  • improving your browsing experience;
  • customising our interactions with you;
  • storing and managing your preferences and settings;
  • compiling statistical information;
  • analysing the performance and usability of our Online Services;
  • measuring traffic patterns for our Online Services; and
  • determining which areas of our Online Services have been visited.

These technologies collect information that your browser sends to our Online Services including your browser type, information about your IP address (a unique identifier assigned to your computer or device which allows your PC or device to communicate over the Internet), together with the date, time and duration of your visit, the pages you view and the links you click.

Our Online Services may also contain web beacons or similar technologies from third party analytics providers, through which they collect information about your activities across our Online Services to help us compile aggregated statistics.

10. Links to third party websites and applications

Our Online Services may contain links to third party websites and applications. We are not responsible for and make no representations or warranties in relation to the privacy practices or content of any third party websites and applications. Your use of such sites and applications is subject to the applicable third party privacy Notice and is at your own risk.

11. Direct marketing

We may send you direct marketing communications about our solutions and services. You can choose whether you wish to receive marketing communications from Can!do by email, SMS, post and phone. You may opt out of receiving marketing materials from us at any time and manage your communication preferences by:

following the unsubscribe instructions included in each marketing email or SMS text message from us. Or by sending an email to connect@cando.co.za; or writing to:

Can!do
Attention: The Information Officer
Boulevard West Business Park
Cypress Place North
142 Western Services Road
Woodmead

Include your details and a description of the marketing material you no longer wish to receive from us. We will comply with your request as soon as is reasonably practicable.

If you opt out of receiving marketing related communications from us, we may still send you administrative messages as part of your ongoing use of our solutions and services, which you will be unable to opt out of.

We do not provide your personal information to unaffiliated third parties for direct marketing purposes or sell, rent, distribute or otherwise make personal information commercially available to any third party.

12. Retaining your personal information

We will retain your personal information for as long as is necessary to fulfil the purpose for which it was collected unless a longer retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements. The criteria we use to determine retention periods include whether:

  • we are under a legal, contractual or other obligation to retain personal information, or as part of an investigation or for litigation purposes;
  • personal information is needed to maintain accurate business and financial records;
  • there are automated means to enable you to access and delete your personal information at any time;
  • the personal information is sensitive personal information in which event we will generally retain this for a shorter period of time;
  • you have consented to us retaining your personal information for a longer retention period, in which case, we will retain personal information in line with your consent.

Your data protection rights:

  • You are entitled to access your personal data by sending a written request to connect@cando.co.za.
  • You may also request Can!do to correct or supplement any of your personal data which Can!do will undertake as soon as practicable.
  • Request the destruction of your personal data. Can’do’s Information Officer will consider your request in light of any other laws or regulations prohibiting Can!do from destroying your personal data.

You are not required to pay any charge for exercising your rights. Can!do will respond to any requests within a month.

13. How to contact us

If you have any questions about how your personal information is handled by Can!do, you have a privacy concern or you wish to make a request or a complaint relating to your personal information, please contact us.

You can reach us at connect@cando.co.za or at:

Can!do
Boulevard West Business Park
Cypress Place North
142 Western Services Road
Woodmead

14. How to complain:

If you have any concerns about Can!do’s use of your personal information, you can direct your complaint to us at connect@cando.co.za

You can also complain to the Information Regulator if you are unhappy with how we have used your Information.

Their contact details are as follows:

The Information Regulator (South Africa)

33 Hoofd Street
Forum III, 3rd Floor Braampark
P.O. Box 31533
Braamfontein
Johannesburg
2017

Complaints email: complaints.IR@justice.gov.za

 

Last modified: 12 July 2021