First Implementation Date: 15 June 2021
Last Revision Date: 15 June 2021
1. Introduction
Financial Associates (Pty) Ltd, herein after referred to as FA is required to make Confidential Information, Proprietary Information and Intellectual Property available to the staff members in relation to services, technology and skills related to the financial environment and related to the specific functions performed by FA in rendering of financial services.
FA wishes to protect this Confidential Information and Intellectual property and especially the confidential information of its clients.
2. Scope / Application
The General Code of Conduct stipulates the specific duties for an FSP, it’s staff and a representative. One of these duties is to ensure that the information obtained from a client or product supplier of a confidential nature may not be disclosed.
Confidential information may only be disclosed in the following circumstances:
- If written consent was obtained from the client or product supplier;
- In terms of the law.
Information of a product supplier does not include the information that the FSP or representative is required to provide to a client in terms of the General Code of Conduct, for instance, the name, address and contact details of the product supplier.
The Protection of Personal Information Act 4 of 2013 (POPI Act) places further responsibility on the FSP as a responsible party that processes information to do so within the scope of POPIA.
The FSP is thus required to adopt and implement internal controls to ensure that confidential information remains safe and that these systems should provide for:
- Electronic data security;
- Internal and external cybersecurity;
- Physical security of assets and records;
- System application testing;
- Backup and disaster recovery plans and procedures for systems and electronic data.
3. Role and responsibilities
In compliance with POPIA, Financial Associates has two roles and responsibilities:
• We are a responsible party regarding the client’s personal information, such as emails addresses, phone numbers, billing details and other information used to do business with clients.
• We are the service provider or operator regarding the personal information that the client provides in the form of a database, distribution list, or the like.
4. Privacy Principles
Financial Associates is committed to ensuring that we abide by the following principles when collecting, recording, storing, disseminating and destroying person information and responding to government requests for our users’ data:
- Choice and Consent: We will not contact/solicit you unless you have given us your consent to do so.
- Transparency: We let you know upfront that we will be processing your data in fulfillment of your request. If you cancel your services with FA, we will delete your personal information, except for records we are obliged to store in compliance with FAIS and/or FICA legislation.
- Accountability and Security: We take measures to ensure data is kept safe and prevent loss of, damage to or unauthorized destruction of personal information and unlawful access to or processing of personal information.
- Access: We’ll give you access to any of your personal information that you request unless the request is unlawful.
Client data is always treated as confidential and for the sole purpose of rendering services to you. The information remains confidential and shall not be disclosed unless written consent was obtained, disclosure of the information in terms of any other law.
5. CCTV Surveillance
Financial Associates premises are being monitored by external CCTV Surveillance due to security reasons. FA processes “Personal Information” (which contained in the CCTV surveillance footage) as contemplated in the Protection of Personal Information Act, No. 4 of 2013 (POPI) at all times, taking into account individual’s constitutional right to privacy.
The authorization for the collection, location and access for the CCTV surveillance footage lies with Vigilant CCTV. The Data may be accessed, through Vigilant CCTV systems, with express prior written consent.
6. Compliance
Financial Associates is required to maintain the protection of your confidential information in compliance with the following:
- Protection of Personal Information Act (POPI)
- Consumer Protection Act (CPA)
- Financial Advisory and Intermediary Services Act (FAIS)
- Electronic Communications Act (ECT)
- Financial Intelligence Centre (as Amended) (FICA)
7. Server and Application security
At FA we strive to ensure the security, integrity and privacy of personal information submitted to us. We will review and update security measures in accordance with future legislation and technological advances. Unfortunately, while no data transmission over the internet via emails, cloud backups or other transmissions) can be guaranteed to be totally secure, we will endeavor to take all reasonable steps to protect the personal information of the individual or organization we are provided a service for, whether directly or indirectly.
8. Controls and access to data
Access to client data from within our company is limited to essential staff or specialist contractors that are required to access our systems for client service or maintenance purposes. All our staff and contractors are bound by the requirements of the Acts referred to in clause 6 above and we maintain signed declarations to such effect.
9. Information Maintenance
If your personally identifiable information changes (e.g your email address or cell phone number), or if you no longer desire to use our services, FA encourages you to correct, update or remove the personal information that you provided. This can be done by contacting us.
10. How to Contact Us