Vodacom Insurance Company (RF) Limited: Privacy Notice

ABOUT OUR PRIVACY NOTICE AND COOKIES POLICY

Our Privacy Notice and cookies policy gets updated from time to time. Whenever we make a change, we’ll post this on our website and let you know if there is a material change.

This Privacy Notice applies to any website, application form, platform, mobile app, terms and conditions, product or service which references this Privacy Notice.  

We have revised our Privacy Notice and Cookies policy, refreshing it to ensure compliance with applicable laws and regulations relating to the processing of personal information, including but not limited to the Protection of Personal Information Act, 2013 (POPIA), the POPIA Regulations, 2018, the Electronic Communications and Transactions Act, 2002, the Constitution of the Republic of South Africa, 1996 (Constitution), the Short-Term Insurance Act, 53 of 1998, the Consumer Protection Act, 2008, the Promotion of Access to Information Act, 2000, the Protected Disclosures Act, 2000 (as amended by the Protected Disclosures Amendment Act, No. 5 of 2017), the Cybercrimes Act, 2020, and all other applicable laws, regulations, codes of practice and guidance issued and in force from time to time relating to data protection, privacy, and the processing of personal information.

Notification of changes to Privacy Notice

We are continually improving our methods of communication and adding new functionality and features to our existing products and services. Because of these ongoing changes, changes in the law and the changing nature of technology, our data protection practices will change from time to time.  If and when our data protection practices change, we will update this Privacy Notice to describe our new practices.  If we do, we will notify you the next time you visit this site or interact with us through any of our other communication channels. We encourage you to check this page regularly. 

HOW TO USE THIS PRIVACY NOTICE AND COOKIES POLICY

In this Privacy Notice, we explain how we collect, use, share and protect your personal information when you use our products and services and our website and mobile app.

It is important to note that when you engage with us, you acknowledge that we require your personal information, as defined in POPIA and other related regulations and need to process such personal information to provide products or services to you for purposes including to confirm, update and enhance our records, to confirm your identity and additional purposes as detailed below and in other supplementary privacy policies and statements linked to specific services that you subscribe to. 

The provision of your personal information in terms of this Privacy Notice is mandatory and you will not be able to continue using our products and services, should you object to providing us with such information.

WHO WE ARE

We are Vodacom Insurance Company (RF) Limited.

Our registered office is Vodacom Corporate Park, 082 Vodacom Boulevard, Midrand, 1685. We are registered in the Republic of South Africa under company number 2011/117744/06.

In this Privacy Notice:

·       “we/us/our” means Vodacom Insurance Company (RF) Limited,

·       “third party” means someone who is not you or us

·       “Vodacom Group” means Vodacom Group Limited and any company or organisation in which Vodacom Group Limited owns more than 30% of the share capital

·       “Vodafone Group” means Vodafone Group Plc and any company or other organisation in which Vodafone Group Plc owns more than 15% of the share capital

·       “Personal information” refers to personal information about you as defined in POPIA and  includes without limitation MSISDN information, (a unique identifier which is linked to  your mobile phone number),race, gender, nationality,marital status, age, physical or mental health, disability, language, education, identity number,telephone number, email, postal address, biometric information, and financial, criminal oremployment history.

·       “Process (or processing)” means to any operation or activity, whether automated or not, concerningpersonal information, including: collection, receipt, recording, organisation, collation, storage,updating or modification, retrieval, alteration, consultation, use, dissemination by means oftransmission, distribution or making available in any other form, merging, linking, as well as blocking,degradation, erasure or destruction of information.

How to contact us

Your opinion matters to us – if you have any questions about our Privacy Notice and Cookie Policy or your privacy settings, please submit your query to [email protected] and a member of our dedicated team will respond to you. If you would like to mail us by post directly, send it to:

The Information Officer – Ms Natasha Pershad

Vodacom Insurance Company (RF) Limited

Vodacom Corporate Park

082 Vodacom Boulevard

Midrand

1685

 

Our principles

We are committed to respecting your privacy. We take privacy, security and complying with data protection and privacy laws seriously.

Here are Vodacom Group’s core Privacy Commitments. We aim to put these commitments at the heart of everything we do.

 

PERSONAL INFORMATION WE COLLECT ABOUT YOU

The information we collect about you and how we collect it can vary depending on the products and services that you use and subscribe to, how you have used the products and services, how you have interacted with us even if you aren’t a customer, or what we have obtained from a third party with permission to share it with us.

To find the privacy supplements for all our products and services, please go to the 'Privacy and our products and services' section of this Privacy Portal.

We will process your personal information based on:

We will collect your personal information when you, for example:

Where relevant, from third-party sources, such as other entities within the Vodacom Group, such as Vodacom (Pty) Ltd, intermediaries that are representatives of us or have intermediary agreements with us.

We are required to take all reasonably practicable steps to ensure your personal information is complete, accurate, not misleading and updated on a regular basis. To ensure this, we will always endeavour to obtain personal information from you directly. Where we are unable to do so, we will make use of verifiable independent third- party data sources, who have the necessary authority to provide us with such information. We also collect information from certain organisations, where appropriate and to the extent we have legal grounds to do so. These include fraud-prevention agencies, business directories, credit check reference/vetting agencies, billing calculating agencies and connected network providers.

We may also collect information about you on CCTV when you visit our premises or on other security cameras as part of our security and crime prevention measures.

Understanding what you want (the use of cookies)

We use cookies (small text files stored in your browser) and other techniques such as web beacons (small, clear picture files used to follow your movements on our website). This, in turn, helps us make our Website relevant to your interests and needs. They also help us find information once you have logged in or help us link your browsing information to you and your personal information, for example, when you choose to register for a service.  We may use a persistent cookie (a cookie that stays linked to your browser) to record your details so we can recognise you if you visit our Website again.

Cookies by themselves cannot be used to discover your identity. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not. If you choose not to accept cookies from our Website this may limit its functionalities or performance.

INFORMATION THAT WE PROCESS

The types of information we may process are, where applicable:

We’ll also get information about how you use our products and services, such as:

HOW WE USE YOUR PERSONAL INFORMATION

We will use, process and analyse your personal information for the following purposes:

To provide you with your services

Processing your order and providing you with your products and services

Billing and customer care

Service messages

To improve our service

Improving and innovating our products and services

·       We conduct surveys to understand various aspects of our interaction with you, the use of our services and products and the network.

Marketing and tailoring our service to you

Marketing

Advertising online

Research and analytics

We use a variety of analytics methods including what is commonly referred to as “Big data analytics”. Big data analytics are mathematically driven analysis techniques on large and varied data sets (that is why it is “big” data) to uncover hidden patterns and hitherto unrevealed trends. At Vodacom Insurance Company (RF) Limited we take governance of big data analytics seriously. Our data scientists are required to adhere to a Code of Ethics. We have a strict use case process that requires that privacy and data protection law checks are carried out before any use case commences. We also have strict rules ensuring that personal information is protected at the appropriate stage in the process.

We use our analytics to, for example:

·       Provide reports to third parties (such reports don’t contain information which may identify you as an individual). These can be to third parties such as content providers, research companies and advertisers or as part of our analytics.

 

 

Credit checks, fraud prevention and security

We will sometimes need to profile you, for credit, fraud and security purposes. When we conduct such profiling activities, we will do so in accordance with the provisions of the relevant legislation or lawful requirement.

Credit checks and ID

We will also use your personal information for identity verification purposes, for access to your account and for general account management. We sometimes supplement the information we collect about you with information from other sources (for example, home affairs, the voters roll and credit reference agencies) to assess the accuracy of the information that we hold.

Fraud prevention and security

We will process your personal and traffic data in order to protect against and detect fraud, to protect and detect misuse or damage to our networks, to recover debts or trace those who owe us money resulting from the use of our services.

Automated Decisions

There may be instances where we will process your personal information through a secure automated tool, or perform profiling and make decisions, based on such profiling, that may affect you significantly. An example of automated decision making is the approval or declining of an insurance claim. If you are unhappy about the outcome of such a decision or would like further information on how such outcome was reached, please contact 082 1952.

HOW WE SHARE YOUR PERSONAL INFORMATION

Where applicable, we share information about you with:

Fraud management and law enforcement

Mergers and acquisitions

 If we become involved in a proposed or actual merger, acquisition, or any form of sale of assets, we may use and disclose your personal information to third parties in connection with the evaluation of the transaction. Any acquiring company would have access to your personal information.

Third parties that we work with

Where you’ve purchased our products and services using a third party or partner organisation, we often need to exchange information with them as part of managing that relationship and your account – for example, to be able to manage your insurance policy or settle your insurance claim of Vodacom Insurance Company (RF) Limited.

If we have a contract with a service provider or contractor to provide us with services or provide a service on our behalf, and they may have access to your personal information, we don’t authorise them to use or disclose your personal information except in connection with providing their services.  We ensure that all our service providers and contractors align to our policies and requirements.

We collect and combine information in order to monitor your use of products and services, and that of our other customers, as well as to help us to improve the quality of our products and services.

Insurance and value-added products that you buy through your Vodacom (Pty) Ltd account

Where you buy our insurance products or a valued added products or services through your Vodacom Subscription account. Vodacom Insurance Company (RF) Limited may charge the amount directly to your bill as part of its arrangements with Vodacom Group (Charge to Bill service for mobile). As part of this, you are agreeing that Vodacom Insurance Company (RF) Limited may obtain certain personal information from Vodacom Group to fulfil the collection of fees or premiums using the Charge to Bill services.

INTERNATIONAL DATA TRANSFERS

If you are visiting this Website from a country other than South Africa the various communications will necessarily result in the transfer of information across international boundaries.

We may also need to transfer your information to other Vodafone or Vodacom Group companies or service providers in countries outside South Africa, in which case we will ensure that you are adequately notified about such transfer and the applicable data protection measures that will be applied to your personal information for the purpose of such transfer, transfer your personal information outside of the borders of South Africa, we will ensure that the third party recipient is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection for your personal information that are substantially similar to the data protection laws applicable to South Africa.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?

We may not retain your personal information any longer than is necessary for achieving the purpose for achieving the purpose for which your personal information was collected or subsequently processed, unless:

§  The retention of your personal information is required or authorised by law

§  We reasonably require your personal information for lawful purpose related to our function or activities

§  The retention of your personal information is required by a contract that we enter into with you

§  You or competent person consent to the retention of personal information relating to a child.

KEEPING YOUR PERSONAL INFORMATION SECURE

We have specialised security teams who constantly review, improve , and ensure the implementation of appropriate, reasonable technical and organisational measures to protect your personal information from unauthorised access, accidental loss, disclosure or destruction.  We are required in terms of POPIA to notify you and the Information Regulator, if any of your personal information has been compromised.

Communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered, as this is the nature of the internet.

We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

We’ll never ask for your secure personal or account information by an unsolicited means of communication. You’re responsible for keeping your personal and account information secure and not sharing it with others.

Our website may provide links to third-party websites. We cannot be responsible for the security and content of such third-party websites. You are therefore required to make sure you read that company’s privacy and cookies policies before using or putting your personal information on their site.

The same applies to any third-party websites or content you connect to using our products and services.

You may choose to disclose your information in certain ways such as social plug-ins (including those offered by Google, Facebook, Twitter and Pinterest) or using third-party services that allow you to post reviews or other information publicly, and a third party could use that information.

Social plug-ins and social applications are operated by the social network themselves and are subject to their own terms of use and privacy and cookies policies. You should make sure you’re familiar with these.

UNAUTHORISED THIRD PARTY ACCESS TO YOUR INFORMATION

Despite the security measures we have in place to protect your personal information (firewalls, password access and encryption methods) you acknowledge that it may be accessed by unauthorised third party, e.g. as a result of an illegal activity.

In the unlikely event of such access, we will notify you, where possible, via email, SMS or using the address you have provided us within a reasonable time of such occurrence.

YOUR RIGHTS

Below we set out details on how you can exercise your rights. If you have a question or cannot find the answer, please contact our Customer Services team.

Right to access personal information

You have the right to request a record or description of the personal information that we hold about you. This includes the right to request us to confirm, free of charge, whether or not we hold any personal information about you; as well as information about the categories of third parties who have, or have had, access to your personal information. To make this request as an individual or an authorised third party, visit our Subject Access Rights page of this Privacy Portal which gives details on how to do this. Alternatively, you can contact our Customer Services team.

Right to correct personal information

You have the right to correct information held about you if it’s not accurate, out-of-date, excessive, irrelevant, or misleading. If the information we hold about you is inaccurate or needs to be updated, you can contact our Customer Service team.

Right to object to use of personal information

You have the right, in certain circumstances, to object to our processing your personal information. In order for us to provide you with products and services, we are required to process your personal information and as such the provision of your personal information is mandatory and you may not object to same in order to continue using our products or services.  For more information or to exercise this right, please contact our Customer Services team. If this relates to an automated decision performed on you (this means with no human involvement), please let us know and we will review your request. 

To opt out of marketing messages

If you no longer want to receive marketing messages from us, you can choose to opt out at any time. If you’ve previously opted in to receive personalised content based on how and where you use our network, you can also opt out at any time.

You can opt out in the following way:

 

If you’re opted out of marketing, you may still receive service-related messages.

Please note: You may still receive marketing messages for up to 7 (seven) days after opting out while we update our records.

You may have received marketing from us even if you’re not a customer or have never had contact with us. This is a result of third-party marketing lists which we may acquire from time to time, stating that you have given permission to be contacted by other organisations. If you’ve registered with us to opt out of marketing from Vodacom Insurance Company (RF) Limited, you shouldn’t receive such communications. If you still do, we ask that you let us know immediately by contacting our customer care team. This will only stop marketing from us and not stop the third parties from sharing your personal information unless you contact them directly.

How to lodge a complaint

If you want to contact us about any of your rights or should you believe that we have has used your personal information contrary to applicable law, you undertake to first attempt to resolve any concerns with usdirectly. Kindly contact our customer care team. We will do our best to help but if you are still unhappy, you can contact the Privacy Office at [email protected].  If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator at:

 

The Information Regulator (South Africa)

JD House

27 Stiemens Street

Braamfontein

Johannesburg

2001

 

Email: [email protected]

 

Complaints email: [email protected]

Right to restrict use of your personal information

If you feel that the personal information we hold on you is inaccurate, or you believe we shouldn’t be processing your personal information, please contact our Customer Services team to discuss your rights. In certain circumstances, for example where you contest the accuracy of your information, or where we no longer require your information for achieving its purpose but must maintain it for purposes of proof, you have the right to ask us to restrict processing.

Right to deletion

We strive to only process and retain your personal information for as long as we need to. In certain circumstances, for example, where you indicate that your personal information is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained unlawfully, you have the right to request that we erase your personal information that we hold. If you feel that we are retaining your personal information longer than we need, it is worth first checking that your contract with us has been terminated, which you can do with Customer Services. If your contract with us has been terminated, we may still have lawful grounds to process your personal information.