ABOUT OUR PRIVACY NOTICE AND COOKIES POLICY
Our Privacy Notice and cookies policy gets updated from time to time. Whenever we make a change, we’ll post this on our website and let you know if there is a material change.
This Privacy Notice applies to any website, application form, platform, mobile app, terms and conditions, product or service which references this Privacy Notice.
We have revised our Privacy Notice and Cookies policy, refreshing it to ensure compliance with applicable laws and regulations relating to the processing of personal information, including but not limited to the Protection of Personal Information Act, 2013 (POPIA), the POPIA Regulations, 2018, the Electronic Communications and Transactions Act, 2002, the Constitution of the Republic of South Africa, 1996 (Constitution), the Long-Term Insurance Act, 1998, the Insurance Act, 2017, the Consumer Protection Act, 2008, the Promotion of Access to Information Act, 2000, the Protected Disclosures Act, 2000 (as amended by the Protected Disclosures Amendment Act, 2017), the Cybercrimes Act, 2020, and all other applicable laws, regulations, codes of practice and guidance issued and in force from time to time relating to data protection, privacy, and the processing of personal information.
Notification of changes to Privacy Notice
We are continually improving our methods of communication and adding new functionality and features to our existing products and services. Because of these ongoing changes, changes in the law and the changing nature of technology, our data protection practices will change from time to time. If and when our data protection practices change, we will update this Privacy Notice to describe our new practices. If we do, we will notify you the next time you visit this site or interact with us through any of our other communication channels. We encourage you to check this page regularly.
HOW TO USE THIS PRIVACY NOTICE AND COOKIES POLICY
In this Privacy Notice, we explain how we collect, use, share and protect your personal information when you use our products and services and our website and mobile app.
It is important to note that when you engage with us, you acknowledge that we require your personal information, as defined in POPIA, and need to process such personal information to provide products or services to you. In addition, we will also process your personal information for purposes of, inter alia, confirming, updating and/or enhancing our records of you. Furthermore, we may also process your personal information for additional purposes as detailed below and in other supplementary privacy policies and statements linked to specific services that you subscribe to.
The provision of your personal information in terms of this Privacy Notice is mandatory and you will not be able to continue using our products and services, should you object to providing us with such information.
WHO WE ARE
We are Vodacom Life Assurance Company (RF) Limited.
Our registered office is Vodacom Corporate Park, 082 Vodacom Boulevard, Midrand, 1685. We are registered in the Republic of South Africa under company number 2011/117760/06.
In this Privacy Notice:
- “we/us/our” means Vodacom Life Assurance Company (RF) Limited ,
- “third party” means someone who is not you or us
- “Vodacom Group” means Vodacom Group Limited and any company or organisation in which Vodacom Group Limited owns more than 30% of the share capital
- “Vodafone Group” means Vodafone Group Plc and any company or other organisation in which Vodafone Group Plc owns more than 15% of the share capital
- “Personal information” refers to personal information about you as defined in POPIA and includes without limitation MSISDN information, (a unique identifier which is linked to your mobile phone number), race, gender, nationality, marital status, age, physical or mental health, disability, language, education, identity number, telephone number, email, postal address, biometric information, and financial, criminal or employment history.
- “Process (or processing)” means to any operation or activity, whether automated or not, concerning personal information, including: collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, use, dissemination by means of transmission, distribution or making available in any other form, merging, linking, as well as blocking, degradation, erasure or destruction of information.
How to contact us
The Information Officer – Mr. Jacques Du Preez
Vodacom Life Assurance Company (RF) Limited
Vodacom Corporate Park
082 Vodacom Boulevard
We are committed to respecting your privacy. We take privacy, security and complying with data protection and privacy laws seriously.
Here are Vodacom Group’s core Privacy Commitments. We aim to put these commitments at the heart of everything we do.
PERSONAL INFORMATION WE COLLECT ABOUT YOU
The information we collect about you and how we collect it can vary depending on the products and services that you use and subscribe to, how you have used the products and services, how you have interacted with us even if you aren’t a customer, or what we have obtained from a third party with permission to share it with us.
To find the privacy supplements for all our products and services, please go to the 'Privacy and our products and services' section of this Privacy Portal.
We will process your personal information based on:
- The performance of your contract or to enter into the contract and to take action on your requests. We may also need to conduct credit checks when you apply for a product or service, depending on the product or service.
- Vodacom Life Assurance Company (RF) Limited’s legitimate business interests, for example, fraud prevention, maintaining the security of our products and services, direct marketing, and the improvement of our services. Whenever we rely on this lawful basis to process your personal information, we assess our business interests to make sure they do not override your rights.
- Compliance with a mandatory legal obligation, including for example, insurance, accounting and tax requirements, which are subject to strict internal policies , procedures, and your right to restrict usage of your personal information, which control the scope of legal assistance to be provided. We are also required to also process your personal information pursuant to legislation including, but not limited to, the Financial Intelligence Centre Act, 2001 (FICA), the Insurance Act, 2017, the Long-Term Insurance Act, 1998, the Electronic Communications and Transactions Act, 2002, the Consumer Protection Act, 2008, the Promotion of Access to Information Act, 2000, and/or the Cybercrimes Act, 2020.
- Consent you provide where we do not rely on another legal basis (referred to above). Consent may be withdrawn at any time. When you give your consent, you will be given details on how to change your mind or visit the 'Your rights' section of this Privacy Notice for more information. Please note that the withdrawal of your consent will not have any bearing or impact on our processing of your personal information up until such a withdrawal.
We will collect your personal information when you, for example:
- Buy or use any of our products and services;
- Complete a product or service application forms, electronically, telephonically or by way of a hard copy;
- When you interact with us electronically by way of our website, platform, mobile apps, or social media channels which contains our products and services;
- From employers and other contracted entities in the context of group insurance policies;
- Register for a specific product or service;
- Subscribe to newsletters, alerts or other services from us;
- Contact us through various channels, or ask for information about a product or service;
- Take part in a competition, prize draw or survey;
- Visit or browse our website or other Vodacom Group websites;
- Have given permission to other companies to share information about you;
- Where your information is publicly available;
- Are the customer of a business that we acquire; and/or
- Visit our business premises.
Where relevant, we may also collect your personal information from third-party sources, such as other entities within the Vodacom Group, such as Vodacom (Pty) Ltd, intermediaries that are representatives of us or have intermediary agreements with us. In all such instances, we will ensure that there is a lawful basis for such indirect collection activities.
We are required to take all reasonably practicable steps to ensure your personal information is complete, accurate, not misleading and updated on a regular basis. To ensure this, we will always endeavour to obtain personal information from you directly. Where we are unable to do so, we will make use of verifiable independent third-party data sources who have the necessary authority to provide us with such information. We also collect information from certain organisations, where appropriate and to the extent we have legal grounds to do so. These include fraud-prevention agencies, business directories, credit check reference/vetting agencies, billing calculating agencies and connected network providers.
We may also collect information about you on CCTV when you visit our premises or on other security cameras as part of our security and crime prevention measures.
Cookies by themselves cannot be used to discover your identity. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not. If you choose not to accept cookies from our Website this may limit its functionalities or performance.
INFORMATION THAT WE PROCESS
The types of information we may process are, where applicable:
- Your name, address, phone and/or mobile number, identity number, age, your date of birth, gender, nationality, occupation, information about your property or household, physical and postal address, and email address. Where you have provided us with the personal information of a third-party (for example your spouse or family member), you guarantee that such third- party has given you consent to provide us with their personal information. Where you provide us with the personal information of a person under the age of 18 years (a minor), you confirm that you have the necessary legal authority or is legally competent to provide their personal information to us. Note that we will use that information strictly in accordance with applicable laws and for insurance purposes (including assessing the terms of the insurance contract, dealing with changes to the insurance policy and/or dealing with claims).
- In the event that you make a claim, we may also collect personal information from you about the claim and any relevant third parties.
- Your credit or debit card information, information about your bank account and other banking information. For example, you’ll have to give us this information when you open an account with us. We’ll collect the personal information necessary to process a payment whenever you make a purchase. We may process information related to payments you make or receive in the context of an insurance policy or claim.
- Online information – for example, cookies and IP address (your computer’s internet address), if you use our websites, apps and/or social media channels.
- Contractual information – for example, details about the policies you hold and with whom you hold them.
- Your location data. This can be precise where it uses Global Positioning System (GPS) data or by identifying nearby mobile phone masts and Wi-Fi hotspots and you enable location-based services or features. It can also be less precise where, for example, a location is derived from your IP address or data such as a post code or name of a town or city.
- Your correspondence with us, such as a note or recording of a call you make to one of our contact centres, a Live Chat, an email or letter sent, or other records of any contact with us.
- Credential information – we’ll collect passwords, hints and similar security information used for authentication and access to accounts and services.
- Your preferences for particular products, services and lifestyle activities when you tell us what they are, or we assume what they are, based on how you use the products and services.
- See the 'Cookies' section for details on what we collect using cookies, web beacons and other technologies
- Photographs and images when attending any of our events or functions or accessing premises with surveillance cameras.
- Information we obtain from other sources, such as credit agencies, fraud-prevention agencies, and from other data providers. This includes demographic data, interest-based data, and internet browsing behaviour.
- Children information - We may process children personal information where the processing is needed to create, use or protect a right or obligation in law, such as where the child is a beneficiary of an insurance policy or an insured person in terms of an insurance policy. We are committed to complying with all applicable laws aimed at the protection of children and in particular the protection of their personal information.
We’ll also get information about how you use our products and services, such as:
- Details of your use of the specific services or products, how such service or product is used, how often it is used and other related information.
- Your website browsing information (which includes information about the websites you visit), and about how you use our Website or other Vodacom Group websites on your mobile or a PC.
- The date, time and length of your internet browsing, and your approximate location at the time of browsing.
HOW WE USE YOUR PERSONAL INFORMATION
We will use, process and analyse your personal information for the following purposes:
To provide you with your services
Processing your order and providing you with your products and services
- We have regulatory obligations, including compliance with anti-money laundering legislation, to process your personal information. This includes verifying your identity or the identity of your beneficial owner and/or controlling persons. We are also required by various laws to maintain a record of our dealings with clients.
- In order for us to provide you with the products and services that you have requested and to notify you of important changes to such products and services, we need to collect and use your personal information. This includes other services not included in your agreement with us , services that use information about where you are, and to contact you with messages about changes to the products or services.
- To conclude and administer your application, which may include underwriting.
- To execute a transaction in accordance with your request.
- To assess, check, and process claims.
- To meet our contractual obligations with you or take steps necessary for the conclusion of a contract with you.
- For audit and record-keeping purposes.
- For purposes of proof and legal proceedings.
Billing and customer care
- To bill you for using our products and services, or to take the appropriate amount of credit from you.
- Contact you if the billing information you provided us with is about to expire or we’re not able to take payment.
- To respond to any questions or concerns you may have about our, products or services.
- We will contact you with customer service messages to keep you updated with current information about products and services you’ve taken. For example, changes to our terms and conditions.
To improve our service
Improving and innovating our products and services
- We collect anonymous, de-identified or aggregate information in order to improve the service we offer to everyone. None of these analytics can identify you individually or link back to you in any way.
- We conduct surveys to understand various aspects of our interaction with you, the use of our services and products and the network.
Marketing and tailoring our service to you
- As our customer, we will contact you to keep you informed about new and existing products and services, competitions, prize draws and other promotions and we may use your personal information to run those competitions, prize draw, events and promotions, only to the extent that you have not, at any stage, objected to receiving such marketing communications. We may also, with your consent, send you newsletters or white papers and occasionally invite you to participate in market research. We tailor these messages based on the products and services you’ve bought from us in the past and we will only provide you with marketing content regarding our own products and services that are similar to or related to the products and services previously provided to you.
- If you have given us your permission, we will also contact you to let you know about products and services of Vodacom Group companies including Vodacom (Pty) Ltd, Vodacom Financial Services (Pty) Ltd, Vodacom Payment Services (Pty) Ltd products and services and those of other companies which we think may interest you.
- There are various ways that we may do this – including by email, post, phone, text, picture message or notifications through our apps.
- You can control your marketing permissions and the personal information we use to tailor these communications at any time.
- Remember that opting out of interest-based advertising doesn't stop advertisements from being displayed – it's just that they won’t be tailored to your interests.
- You will also see advertising in your social media, for example in your Facebook or Twitter feed. If you don’t want to receive this advertising, go to the relevant platform’s ad settings.
Research and analytics
We use a variety of analytics methods including what is commonly referred to as “Big data analytics”. Big data analytics are mathematically driven analysis techniques on large and varied data sets (that is why it is “big” data) to uncover hidden patterns and hitherto unrevealed trends. At Vodacom Life Assurance Company (RF) Limited we take governance of big data analytics seriously. Our data scientists are required to adhere to a Code of Ethics. We have a strict use case process that requires that privacy and data protection law checks are carried out before any use case commences. We also have strict rules ensuring that personal information is protected at the appropriate stage in the process.
We use our analytics to, for example:
- Conduct market research and to carry out research and statistical analysis, including to monitor how customers use our networks, products and services;
- Frame our marketing campaigns and determine how we might personalise those;
- Provide reports to third parties (such reports don’t contain information which may identify you as an individual). These can be to third parties such as content providers, research companies and advertisers or as part of our
Credit checks, fraud prevention and security
We will sometimes need to profile you, for credit, fraud and security purposes. When we conduct such profiling activities, we will do so in accordance with the provisions of the relevant legislation or lawful requirement.
Credit checks and ID
We will also use your personal information for identity verification purposes, for access to your account and for general account management. We sometimes supplement the information we collect about you with information from other sources (for example, home affairs, the voters roll and credit reference agencies) to assess the accuracy of the information that we hold.
Fraud prevention and security
We will process your personal and traffic data in order to protect against and detect fraud, to protect and detect misuse or damage to our networks, to recover debts or trace those who owe us money resulting from the use of our services.
There may be instances where we will process your personal information through a secure automated tool, or perform profiling and make decisions, based on such profiling, that may affect you significantly. An example of automated decision making is the approval or declining of an insurance claim. If you are unhappy about the outcome of such a decision or would like further information on how such outcome was reached, please contact:
- O'Keeffe & Swartz - Vodacom Life Assurance Company (RF) Limited appointed administrators:
Email: [email protected].
Tel: 082 178 00
HOW WE SHARE YOUR PERSONAL INFORMATION
Where applicable, we share information about you with:
- Companies in Vodacom Group , located across the globe, including but not limited to in the European Economic Area (EEA), Egypt, India and the US, for reporting purposes and where they are involved in providing products and services that you have signed up for and where we may also share information within the Vodacom Group for administrative purposes.
- Partners, suppliers or agents involved in delivering the products and services you’ve ordered or used
- Companies who are engaged to perform services for, or on behalf of, Vodacom Life Assurance Company (RF) Limited , Vodafone Limited, or Vodafone Group which companies may be located outside of the borders of South Africa.
- Law enforcement agencies, government bodies, regulatory organisations, courts or other public authorities if we have to, or are authorised to by law
- A third party or body where such disclosure is required to satisfy any applicable law, or other legal or regulatory requirement
- Third parties for joint promotions with that third party. They’ll be responsible for their own compliance with applicable privacy laws
- Other third parties when you are signing up to their service and it is used by them for authentication and fraud-prevention purposes
- Third parties that we advertise with, in order to serve you advertisements online (e.g., Facebook, Google). You can opt-out of this by managing your account permissions.
- Third parties that we use to serve you marketing.
In all such instances where we may share your personal information with a third party, we will ensure that there is a lawful basis in order to do so. We will further ensure that any third party receiving personal information is bound to the appropriate agreement, ensuring that the respective third party protects your personal information in a manner that is equivalent or commensurate to our own internal policies and procedures. Any third party located outside of South Africa will be obliged to ensure their processing activities are compliant with the requirements and protections afforded in terms of POPIA.
Fraud management and law enforcement
- We will release information if it’s reasonable for the purpose of protecting us against fraud, defending our rights or property, or to protect the interests of our customers.
- We also may need to release your information to comply with our legal obligation to respond to the authorities’ lawful demands. Your personal information shall only be provided when we in good faith believe we are obliged to do so in accordance with the law and pursuant to an exhaustive evaluation of all legal requirements.
Mergers and acquisitions
If we become involved in a proposed or actual merger, acquisition, or any form of sale of assets, we may use and disclose your personal information to third parties in connection with the evaluation of the transaction. Any acquiring company would have access to your personal information.
Third parties that we work with
Where you’ve purchased our products and services using a third party or partner organisation, we often need to exchange information with them as part of managing that relationship and your account – for example, to be able to manage your insurance policy or settle your insurance claim of Vodacom Life Assurance Company (RF) Limited.
If we have a contract with a service provider or contractor to provide us with services or provide a service on our behalf, and they may have access to your personal information, we don’t authorise them to use or disclose your personal information except in connection with providing their services. We ensure that all our service providers and contractors align to our policies and requirements.
We collect and combine information in order to monitor your use of products and services, and that of our other customers, as well as to help us to improve the quality of our products and services.
INTERNATIONAL DATA TRANSFERS
If you are visiting this Website from a country other than South Africa the various communications will necessarily result in the transfer of information across international boundaries.
We may also need to transfer your information to other Vodafone or Vodacom Group companies or service providers in countries outside South Africa, in which case we will ensure that you are adequately notified about such transfer and the applicable data protection measures that will be applied to your personal information for the purpose of such transfer, transfer your personal information outside of the borders of South Africa, we will ensure that the third party recipient is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection for your personal information that are substantially similar to the data protection laws applicable to South Africa (i.e. POPIA).
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?
We may not retain your personal information any longer than is necessary for achieving the purpose for achieving the purpose for which your personal information was collected or subsequently processed, unless:
- The retention of your personal information is required or authorised by law;
- We reasonably require your personal information for lawful purpose related to our function or activities;
- The retention of your personal information is required by a contract that we enter into with you; and/or
- You or a competent person consents to the retention of your personal information (or the personal information relating to a child) for such a period of time.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have specialised security teams who constantly review, improve, and ensure the implementation of appropriate, reasonable technical and organisational measures to protect your personal information from unauthorised access, accidental loss, disclosure or destruction. We are required in terms of POPIA to notify you and the Information Regulator, if any of your personal information has been compromised.
Communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered, as this is the nature of the internet.
We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
We’ll never ask for your secure personal or account information by an unsolicited means of communication. You’re responsible for keeping your personal and account information secure and not sharing it with others.
Our website may provide links to third-party websites. We cannot be responsible for the security and content of such third-party websites. You are therefore required to make sure you read that company’s privacy and cookies policies before using or putting your personal information on their site.
The same applies to any third-party websites or content you connect to using our products and services.
You may choose to disclose your information in certain ways such as social plug-ins (including those offered by Google, Facebook, Twitter and Pinterest) or using third-party services that allow you to post reviews or other information publicly, and a third party could use that information.
UNAUTHORISED THIRD PARTY ACCESS TO YOUR INFORMATION
Despite the security measures we have in place to protect your personal information (firewalls, password access and encryption methods) you acknowledge that it may be accessed by unauthorised third party through no fault of our own, e.g., as a result of an illegal activity.
In the unlikely event of such access, we will notify you, where possible, via email, SMS or using the address you have provided us within a reasonable time of such occurrence or becoming aware of such an occurrence.
FAILURE TO PROVIDE YOUR PERSONAL INFORMATION
Should we need to collect your personal information by law or under the terms of a contract that we may have with you, and you fail to provide the personal information when requested, we may be unable to perform the contract we have or are attempting to enter into with you.
In such a case, we may have to decline to provide or receive the relevant services, and you will be notified where this is the case.
Below we set out details on how you can exercise your rights. If you have a question or cannot find the answer, please contact our Customer Services team.
Right to access personal information
You have the right to request a record or description of the personal information that we hold about you. This includes the right to request us to confirm, free of charge, whether or not we hold any personal information about you; as well as information about the categories of third parties who have, or have had, access to your personal information. To make this request as an individual or an authorised third party, please visit our PAIA Manual available on our product pages (websites) here.
Right to correct personal information
You have the right to correct information held about you if it’s not accurate, out-of-date, excessive, irrelevant, or misleading. If the information we hold about you is inaccurate or needs to be updated, you can contact our appointed administrators: O'Keeffe & Swartz -
Email: [email protected].
Tel: 082 178 00
Right to object to use of personal information
You have the right, in certain circumstances, to object to our processing your personal information. In order for us to provide you with products and services, we are required to process your personal information and as such the provision of your personal information is mandatory and you may not object to same in order to continue using our products or services. For more information or to exercise this right, please contact our Customer Services team. If this relates to an automated decision performed on you (this means with no human involvement), please let us know and we will review your request.
To opt out of marketing messages
If you no longer want to receive marketing messages from us, you can choose to opt out at any time. If you’ve previously opted in to receive personalised content based on how and where you use our network, you can also opt out at any time.
You can opt out in the following way :
- Contact our appointed administrators: O'Keeffe & Swartz -
Email: [email protected].
Tel: 082 178 00
If you’re opted out of marketing, you may still receive service-related messages.
Please note: You may still receive marketing messages for up to 7 (seven) days after opting out while we update our records.
You may have received marketing from us even if you’re not a customer or have never had contact with us. This is a result of third-party marketing lists which we may acquire from time to time, stating that you have given permission to be contacted by other organisations. If you’ve registered with us to opt out of marketing from Vodacom Life Assurance Company (RF) Limited, you shouldn’t receive such communications. If you still do, we ask that you let us know immediately by contacting our Customer Care team. This will only stop marketing from us and not stop the third parties from sharing your personal information unless you contact them directly.
How to lodge a complaint
If you want to contact us about any of your rights or should you believe that we have used your personal information contrary to applicable law, you undertake to first attempt to resolve any concerns with us directly. Kindly contact our Customer Care team. We will do our best to help but if you are still unhappy, you can contact the Privacy Office at [email protected]. If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator at:
The Information Regulator (South Africa)
27 Stiemens Street
Email: [email protected]
Right to restrict use of your personal information
If you feel that the personal information we hold on you is inaccurate, or you believe we shouldn’t be processing your personal information, please contact our Customer Services team to discuss your rights. In certain circumstances, for example where you contest the accuracy of your information, or where we no longer require your information for achieving its purpose but must maintain it for purposes of proof, you have the right to ask us to restrict processing.
Right to deletion
We strive to only process and retain your personal information for as long as we need to. In certain circumstances, for example, where you indicate that your personal information is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained unlawfully, you have the right to request that we erase your personal information that we hold. If you feel that we are retaining your personal information longer than we need, it is worth first checking that your contract with us has been terminated, which you can do with Customer Services. If your contract with us has been terminated, we may still have lawful grounds to process your personal information.
KEEPING YOUR PERSONAL INFORMATION ACCURATE
We take reasonably practicable steps to ensure that your personal information is complete, accurate, not misleading and up to date (having regard to the purpose for which personal information is collected or further processed).
Accordingly, we will take reasonable steps to ensure that all personal information is kept as accurate, complete and up-to-date as reasonably possible.
We may not always expressly request you to verify and update you or your third party beneficiaries’ personal information unless this process is specifically necessary.
We, however, expects that you will notify us from time to time in writing of any updates required in respect of you or your beneficiaries’ personal information.