Privacy Policy

Business Scope:

ISO SHERQ Holdings (PTY) Ltd, herein-after referred to as ISO SHERQ, ISO SHERQ Holdings (Pty) Ltd – is the preferred international market leader in the SHERQ consultancy and training industry. Our involvement with some of the biggest companies and world industry leaders has provided us with key insights into the compliance environment. With over 20 years global experience we are sure that we have the solutions for you.

Customer and Supplier Notice:

This Notice explains how we obtain, use and disclose you and/or your organisation personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).

At ISO SHERQ  (and including our website, www.isosherq.com, POPI Act Compliance) we are committed to protecting you and/or your organisation privacy and to ensure that you and/or your organisation personal information is collected and used solely for the purpose the information has been received, lawfully and transparently.

The information we collect

We collect and process your and/or you organisation personal information mainly for the purposes of contact and conducting business. To facilitate an understand both you and/or your organisation and our business requirements, and delivering services, either way, accordingly.  

We collect information directly from you and/or your organisation where you and/or your organisation provide us with you and/or your organisation personal details.  Where possible, we will inform you and/or your organisation what information you and/or your organisation are required to provide to us and what information is optional.

Website usage information may be collected using “cookies” which allows us to collect standard information available on the internet. 

How we use you and/or your organisation information

We will use you and/or your organisation personal information only for the purposes for which it was collected and agreed with you and/or your organisation.  In addition, where necessary you and/or your organisation information may be retained for legal or research purposes. 

For example:

  • To gather contact information;
  • To confirm and verify you and/or your organisation identity or to verify that you and/or your organisation are an authorised user for security purposes;
  • For the detection and prevention of fraud, crime, money laundering or other malpractice;
  • To conduct market, supplier history or customer satisfaction research or for statistical analysis;
  • For audit and record keeping purposes;
  • In connection with legal proceedings.

Disclosure of information

We may disclose you and/or your organisation personal information to our formally approved service providers who are involved in the handling of products or services to us, or to you and/or your organisation. We have agreements in place to ensure that they comply with the privacy requirements as required by the POPI Act.

We may also disclose you and/or your organisation information:

  • Where we have a duty or a right to disclose in terms of law or industry codes;
  • Where we believe it is necessary to protect our rights.

Information Security

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorised access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that you and/or your organisation personal information remains secure.

Our security policies and procedures cover:

  • Physical security;
  • Computer and network security;
  • Access to personal information;
  • Secure communications;
  • Security in contracting out activities or functions;
  • Retention and disposal of information;
  • Acceptable usage of personal information;
  • Governance and regulatory issues;
  • Monitoring access and usage of private information;
  • Investigating and reacting to security incidents.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

We will ensure that anyone to whom we pass you and/or your organisation personal information agrees to treat you and/or your organisation information with the same level of protection as we are obliged to.

You and/or your organisation rights: Access to information

You and/or your organisation have the right to request a copy of the personal information we hold about you and/or your organisation. To do this, simply contact us at the numbers/addresses as provided on our website (www.thedatacompany.com) and specify what information you and/or your organisation require.  We will need a copy of you and/or your organisation identity document and/or company registration documents to confirm you and/or your organisation identity before providing details of you and/or your organisation personal information.

Please note that any such access request may be subject to a payment of a legally allowable fee.    

Correction of you and/or your organisation information

You and/or your organisation have the right to ask us to update, correct or delete you and/or your organisation personal information. We will require a copy of you and/or your organisation identity document and/or company registration documents to confirm you and/or your organisation identity before making changes to personal information we may hold about you and/or your organisation. We would appreciate it if you and/or your organisation would keep you and/or your organisation personal information accurate.

Definition of personal information

According to the POPI Act  personal information is information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.  Further to the POPI Act, ISO SHERQ also includes the following items as personal information:

  • information relating to an identifiable, living natural person or juristic person and includes, amongst others, the following: identity number, email address, physical address, telephone number, information relating to health, criminal behaviour, views of the person, views about the person and many more.

Agreement and how to contact us

If you and/or your organisation have any queries about this policy, you and/or your organisation need further information about our privacy practices, wish to deny consent, exercise preferences or access or correct you and/or your organisation personal information, please contact us at the numbers/addresses listed on our website or send an email to info@isosherq.com.

SHOULD YOU NOT AGREE TO THE TERMS AND CONDITIONS AS SET OUT IN THIS “ISO SHERQ HOLDINGS (PTY) LTD” INFORMATION PRIVACY POLICY YOU MUST NOTIFY US IMMEDIATELY FAILING WHICH IT WILL BE DEEMED THAT YOU ACCEPT AND AGREE TO THE TERMS AND CONDITIONS SET IN THIS DOCUMENT