Privacy Policy - JC Growth Solutions

Application upload area:

By Submitting your information, you hereby confirm:

1. That you have read and understood our POPI Policy.

2. That you have no objection to us retaining your personal information in

our database for future matching.

3. Should suitable opportunities arise we will contact you and request

your consent to submit your CV to a specific client for a specific

purpose.

4. That the information you have provided to us is true, correct and up to

date.

PROTECTION OF PERSONAL INFORMATION – POPI POLICY AND

COMPLIANCE

JC GROWTH SOLUTIONS (PTY) LTD IS COMMITTED TO COMPLIANCE WITH,

AND ADHERES TO, THE PROTECTION OF PERSONAL INFORMATION ACT

(POPI) SOUTH AFRICA AND CONFIRM THAT WE COMPLY WITH THIS

LEGISLATION.

Introduction

The POPI Act requires us to:

1. Sufficiently inform candidates/applicants/work-seekers (data subjects),

hereafter referred to as candidates, for the purpose of processing their

personal information.

2. Protect our Information assets from threats, whether internal or

external, deliberate, or accidental, to ensure business continuity,

minimise business damage and maximise business opportunities.

This policy and compliance framework establishes measures and standards for the

protection and lawful processing of personal information within our organisation and

provides principles regarding the right of individuals to privacy and to the reasonable

safeguarding of their personal information.

The Information Officer is responsible for:

1. Conducting a preliminary assessment.

2. The development, implementation and monitoring of this policy and

compliance framework.

3. Ensuring that this policy is supported by appropriate documentation.

4. Ensuring that documentation is relevant and kept up to date.

5. Ensuring this policy and subsequent updates are communicated to

relevant managers, representatives, staff and associates, where

applicable.

All employees, subsidiaries, business units, departments and individuals directly

associated with us are responsible for adhering to this policy and for reporting any

security breaches or incidents to the Information Officer.

Any service provider that provides staffing services, including data storage facilities,

to our organisation must adhere to the requirements of the POPI Act to ensure

adequate protection of personal information held by them on our behalf. Written

confirmation to this effect must be obtained from relevant service providers.

Policy Principles:

Principle 1: Accountability

• We must take reasonable steps to ensure that personal information obtained

from candidates is stored safely and securely.

• This includes CV’s, Resumes, References, Qualifications, Integrity Checks,

and any other personal information that may be obtained for the purpose of

candidate representation.

Principle 2: Processing limitation

• We will collect personal information directly from candidates.

• Once in our possession we will only process or release candidate information

with their consent, except where we are required to do so by law. In the latter

case we will always inform the candidate after the fact as well.

Principle 3: Specific purpose

• We collect personal information from candidates to enable us to represent

them to our clients for the purpose of recruitment.

Principle 4: Limitation on further processing

• Personal information may not be processed further in a way that is

incompatible with the purpose for which the information was collected initially.

We collect personal information for recruitment, and it will only be used for

that purpose.

Principle 5: Information quality

• We are responsible for ensuring that candidate information is complete, up to

date and accurate before we use it. This means that it may be necessary to

request candidates, from time to time, to update their information and confirm

that it is still relevant. If we are unable to reach a candidate for this purpose

their information will be deleted from our records.

Principle 6: Transparency/openness

• Where personal information is collected from a source other than directly

from a candidate (for example Social media portals) we are responsible for

ensuring that the candidate is aware:

1. That their information is being collected.

2. Who is collecting their information by giving them our details.

3. The specific reason we are collecting their information.

Principle 7: Security safeguards

• We will ensure technical and organisational measures to secure the integrity

of personal information, and guard against the risk of loss, damage or

destruction thereof. Personal information must also be protected against any

unauthorised or unlawful access or processing. We are committed to ensuring

that information is only used for legitimate purposes with candidate consent

and only by authorised employees of the company.

Principle 8: Participation of individuals

• Candidates are entitled to know particulars of their personal information held

by us, as well as the identity of any authorised employees of our agency that

had access thereto. They are also entitled to correct any information held by

us.

Operational Considerations

– Monitoring

The Board/Management and Information Officer are responsible for administering

and overseeing the implementation of this policy and, as applicable, supporting

guidelines, standard operating procedures, notices, consents and appropriate related

documents and processes. All employees, subsidiaries, business units, departments

and individuals directly associated with us are to be trained, according to their

functions, in the regulatory requirements, policies and guidelines that govern the

protection of personal information. We will conduct periodic reviews and audits,

where appropriate, to ensure compliance with this policy and guidelines.

– Operating controls

We shall establish appropriate standard operating procedures that are consistent

with this policy and regulatory requirements. This will include:

• Allocation of information security responsibilities.

• Incident reporting and management.

• User ID addition or removal.

• Information security training and education.

• Data backup.

• Policy compliance

Any breach/es of this policy may result in disciplinary action and possible termination

of employment.

For candidates:

By Submitting your information and application you hereby confirm:

1. That you have read and understood our POPI