CHRYSALIS PRIVACY POLICY
- Introduction
- For purposes of this Policy:
- “Agreement” means a written agreement between Chrysalis and a Third Party;
- “Applicable Laws” means all laws, regulations that Chrysalis is required to comply with;
- “Chrysalis ” or “we” or “us” means Chrysalis Capital (Pty) Ltd, Chrysalis Capital Fund (Pty) Ltd and Chrysalis Security SPV (RF) (Pty) Ltd;
- “Client“, “Supplier” or “you” means any prospective, new or existing client, vendor or supplier of Chrysalis;
- “Data Subjects/s” for the purpose of this document include all living individuals and juristic persons about whom Chrysalis holds Personal Information;
- “Electronic Correspondence” means content sent or received electronically, including email, faxes, incoming voice mail messages, internal instant messages, text messages and voice notes;
- “IO” means the Information Officer appointed as a such by Chrysalis in terms of section 56 of POPIA and who will have the ultimate responsibility to ensure that Chrysalis complies with the provision of POPIA;
- “PAIA” means Promotion of Access to Information Act, 2000;
- “Personal Information” means information relating to an identifiable, living natural person, and (where applicable) an identifiable, existing juristic person in particular by reference to an identification number or to one or more factors specific to physical, physiological, mental, economic, cultural or social identity, including the name, race, gender, marital status, address and identifying number of a person, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person, recruitment details, financial history and the like;
- “POPIA” means the Protection of Personal Information Act, 2013, including any regulations and/or code of conduct made under the Act;
- “Processing” is any activity that involves the use of Personal Information. It includes any operation or activity or any set of operations, whether by automatic means, concerning Personal Information, including:
- The collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
- Dissemination by means of transmission, distribution or making available in any other form; or
- Merging, linking, as well as restriction, degradation, erasure or destruction of Personal Information;
- “Record” means any recorded information:
- Regardless of form or medium, including any of the following:
- Writing or any material;
- Information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software or both, or other device, and any material subsequently derived from information so produced, recorded or stored;
- In the possession or under the control of a Responsible Party;
- Whether or not it was created by a Responsible Party; and
- Regardless of when it came into existence;
- Regardless of form or medium, including any of the following:
- “Responsible party/parties” are the people who or organisations which determine the purposes for which, and the manner in which, any Personal Information is processed. They have a responsibility to establish practices and policies in line with POPIA. Chrysalis is the responsible party of all Personal Information used in its business;
- “Security Compromise” POPIA does not define Security Compromises or data breaches. For the purposes of this document a “Security Compromise” shall include any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised access to or acquisition of or disclosure of Personal Information transmitted, stored or otherwise processed by Chrysalis or any operator acting on behalf of Chrysalis;
- “Special Purpose Information” includes personal information concerning the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health, sex life or biometric information of a data subject; or the criminal behaviour of a data subject to the extent that such information relates to the alleged commission by a data subject of any offence; or any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings;
- “Policy” means the External Privacy Policy of Chrysalis.
- For purposes of this Policy:
- This Policy sets out how your Personal Information will be used by Chrysalis and applies to any Personal Information, you give to Chrysalis or which Chrysalis may collect from third parties.
- It is important that you read this Policy carefully before submitting any Personal Information to Chrysalis.
- By submitting any Personal Information to Chrysalis, you provide consent to the Processing of your Personal Information as set out in this Policy.
- The provisions of this Policy are subject to mandatory, unalterable provisions of Applicable Laws.
- Please do not submit any Personal Information to Chrysalis if you do not agree to any of the provisions of this Policy. If you do not consent to the provisions of this Policy, or parts of the Policy, Chrysalis may not be able to provide its products and services to you.
- How to contact us
If you have any comments or questions about this Policy please contact the Information Officer,
Address: 2nd Floor, The Terraces, 25 Protea Road, Claremont, Cape Town, 7708
E-mail address: info@chrysaliscapital.org
Attention: Information Officer
Telephone number: +27 (21) 6733250
- Amendment of this Policy
- We may amend this Policy from time to time.
- Any such amendment will come into effect and become part of any Agreement you have with Chrysalis when notice is given to you of the change by publication on our website. It is your responsibility to check the website often.
- Privacy and indemnity
- Chrysalis takes your privacy and the protection of your Personal Information very seriously, and we will only use your Personal Information in accordance with this Policy and applicable data protection legislation. It is important that you take all necessary and appropriate steps to protect your Personal Information yourself (for example, by ensuring that all passwords and access codes are kept secure).
- We have implemented reasonable technical and operational measures to keep your Personal Information secure.
- You hereby indemnify and hold Chrysalis harmless from any loss, damages, or injury that you may incur as a result of any Security Compromise of your Personal Information to unauthorised persons or the provision of incorrect or incomplete Personal Information to Chrysalis.
- Information of children
- We do not intend to collect and/or process any Personal Information of minors, unless we make this clear. If you do provide any Personal Information to us of children, then you warrant that this is done with the consent of the child’s parent or guardian to use this information as set out in this Policy.
- Suppliers and vendors
- In the course of our business agreement we may collect Personal Information about you as a data subject to ensure that the business agreement and matters relating to the agreement can be fulfilled.
- We may also do a due diligence on you to ensure that you meet the requirements set out in our procurement policy.
- If you provide any Personal Information of other persons to us, such as employees or your directors, you warrant that you are authorised to share their Personal Information with us for purposes set out in the Policy.
- Information which we may collect about you
- We may collect the following information about you:
- Personal Information and Special Personal Information;
- records of correspondence or enquiries from you or anyone acting on your behalf;
- details of transactions you carry out with us;
- details of contracts, sales or leases you carry out with us;
- sensitive or special categories of Personal Information, including biometric information, such as images, fingerprints and voiceprints.
- Where you provide us with the Personal Information of Third Parties you should take steps to inform the Third Party that you need to disclose their details to us, identifying us. We will process their Personal Information in accordance with this Policy.
- We may collect the following information about you:
- How we collect information
- You may provide Personal Information to us either directly or indirectly.
- We may also collect your Personal Information from your appointed agent, any regulator, or other Third Party that may hold such information.
- Use of information collected
- We may use, transfer and disclose your Personal Information for the purposes of:
- providing you with the services, products or offerings you have requested, and notifying you about important changes to these services, products or offerings;
- managing your account or relationship and complying with your instructions or requests;
- detecting and preventing fraud and money laundering and/or in the interest of security and crime prevention;
- assessing and dealing with complaints and requests;
- operational, marketing, auditing, legal and record keeping requirements;
- verifying your identity or the identify of your beneficial owner;
- transferring or processing your Personal Information outside of the Republic of South Africa to such countries that may not offer the same level of data protection as the Republic of South Africa, including for cloud storage purposes and the use of any of our websites;
- complying with Applicable Laws, including lawful requests for information received from local or foreign law enforcement, government and tax collection agencies;
- recording and/or monitoring your telephone calls and electronic communications to/with Chrysalis in order to accurately carry out your instructions and requests, to use as evidence and in the interests of crime prevention;
- conducting market research and providing you with information about Chrysalis’s products or services from time to time via email, telephone or other means (for example, events);
- where you have unsubscribed from certain direct marketing communications, ensuring that we do not sent such direct marketing to you again;
- disclosing your Personal Information to third parties for reasons set out in this Policy or where it is not unlawful to do so;
- monitoring, keeping record of and having access to all forms of correspondence or communications received by or sent from Chrysalis or any of its employees, agents or contractors, including monitoring, recording and using as evidence all telephone communications between you and Chrysalis;
- improving or evaluating the effectiveness of Chrysalis’s business or products, services or offerings; and
- prevention and control of any disease.
- We may from time to time (and at any time) contact you about services, products and offerings available from Chrysalis or specific subsidiaries which we believe may be of interest to you, by email, phone, text or other electronic means, unless you have unsubscribed from receiving such communications. You can unsubscribe from receiving such communications by contacting the Information Officer.
- We may use, transfer and disclose your Personal Information for the purposes of:
- Disclosure of your information
- Your Personal Information may be shared within Chrysalis’ subsidiaries, our agents and sub-contractors, and selected third parties who process the information on our behalf.
- We may also disclose your Personal Information to Third Parties in the following circumstances:
- to any other of Chrysalis’s subsidiaries, business partners or other third parties to –
- assess and monitor any of your applications for Chrysalis products or services;
- determine which products and services may be of interest to you and/or to send you information about such products and services, unless you object or choose not to receive such communications;
- have a better understanding of your circumstances and needs to provide and improve Chrysalis’s products and services;
- to any relevant person and/or entity for purposes of prevention, detection and reporting of fraud and criminal activities, the identification of the proceeds of unlawful activities and the combatting of crime;
- to any regulator or supervisory authority, including those in foreign jurisdictions, if Chrysalis is required to do so in terms of Applicable Laws;
- to a prospective buyer or seller of any of our businesses or assets;
- to any person if we are under a duty to disclose or share your personal information in order to comply with any Applicable Laws, or to protect the rights, property or safety of Chrysalis, other clients or other third parties; and/or
- to your agent or any other person acting on your behalf, an or an introducer.
- to any other of Chrysalis’s subsidiaries, business partners or other third parties to –
- We may transfer your information to another of Chrysalis’s entities, an agent, sub-contractor or third party who carries on business in another country, including one which may not have data privacy laws similar to those of the Republic. If this happens, we will ensure that anyone to whom we pass your information agrees to treat your information with the same level of protection as if we were dealing with it.
- If you do not wish us to disclose this information to third parties, please contact us at the contact details set out above. We may, however, not be able to provide products or services to you if such disclosure is necessary.
- Retention of your information
We may retain your Personal Information indefinitely, unless you object, in which case we will only retain it if we are permitted or required to do so in terms of Applicable Laws. However, as a general rule, we will retain your information in accordance with retention periods set out in Applicable Laws, unless we need to retain it for longer for a lawful purpose. (For example, for the purposes of complaints handling, legal processes and proceedings.)
- Access to, correction and deletion of your Personal Information
- You may request details of Personal Information which we hold about you under the Promotion of Access to Information Act, 2000 (“PAIA”). Fees to obtain a copy or a description of Personal Information held about you are prescribed in terms of PAIA. Confirmation of whether or not we hold Personal Information about you may be requested free of charge.
- You may request the correction of Personal Information Chrysalis holds about you. Please ensure that the information we hold about you is complete, accurate and up to date. If you fail to keep your information updated, or if your information is incorrect, Chrysalis may limit the products and services offered to you or elect not to open the account.
- You have a right in certain circumstances to request the destruction or deletion of and, where applicable, to obtain restriction on the processing of Personal Information held about you. If you wish to exercise this right, please contact us using the contact details set out above.
- You have a right to object on reasonable grounds to the processing of your Personal Information where the processing is carried out in order to protect our legitimate interests or your legitimate interests, unless the law provides for such processing.
- Complaints
- Should you believe that Chrysalis has utilised your Personal Information contrary to Applicable Laws, you undertake to first attempt to resolve any concerns with Chrysalis’s IO.
- If you are not satisfied with such process, you may have the right to lodge a complaint with the Information Regulator, using the contact details listed below:
- Tel: 012 406 4818
- Fax: 086 500 3351
- Email: inforeg@justice.gov.za.
- Links to other Websites
Our website or social media platforms may contain links to and from websites, mobile applications or services of third parties, advertisers or affiliates. Please note that we are not responsible for the privacy practices of such other parties and advise you to read the privacy statements of each website you visit which collects Personal Information.
- Changes to this Privacy Policy
We may update this privacy policy from time to time. Any changes that we may make to our privacy policy will be posted on our website and will be effective from the date of posting.
- Access to your Personal Information
- You may at any time request:
- confirmation that we hold your Personal Information;
- access to your Personal Information;
- the identities or categories of third parties to whom we have disclosed your Personal Information; or
- that we correct or delete any Personal Information that is incomplete, misleading, inaccurate, excessive or out of date.
- Requests may be made in writing to info@chrysaliscapital.org
- You may at any time request: