The Protection of Personal Information Act came into effect on 01 July 2021. The Act outlines how responsible parties should process personal information to ensure privacy and protection of the individual. RENT PAY (PTY) Ltd is dedicated to complying with the Act and the conditions set out therein, namely that:

We strive to hold ourselves accountable for the personal information supplied to us and for the manner in which we process your personal information;

The information processed by us will be done in a lawful manner that does not infringe on any of your rights as prescribed by the Act (i.e obtaining voluntary consent, limitations on information processed);

The information processed will be done for a specific purpose that is expressly defined and lawful;

The information will only be processed for the specific purpose for which it is intended;

Reasonable and practical measures will be put in place by us to ensure processing of information is done in a manner which is not misleading and is at all times complete and accurate;

Openness and transparency will be foundational values that form the basis of how we process your personal information;

Security safeguards (both electronic and physical) to ensure the integrity and confidentiality of any personal information we process will be put in place;

Where there is ongoing processing, you as the data subject will be an active participant in ensuring we only process information which is relevant and up to date.

In a nutshell, RENT PAY (PTY) Ltd undertakes that we will treat all your information with the utmost confidentiality and protect your privacy and that we are dedicated to upholding the best practices as prescribed by the Act.

In light of the above, your usage of our website and secure software platform, will serve as consent of the following terms:

1. That by either Party submitting any personal information to the other, the disclosing Party unconditionally and voluntarily, consents to the processing of the submitted personal information for any and all purposes related to their relationship;

2. The Parties shall at all times comply with their respective obligations and procure that each of its Affiliates comply with their obligations under POPI.

3. Each Party shall not process, disclose, or use personal information except:

3.1  to the extent necessary for the provision of Services and/or Products under the relationship (governed by agreement or otherwise); or


3.2  to fulfil their own obligations under the relationship (governed by agreement or otherwise); or

3.3  as otherwise expressly authorised by the other Party in writing.

4. In the event of the other Party providing the consent necessary for the disclosure of personal information to a Third Party, each Party shall:

4.1  make such disclosure in compliance with POPI; and

4.2  enter into a written agreement with the applicable Third-Party recipient of such personal information that requires such Third Party to safeguard

the personal information in a manner no less restrictive than each Party’s

obligations under these terms.

5. The Parties shall implement and maintain an effective security safeguards that includes, but is not limited to administrative, technical, and physical safeguards, and appropriate technical and organisational measures, in each case, adequate to ensure the security and confidentiality of personal information, and to protect against any anticipated risks to the security or integrity of personal information, protect against unauthorized access to or use

of personal information, protect personal information against unlawful processing or processing otherwise than in accordance with this agreement, and protect against accidental loss, destruction, damage, alteration or disclosure

of personal information.

6. Each Party shall not use, process, store, transfer or permit access to

any personal information across the borders of South Africa, without the written consent of the other Party.

7. The Client hereby consents to the Company sharing the personal information as

provided for herein cross border. Should the Client’s personal information be shared cross border, the personal information will not be subject to less protection than it

enjoys in terms of South Africa’s data privacy laws.

8. In the event of any actual, suspected, or alleged security breach, including, but not limited to, loss, damage, destruction, theft, unauthorized use, access to or disclosure of any personal information, each Party shall:

8.1  notify the other Party as soon as practicable after becoming aware of such event;

8.2  provide the other Party will all information regarding the breach in the

Party’s knowledge and possession to allow the Party to ascertain what has

occurred and which personal information has been affected.

8.3  promptly take whatever action is necessary, at each Party’s own expense, to minimise the impact of such event and prevent such event from recurring.

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

www.upaytechnology.com

www.acpas.co.za
3010 LBJ Freeway
Dallas, TX 75234
USA
info@acpas.co.za

Last Edited on 2016-09-19