Privacy Policy

Introduction

This Privacy Policy explains how The Garden Venue processes your personal information in accordance with the requirements of the Protection of Personal Information Act, 4 of 2013 (“POPIA”). We are committed to protecting your privacy and ensure that your personal information is processed properly, lawfully, and transparently.

The Privacy Policy explains the steps taken to protect personal information collected through interactions with us. The Privacy Policy describes the type of personal information we collect, the purposes for which it is used, your rights regarding personal information about you, security measures and how you can review, object, and correct your personal information held by us.

We encourage all persons to read the Privacy Policy. By using our services or submitting personal information to The Garden Venue by any other means, you acknowledge that you understand, consent, and agree to be bound by this Privacy Policy, and agree that The Garden Venue may collect, process, transfer, use and disclose personal information as described in this Privacy Policy.

IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY POLICY, PLEASE DO NOT USE ANY OF OUR SERVICES.

What is Personal Information?

As per POPIA, “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to-

(a) Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
(b) Information relating to the education or the medical, financial, criminal or employment history of the person;
(c) Any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
(d) The biometric information of the person;
(e) The personal opinions, views or preferences of the person;
(f) Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
(g) The views or opinions of another individual about the person; and
(h) The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person;
In short, personal information is any information that can be used to personally identify a natural or juristic person. If any information we collect can personally identify you or a juristic person, or you or a juristic person are reasonably identifiable from it, we will treat it a personal information.

Information Officer

As required by POPIA, we have an Information Officer who is responsible for maintaining compliance with the Act. The Information Officers duties are as follows:

  • Encourage compliance with the conditions for the lawful processing of personal information.
  • Deal with requests made to The Garden Venue in terms of the Act.
  • Work with the Information Regulator in relation to investigations conducted in terms of Chapter 6 of the Act.
  • Ensuring compliance with the provisions of the Act
  • Ensure a compliance framework is developed, implemented, monitored, and maintained.
  • Ensure a personal information impact assessment is done to ensure that adequate measures and standards exist to comply with the conditions of lawful processing of personal information.
  • Develop, monitor, maintain and make available a manual in terms of PAIA.
  • Develop internal measures together with adequate systems to process requests for the information or access thereto.
  • When requested, the information officer must provide copies of the PAIA manual upon payment of a fee to be determined by the Regulator.

Any deviations from this Privacy Policy, a breach or incident that comes to any person’s attention must be reported to the Information Officer or Deputy Information Officer.

What Personal Information Do We Collect?

Personal information that we collect may include but not be limited to:

Clients/Customers Name and email address, address details, contact details, VAT number, private and confidential information collected through interactions
Employees Name and surname, bank details, address, contact details, email address, next of kin (emergency contact)
Suppliers/Service Providers Bank details, address, VAT number, contact details, email address

You are not required to provide all this information. However, if you choose not to, we may not be able to provide you with effective service. If you provide us with personal information of third parties, please make sure that you are authorised to do so.

When you browse any of our websites, we may also collect information about your computer and your visits to the websites such as your IP address, geographical location, browser type, computing device for example tablet, PC, smartphone, the website you came from, length of visit and number of page views. We use this information to better understand how visitors use our website and how they can be improved to better meet your needs, as well as to gauge interest in our products and services and to improve our security measures. No personal information is collected in this manner.

Special personal information is processed in accordance with the legal requirements relating to such information. If you submit to The Garden Venue any personal information relating to your:

  • racial or ethnic origin;
  • political beliefs;
  • philosophical or religious beliefs;
  • membership of a trade union or political party;
  • health or sex life or;
  • the commission of criminal offenses or proceedings and associated penalties or fines

It will be handled in accordance with the legal requirements. The information will only be collected and processed:

  • with your consent;
  • if the processing is necessary for the establishment, exercise or defence of a right or obligation in law;
  • the processing is necessary to comply with an obligation of international public law;
  • If any of the authorisations set out in s28 – s33 of POPIA exist.

We will always ensure that the processing of special personal information is done in a way that does not adversely affect your privacy to a disproportionate extent.

We will not use or disclose special personal information for purposes other than those for which it was collected unless we subsequently receive your consent to use it for another purpose.

Sources of Personal Information Collected by The Garden Venue

We collect information directly from you unless it is unreasonable or impracticable to do so. Where possible, we will inform you what information you are required to provide to us and what information is optional.

Generally, the collection will occur when:

  • You contact us in person, by telephone or email.
  • You are employed by The Garden Venue
  • You contact us via our website
  • We connect via social media
  • We receive your details from a third party.
  • You subscribe to receive marketing products

In some circumstances, it may be necessary for us to collect personal information about you from a third party. Where this occurs, we will rely on the authority of the person providing us with the personal information. By providing your personal information to us, you will be deemed to have consented to your personal information being collected by us and used and disclosed in accordance with this Privacy Policy.

You must let us know immediately if you become aware that your personal information has been provided to us without your consent or if you did not obtain the consent of another person or persons to provide us with their personal information.

Why Do We Collect Your Personal Information?

Subject to the terms of this Privacy Policy, The Garden Venue will use your personal information only for the purposes for which it was collected and agreed with you.

We will only process your personal information for lawful purposes as set out below:

  • To conclude or perform in terms of a contract.
  • To comply with an obligation imposed by law on us as the responsible party.
  • To protect your legitimate interests
  • To pursue our legitimate interests or the legitimate interest of a third party to whom the information is supplied.
  • Where none of the abovementioned processing purposes are available, if you have consented to the processing for the relevant purpose

Unless otherwise stated specifically the information may be used for the following purposes:

  • To administer a service to you
  • To improve our services
  • To respond/attend to your enquiries and/or requests
  • Internal accounting and administration
  • To engage with service providers
  • Identification of fraud and error
  • Regulatory reporting and compliance
  • To comply with our legal obligations

Clicks Count does not sell, re-sell or distribute your personal information for re-sale.

We strive to maintain the quality, accuracy, and completeness of your personal information which we process. The quality of personal information degrades over time, and you can assist us by contacting us if there are any changes to your personal information or if you become aware that we have inaccurate personal information of you. We will not be held responsible for any losses arising from poor quality personal information which is inaccurate or incomplete, that is provided to us by yourself or person acting on your behalf.

Disclosure of Personal Information to Third Parties

In certain instances, we provide your personal information to third parties. We do not sell, rent, or trade any personal information to any third parties. We will only disclose your personal information to third parties as per the information set out in this Privacy Policy.

We have notified all third parties to which we disclose your personal information to be processed on our behalf (operators), either through signed data protection agreements or notification that we comply with the requirements of POPIA and expect them to treat your personal information with the level of security they would treat their own and in accordance with the requirements of POPIA (especially the requirements of Condition 7 – Security Safeguards).

We will not disclose any personal information without your consent unless we reasonably believe that the disclosure is required in terms of an obligation imposed by law, if it is necessary for the proper performance of a public law duty by a public body, to protect your legitimate interest or the legitimate interest of us or a third party or if you have specifically requested us to do so.

Processing the Information of Children

In certain instances, we are required to process the personal information of children (natural person under the age of 18).

We will only process the personal information of a child if the processing is –

  • Carried out with the prior consent of a competent person (usually parent or guardian)
  • Necessary for the establishment, exercise, or defence of a right or obligation in law
  • Necessary to comply with an obligation of international public law.
  • Of personal information which has been deliberately made public by the child with the consent of the competent person

If you are a competent person and are aware that your child or children have provided us with personal information, please contact us so that we may delete, de-identify or destroy the personal information. If we become aware that we have collected or processed the personal information of children without verification or the consent of a competent person, we will take steps to delete, de-identify or destroy the information.

Transborder Flow of Personal Information

We do not transfer any personal information to third parties in foreign countries.

Security

The Garden Venue is committed to protecting the security of personal information. While no security measures can guarantee against compromise, we use a variety of security technologies and procedures to help protect data from unauthorised access, use, or disclosure. Although these measures are in place, the transmission of data over the internet is never completely secure and as such we cannot guarantee the security of data transmitted to or by The Garden Venue.

We hold your personal information in:

  • Computer systems
  • In hard copy or paper files

We have implemented and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect personal information and prevent:

  • loss of, damage to or unauthorised destruction of personal information; and
  • unlawful access to or processing of personal information.

Retention of Data

The Garden Venue will retain personal information only for as long as is necessary for the purposes set out in this Privacy Policy unless there is a valid technical, legal, or business reason for it to be deleted, destroyed or de-identified.

We may keep some of your personal information:

  • For as long as it is required by law
  • If it is required by a code of conduct
  • If it is reasonably needed for lawful purposes related to our functions and activities; or
  • If it is reasonably required for evidentiary purposes

Direct Marketing Communications

We may communicate with you using email and other channels as part of our effort to market our products or services, administer or improve our products or services, or for other reasons not stated in this Privacy Policy. You can withdraw consent to receive such direct marketing communications, as permitted in the legislation.

If you no longer wish to receive such correspondence, you may opt-out or UNSUBSCRIBE by clicking on the relevant link in any email communication you may have received. Further, you may express your communication preferences by:

  • Contacting us by using the contact information in this Privacy Policy

Links to Other Websites

Our website contains links to other websites. These are mainly social media websites where we have a presence (for example Facebook and Instagram). Although we try to link only to websites that share our high standards and respect for privacy, we do not control and are not responsible for the content, security or privacy practices employed by other websites. You should review the Privacy Policies of those websites to determine how they protect and use personal information.

You hereby acknowledge and agree that The Garden Venue is not responsible for the privacy practices, data collection policies & procedures, or the content of such third-party sites, and you hereby release The Garden Venue from any and all claims arising out of or related to the privacy practices, data collection policies and procedures, and/or the content of such third-party sites.

Cookies, Device Data, and How it is Used

Cookies are small files that websites save to your hard disk or to your web browser’s memory. A cookie contains limited information, usually a unique identifier and the name of the website. When you use our website, we may use them to track how many times you have visited the website, to track the number of visitors to the website, your activity within the website, unique identifiers associated with your device, to store data you provide and to store technical information related to interactions with the website. Our cookies can only be read by The Garden Venue, they do not contain any code or viruses and they do not contain any personal information.

We may automatically collect the following information about your use of the website through cookies, web beacons and other technologies:

  • Domain name.
  • Browser type and operating system.
  • Web pages you view.
  • Links you click.
  • IP address.
  • Length of time to visit the website.
  • Referring URL or the webpage that led you to the website.

We may also use session cookies, which are deleted when you close your browser, to store your user identification, to facilitate your movement around the website and other information useful in administering the session.

You may modify your browser setting to decline cookies or to notify you when a cookie is being placed on your computer or device. If you choose not to accept cookies, you may not be able to experience all the features of our website.

Your Rights

The Right to be Notified

  • You have the right to be notified when your personal information has been accessed or acquired by an unauthorised person.
  • When this occurs, we will notify the Information Regulator and you of the breach as soon as reasonably possible after discovering the breach.
  • This will be communicated to you in one of the following ways:
  • By mail (to last known address)
  • By email (to last known email address)
  • Placed in a prominent position on our website.
  • Published in the news or media.
  • As may be directed by the Information Regulator.

The Right to Establish Whether We Hold Your Personal Information and to Request Access to Such Information

  • You have the right to be informed of whether we process personal information of you, receive a copy of such information and how we process your personal information.
  • You can also request the above relating to any third parties to whom we have transferred your personal information to as per this Privacy Policy.
  • To do this, please use the contact details set out at the bottom of this Privacy Policy and specify what information you require.
  • We will try and provide you with suitable means of accessing the requested information, where you are entitled to it.
  • Note that you will be requested to provide identification before we can consider such requests.
  • Requests for the personal information we hold will be done free of charge however a fee may apply for such information processed by third parties.
  • There may be instances where we cannot grant access to your personal information. If we refuse access, we will give written reasons for the refusal.

The Right to Request Correction, Destruction or Deletion of Personal Information

  • You may request us to correct or delete any information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained illegally.
  • If you believe that any personal information that we hold about you is excessive or has been unlawfully obtained or that we are no longer authorised to retain it, you may ask us to destroy or delete it.
  • If we do not agree that there are grounds for action, you may ask us to add a note to the personal information stating that you disagree with it.
  • We will require a copy of your identification document to confirm your identity before we will release this information.
  • Once this is completed, we will notify you of such.

The Right to Object to Processing in Certain Circumstances

  • You may object at any time to the processing of your personal information in the prescribed form on reasonable grounds to your situation unless legislation prohibits such objection.
  • You can object to the processing of your personal information for the purposes of direct marketing at any time.

The Right to Submit a Complaint to the Information Regulator

  • Any person may submit a complaint to the Information Regulator alleging interference with the protection of the personal information of a data subject.
  • Interference with the protection of personal information means:
    • Any breach of the 8 conditions for the lawful processing of personal information
    • Non-compliance with section 22 (notification of security compromise), 55 (duty of confidentiality), 69 (direct marketing), 70 (directories), 71 (automated decision making) or 72 (transborder flow of information)
    • A breach of the provisions of a code of conduct.

The Right to Institute Civil Proceedings

  • You (or the Information Regulator at the request of yourself) may institute civil proceedings for damages against you for a breach which you deem to be interference with the protection of your personal information.

The Right to Restrict the Processing of Personal Information

We will restrict the processing of Personal Information in the following circumstances:

  • You have contested the accuracy of personal information, for a period which enables us to verify the accuracy of the information,
  • The processing is unlawful, and you oppose the destruction or deletion and request us to restrict it instead.
  • You have requested us to transmit the personal data into another automated processing system.

All requests must be made in the prescribed manner and form. The various forms are available from the Information Regulator.

Complaints to the Information Regulator

If you would like to make a compliant to the Information Regulator about the processing of your personal information, complete Form 5 available on the website of the Information Regulator. The Information Regulator’s details are as follows:

If you would like to make a compliant to the Information Regulator about the processing of your personal information, complete Form 5 available on the website of the Information Regulator. The Information Regulator’s details are as follows:

Physical Address JD House, 27 Stiemans Street
Braamfontein
Johannesburg
Postal Address PO Box 31533
Braamfontein
2017
Complaints [email protected]
General Information [email protected]

Changes to this Privacy Policy

The Garden Venue may occasionally update this Privacy Policy. When we do, we will revise the “last updated” date as set out below.

This Privacy Policy was last updated on 20 December 2024.

Contact Us

If you have questions regarding this Privacy Policy or our handling of personal information, please contact us as follows:

Information Officer
Mr. T D Horn
Email: [email protected]