Contact Us

Privacy Policy

Overview

Purpose

The aim of this policy is to:

  • Ensure compliance with the relevant privacy legislation/regulations for Master Power Technologies operations inclusive of its data centre operations;
  • Educate the business on why adherence to privacy legislation/regulation is important and the potential consequences of failing to comply; and
  • Inform the business of the procedures in place for dealing with any breaches that affect Master Power Technologies stakeholders.

Scope

This policy is applicable to the following:

  • All personal data/information, including but not limited to customer information, Master Power Technologies employees, third-party and Master Power Technologies company-related information generated, processed and stored by operating companies at Master Power Technologies to perform its activities and delivery of services;
  • All systems and processes used in the course of managing personal data/information;
  • Unless stated otherwise, this policy applies to all employees, contractors, and third-party personnel of Master Power Technologies and operating companies accessing Master Power Technologies information processing facilities. Master Power Technologies’ information processing facilities include, but are not limited to, Master Power Technologies campuses, facilities, offices, work areas, secure areas, critical infrastructure rooms (CIR) and telecommunications rooms.

Audience

This policy applies to all individuals authorised to access Master Power Technologies information processing facilities. This policy is also applicable to the information that is handled and processed by contractors and third parties for Master Power Technologies and operating companies.

Non-Compliance

Non-compliance with this policy must be reported to the Chief Executive Officer (CEO). Any breach may result in disciplinary action being taken, which may include dismissal.

Any disciplinary action arising from a breach of this document will be taken according to the disciplinary code and grievance procedure of Master Power Technologies. Where an employee is suspected of breaching the document, an internal investigation will be undertaken; depending on the outcome, civil and/or criminal legal action could be taken against the employee.

Policy Statements

Introduction

This policy addresses the requirements of legislation across different domains. As the legislation uses different terminology, for purposes of this policy the terms “personal data” and “personal information” have the same meaning and are used interchangeably.

Master Power Technologies takes the privacy of sensitive and personal information of all its stakeholders seriously. Master Power Technologies understands that sensitive and personal information is important to all stakeholders and is committed to protecting stakeholder privacy. Master Power Technologies’ Privacy Policy incorporates relevant legislation as a guideline for sensitive or personal:

  • Data Collection;
  • Data Retention and Security;
  • Data Usage and Disclosure;
  • Data Accessibility;
  • Data Correction; and
  • Data Breach Procedures.

Information Collected by Master Power Technologies

Master Power Technologies generally collects some or all of the following sensitive/personal information about individual stakeholders when they gain employment or provide information for business purposes:

  • Name, including any use of a pseudonym;
  • Address, phone details and email contact details;
  • Employment history;
  • Bank account details;
  • National identifiers;
  • Referee opinions;
  • Interview opinions; and
  • Any other information that is supplied on documentation or in communications with a Master Power Technologies representative.

How Master Power Technologies Obtains Data

Master Power Technologies obtains most personal information directly from an individual stakeholder, for purposes which may include (but not be limited to):

  • Employee management, including the screening of curriculum vitae;
  • Individuals utilising the Master Power Technologies website; and
  • Business purposes, including communication by phone, fax, email, in person or other methods of communication.

Master Power Technologies may also, with consent from the data subject, collect personal information from third parties, including:

  • Reference checks with referees; and
  • Through networking with peers.

The Purpose of Collection

Master Power Technologies collects sensitive and personal information about stakeholders to carry out its business functions and fulfil its obligations. These may include (but are not limited to):

  • The pursuit of legitimate business objectives;
  • Complying with government legislation (e.g., Master Power Technologies collects tax file numbers to comply with taxation requirements);
  • Meeting employment obligations to contractors and employees, which may include the processing of sensitive information (e.g., sick leave).

In addition, Master Power Technologies may occasionally be required by law to collect, use, and disclose personal information, for example, to comply with the requirements of government departments for business data or in support of a criminal investigation.

Collection, Use & Disclosure of Sensitive/Personal Information

Master Power Technologies may only collect, store, process or disclose personal data/information pertaining to an individual:

  • If it is lawful to do so;
  • By individuals authorised to do so in the course of their duties;
  • With the knowledge of the data owner of the personal data/information, unless
  • Directed otherwise by legal authority; or either
  • With the express or implied consent of the data owner, guardian of the data owner of the personal data/information, or individual legally authorised to act on behalf of the data/information owner; or
  • To satisfy a legitimate commercial purpose; or
  • If required to do so, meet a legislative or regulatory obligation.

Sensitive and personal information may be disclosed to:

  • Staff of Master Power Technologies responsible for administering the processes described above;
  • Health service providers in the event of the administering of emergency health services;
  • Related bodies and third parties for the administration and provision of selected benefits and services (e.g., training or policy administration); and
  • Statutory authorities that may require sensitive data as per legislative requirements.

Master Power Technologies may collect only the personal data/information that is required to effect the processing requirement.

 

Access, Correct, or Update Personal Information

Master Power Technologies must make reasonable attempts to ensure the accuracy of the personal data/information provided.

To the extent authorised by privacy legislation, Master Power Technologies must provide data subject access to review and amend sensitive/personal information held by Master Power Technologies. This may be for a reasonable administration fee, via existing communication channels.

Security of Sensitive & Personal Information

Master Power Technologies must take all reasonable steps to ensure that sensitive and personal information is held in a secure environment accessed only by authorised persons for approved business purposes.

However, no data processing can be guaranteed to be 100% secure. While Master Power Technologies strives to protect all sensitive and personal information from misuse, loss, and unauthorised access, Master Power Technologies cannot guarantee the security of any information transmitted to and from a data source or recipient. Once a transmission is received, Master Power Technologies will make the best effort to ensure its security in line with Master Power Technologies’ data handling procedures.

Notifiable Data Breaches

Master Power Technologies recognises the legislative requirements of the reporting of any breaches of personal or sensitive data/information.

As part of storing sensitive data/information, Master Power Technologies accommodates data security within its ICT framework.

Master Power Technologies will use its resources to the best of its capabilities to prevent any personal/sensitive information stored in its database from being passed to unsolicited third parties. Unfortunately, Master Power Technologies cannot provide a 100% guarantee that personal/sensitive information stored will not be obtained by unsolicited third parties.

In cases where Master Power Technologies has evidence that personal/sensitive information has been obtained by unsolicited parties, Master Power Technologies will:

  • Identify the cause of the breach;
  • Limit any further effects of any breach;
  • Remedy the breach;
  • Inform affected individuals;
  • Report any breaches to any relevant statutory authorities as required; and
  • Ensure Master Power Technologies enacts any further processes depending on the nature of the breach.

Education & Awareness

Master Power Technologies will incorporate the privacy policy into its induction pack, provide privacy training to staff dealing with personal data/information, and communicate privacy principles to all staff using awareness programs.

Privacy Enquiries

Data subjects may contact the information officer and/or the deputy information officer if they wish to:

  • Request access to, find out more about or seek amendment of personal data/information held by Master Power Technologies;
  • Enquire generally about privacy rights and obligations;
  • Provide suggestions or feedback in respect of Master Power Technologies’ handling of personal information; or
  • Make a complaint in relation to Master Power Technologies’ handling of personal information.

Responsibilities & Accountability

Below are the high-level functional responsibilities of the roles.

The responsible person for this policy is the Chief Executive Officer. Master Power Technologies reserves the right to monitor and audit networks and systems on a periodic basis to ensure compliance with this policy.

The CEO

  • The Board is responsible for ensuring that Master Power Technologies meets its legal, fiduciary, and business obligations to demonstrate compliance with privacy-related legislation and other related privacy practices.
  • The Board should provide the executive sponsorship of local and global privacy programs.

System Controller

  • Acts in accordance with the Regulation of Interception of Communications and Provision of Communication-Related Information Act, 70 of 2002 (RICA).
  • Establishes internal processes for the requesting of monitoring of indirect communications and ensures that key stakeholders utilise them.
  • Validates the legitimacy of requests to perform monitoring to protect the right to privacy of the data subject and to ensure Master Power Technologies remains compliant with the law.
  • Authorises or declines the monitoring request.
  • Where the requests are authorised, set limitations on the extent and duration of the monitoring as appropriate.
  • Perform assessments on occasion to ensure that monitoring limitations are adhered to.
  • Keep records of all monitoring requests and their outcome.
  • Liaise with Master Power Technologies’ legal function as requested when evidence of monitoring approval is required for investigatory purposes.
  • Liaise with authorities as required to provide evidence of the legality of monitoring operations.

Information Officer

  • Establish the Privacy Office, albeit virtual.
  • Liaise with external legal advisor(s) as required.
  • Define how to integrate “Privacy by Design” into system and product development.
  • Maintain a data privacy incident/breach response plan.
  • Maintain a breach notification protocol to affected data subjects.
  • Maintain a breach reporting protocol to regulators, credit agencies, and law enforcement.
  • Identify ongoing privacy compliance requirements, e.g., laws, case laws, codes, etc.
  • Track and address data protection issues identified through Privacy Impact Assessments (PIAs).
  • Integrate Data Privacy into Business Risk Assessments.
  • Maintain an inventory of personal data collected, retained and processed by Master Power Technologies.
  • Conduct due diligence around data privacy and security, including third-party service providers and contractors, as well as potential vendors/processors/acquisitions.
  • Training Master Power Technologies employees on the relevant privacy/compliance requirements.
  • Promote awareness of this policy.
  • Identify and evaluate the company’s data processing activities.
  • To perform data protection impact assessments.
  • Raise awareness and provide staff training for any employees involved with processing activities.
  • Provide a repository of privacy information/monitoring requests.

Employees

  • Exercise good judgement regarding the appropriate use of Master Power Technologies resources in accordance with Master Power Technologies policies, procedures, standards, and guidelines.
  • Master Power Technologies’ information assets and information must not be used for any unlawful or prohibited purposes.
  • Any Master Power Technologies data created by an employee on a Master Power
  • Technologies system remains the property of Master Power Technologies.
  • Master Power Technologies employees must take responsibility to familiarise themselves with and adhere to the requirements of this policy.
  • Any Master Power Technologies employee that processes personal information must always ensure and maintain the privacy of the personal information processed.
  • Master Power Technologies employees must notify the CEO and the information officer in the event that a breach is identified.

Cookie Policy

Master Power Technologies uses cookies. A cookie is a small piece of information stored on your computer or smartphone by the web browser. The two types of cookies used on the website are described below:

  • Session Cookies: These are used to maintain a so-called ‘session state’ and only last for the duration of your use of the website. A session cookie expires when you close your browser or if you have not visited the server for a certain period of time. Session cookies are required for the platform to function optimally but are not used in any way to identify you personally.
  • Permanent Cookies: These cookies permanently store a unique code on your computer or smart device hard drive in order to identify you as an individual user. No personal information is stored in permanent cookies. You can view permanent cookies by looking in the cookies directory of your browser installation. These permanent cookies are not required for the website to work but may enhance your browsing experience.