SmilingOne is the home of the Circles of Change™ Academy and our team of coaches & change agents.
THE COMPANY, its subsidiaries and affiliates (collectively “THE COMPANY”, “us”, “we”) understand the value of your personal information and the importance of protecting any and all personal information gathered by THE COMPANY.
This document describes how THE COMPANY collects and uses your personal information, who we share it with and your choices and rights with regards to your personal information.
The above mentioned applies to any information we collect from you in person or from a digital environment during any interaction, including our website, social media sites or mobile services, in writing or orally, and for any valid or lawful reason.
THE COMPANY adheres to the 8 conditions within the POPI Act for lawful processing:
- Accountability - The responsible party must ensure compliance with the POPI Act
- Lawfulness - The collection of personal information must not be excessive, it must be legally justifiable, and it must not be collected from third parties without good reason
- Purpose limitation - Personal information must only be collected in connection with a specific purpose and must not be stored for longer than necessary
- Restriction on further processing - Personal information may only be processed for a purpose other than that for which it was collected under specific conditions
- Information quality - Personal information must be complete and accurate
- Openness - Personal information must be processed in a transparent manner
- Security safeguards - Personal information must be processed securely and the responsible party must provide notification of any data breaches
- Data subject participation - People must be allowed to access their personal information and request that it is corrected or deleted if it is inaccurate
1. Collection of Information
THE COMPANY is subject to the Protection of Personal Information Act, No.4 of 2013 (“POPIA”), of which the provisions came into effect on 1 July 2020. All public and private entities have until 1 July 2021 to ensure that they are fully compliant.
According to “POPIA”, personal information is defined as any information relating to an identifiable, living, natural person and where applicable, an identifiable, existing juristic person, including, but not limited to:
- information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
- information relating to the education or the medical, financial, criminal or employment history of the person;
- any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignments to the person;
- the biometric information of the person;
- the personal opinions, views or preferences of the person;