Privacy Policy
1. PURPOSE AND SCOPE
- Moore South Africa (Pty) Ltd (“Moore SA”) comprises a network of member firms, companies and practitioners that provide accounting, audit, tax, advisory and other professional services throughout South Africa (“member firms”).
- A list of member firms can be requested by using the contact details herein.
- The member firms are part of an international network of firms offering similar services. Moore Global Network Limited (a company based in the United Kingdom), and each member of the global network, is a separate and distinct legal entity, with no authority to bind or otherwise obligate any other member.
- This privacy policy relates to Moore SA and each separate member firm in South Africa. Moore SA and each member firm is separately responsible for its own privacy-related obligations.
- Use of the words “we”, “us”, “our” or “the firm” will mean each separate individual member firm, or Moore SA, as may be relevant in each case.
- In general, this policy indicates how and why we collect and process personal information.
- Due to the nature of our business, we are necessarily involved in the collection, processing and disclosure of personal information of clients, prospective clients and other persons who interact or attempt to transact with us.
- Any person whose information we collect and process is known as a “data subject” in this policy.
- We may collect and process personal information for any legitimate purpose, including (but not limited to) the following: to ensure that we offer sound and professional services; to ensure the good upkeep, development and safeguarding of our business; and to protect and promote our legitimate interests (collectively, the “Moore Purpose”).
- In compliance with the Protection of Personal Information Act 4 of 2013, we commit to processing the personal information of data subjects lawfully and in a reasonable manner.
2. THE DATA SUBJECT’S CONSENT
- We may collect, process, disclose, store or otherwise deal with your personal information as described in this privacy policy and/or as may be necessary to fulfil the Moore Purpose.
- If you have any concerns regarding any aspect of this privacy policy as it relates to the treatment of your personal information, please do not engage with us or use any of our websites and services.
- We may, where permitted or required to do so by any applicable law, process a data subject’s personal information without its knowledge or permission, if sufficient grounds of justification are present, and we will do so in accordance with the provisions of this privacy policy.
3. WHY WE COLLECT PERSONAL INFORMATION
- Personal information refers to information pertaining to an identifiable, living, natural person or (if applicable) an identifiable, existing juristic person. The type of personal information we collect and process will depend on the nature of the data subject’s relationship or interaction with us.
- We may process the following types of personal information (this is not a closed list):
- Identity information, including name, identity number, copies of identity documents, marital status, gender, race and medical history;
- Contact information, including telephone numbers, email addresses and physical addresses;
- Financial information, including banking details, assets and liabilities, salary and income, tax records and credit history;
- Employment records;
- Education and qualification records.
- In general, we will collect and process personal information as necessary for any legitimate purpose related to the Moore Purpose, including (but not limited to):
- Performing any services requested of us;
- Undertaking any other activities requested of us;
- Any further purpose ancillary to the performance of such services or activities;
- Undertaking of know-your-client and related background checks, which may be required by law, or which may be industry practice;
- Conducting conflict checks amongst any members of the Moore network, whether or not in South Africa;
- Recruitment, employment and related activities;
- Marketing and related activities.
- Although providing personal information is generally voluntary, we reserve the right to decline to transact or deal with any person who fails to provide personal information which we have requested and which we deem necessary, in our sole discretion. This will also apply to situations where consent is withdrawn or where a data subject objects to the processing of personal information.
- It certain circumstances, we are legally obligated to collect and process personal information, e.g., where required by FICA (the Financial Intelligence Centre Act of 2002) and related regulations, as well as laws relating to the Anti-Money Laundering, Counter-Terrorism Financing and Counter-Proliferation Financing regulatory regime.
4. HOW WE COLLECT PERSONAL INFORMATION
- Personal information is usually collected directly or indirectly from a data subject or their representatives. We may collect personal information through electronic communications, meetings, telephone calls and in general dealings with data subjects or their representatives. All electronic communications are subject to our Moore SA Disclaimer which can be accessed here.
- We may refer to a data subject’s website and any social media and online profiles, to better understand their activities and to collect personal information from these and other public platforms.
- We may collect personal information about data subjects from various third parties, such as employers, recruiters, background check service providers and publicly available sources. We may run checks on, amongst other things, identity, criminal record and credit history, past employment history, academic qualifications and integrity.
- We assume that all personal information supplied to us is supplied in compliance with applicable law. We will accept no liability whatsoever if any personal information received by us in good faith was provided in contravention of applicable law.
- We may receive personal information relating to various data subjects from certain persons (responsible parties), on whose behalf we act as an operator, e.g., when performing outsourced payroll functions. It is the responsibility of the person supplying the personal information to ensure that is supplied pursuant to a legitimate purpose and in accordance with applicable law.
- We may monitor activity on any of our IT and electronic networks and our website and gather information about those persons visiting and using our website and how, in order to fulfil the Moore Purpose. We may also do so by making use of Cookies. The Moore SA Cookie Policy is available here.
5. SAFEGUARDS AND STORAGE
- We may store personal information physically and/or electronically (which may include cloud-based storage).
- Our servers are located around the world, and personal information may be stored in any one of them.
- We will take reasonable and appropriate measures to keep personal information secure, although we cannot guarantee its absolute security.
- We store and process personal information for so long as we maintain a business relationship or contact with such data subject, and for so long as may be permitted by law thereafter. This is to:
- ensure that we maintain personal information of all data subjects who could benefit from our services and activities;
- carry out good record-keeping practices; and
- to comply with any legal retention requirements imposed by law.
6. DISCLOSURE OF INFORMATION
- To carry out the Moore Purpose, the firm’s owners, managers, employees and consultants will need to review, consider, verify, discuss, maintain and store the personal information collected by it.
- To carry out the Moore Purpose, we may transfer or disclose personal information to third party contractors, subcontractors, and/or their subsidiaries and affiliates.
- Examples of third-party contractors we use are providers of IT services, recruitment platforms, website management, data backup, security, and cloud storage.
- Where required by law, personal information collected by us may be disclosed to governmental authorities or regulatory bodies.
7. TRANS-BORDER INFORMATION FLOW
- If we collect or process your personal information, your personal information may be transferred to and stored outside South Africa or the country where you are located. This may include countries that do not have laws that provide specific protection for personal information.
- We may disclose personal information to Moore Global Network Limited (in the United Kingdom) or to any other member of the global Moore network for the purposes of background and conflict checks.
- In general, the firm will not transfer personal information to a party in a foreign country, unless:
- the data subject consents to the transfer, or
- the transfer is necessary for us to perform in terms of a contract or for the implementation of pre- contractual measures taken in response to a request from the data subject; or
- the foreign country has a law that provides adequate protection; or
- there is an agreement between the firm and the relevant foreign party that provides adequate protection; or
- there are binding corporate rules that provide adequate protection.
8. DATA SUBJECT RIGHTS
- We will take reasonable and appropriate measures to accurately record a data subject’s personal information as provided by them or their representatives and make reasonable efforts to ensure that personal information is complete, accurate and not misleading.
- Data subjects have the right to access their personal information and the right to request the correction, reduction or deletion thereof, subject to reasonable qualifications.
- Any such request must be in writing and submitted to the information officer of the firm concerned.
- Each data subject has the right to:
- withdraw any of the consents given in relation to the processing of their personal information (however, we may continue to process the personal information to the extent necessary to implement a contract with the data subject, or to protect the legitimate interests of the data subject, or to protect our legitimate interest, or to comply with any legal obligation);
- ask us to reveal what personal information we have relating to the data subject and who has had access to that information (in which case we will respond as soon as reasonably practicable);
- ask us to correct or delete any of their personal information, which is inaccurate, irrelevant, out of date, incomplete or misleading (in which case we will respond by altering our records, or substantiating our records, as appropriate, as soon as reasonably practicable);
- ask us to destroy or delete any of their personal information if it is no longer lawful for us to retain it (in which case we will respond as soon as is reasonably practicable, allowing time for us to seek legal advice if necessary);
- object to us processing any of their personal information where the processing is:
- not covered by consent;
- not necessary for carrying out a contract between us and the data subject;
- not necessary to discharge a legal obligation or protect our legitimate interests,
and provided that the data subject has reasonable grounds for objection (in which case we will cease processing the personal information);
- object to the processing any of their personal information to prevent any direct marketing by us (in which case we must cease processing the personal information for this purpose);
- be notified when any security breach is suspected or has occurred, as well as the impact on them and the steps taken to mitigate the risks to data subjects as a result of the breach.
- lodge a complaint to the Information Regulator at:
JD House, 27 Stiemens Street Braamfontein
Johannesburg, 2001
PO Box 31533
Braamfontein, Johannesburg, 2017
Tel: 010 023 5207
Email:
complaints.IR@justice.gov.za
- The information Regulator has made available several guidelines and forms to be utilised and these are available here.
9. QUERIES
- Each firm will appoint an information officer. Each information officer is responsible as information officer only in respect of the member firm for which he or she is appointed.
- The details of each member firm’s information officer can be obtained from the Moore SA office by using the following email address: marline@mooresa.co.za.
- For queries relating to the processing of personal information, data subjects are requested to contact the relevant information officer.
10. REVISION HISTORY
- We may update this privacy policy at any time by publishing an updated version on our website. When we make changes to this policy, we will amend the revision date. The updated policy will apply from the effective date. We encourage you to review this policy regularly to remain up to date and informed.
Version |
Revision date |
Effective date |
V1 |
June 2021 |
30 June 2021 |
V2 |
November 2023 |
10 Nov 2023 |