Privacy Policy
- About us
- Mergon Foundation NPC is a non-profit company registered and operating in accordance with the laws of the Republic of South Africa, and situated at 3rd Floor, Mill Square, Cnr Andringa St and Plein St, Stellenbosch, 7600.
- About this privacy policy
- The purpose of this policy ("Privacy Policy") is to communicate how we process personal information relating to identifiable natural persons or existing juristic persons ("Personal Information"), and to share certain information required in terms of the Protection of Personal Information Act 4 of 2013 ("POPIA").
- This Privacy Policy describes how we process Personal Information in connection with our philanthropic, grant-making, and donor support activities (the "Activities") and also applies to the use of our informational website located at https://mergon.co.za/ (the "Website").
- We may update this Privacy Policy from time to time by publishing a revised version on our Website and Application, which shall take effect on the date of publication. Please be sure to keep yourself up to date with our latest Privacy Policy.
- This Privacy Policy should be read with any agreements, terms, policies and the like published by us in relation to our Activities. To the extent that any other binding document may conflict with our Privacy Policy, the former shall prevail.
- Should you have any questions about this Privacy Policy or how we process your Personal Information, you are welcome to contact us at popia@mergon.co.za (the "Privacy Mailbox").
- The types of Personal Information we process and how we obtain it
- Please refer to Annexure A for a detailed description of the categories of Personal Information we process, including the purposes for which it is collected and where we obtain it.
- Your supply of Personal Information to us is entirely voluntary and you are not compelled to do so under any law. We do however require certain information from you in order to consider requests you make to us in relation to our Activities (such as when applying for grant funding), as set out under Annexure A.
- Use of cookies
- Our Website uses a limited set of first-party cookies (small text files set by our Website directly and stored on your device) to help us understand how visitors use the site and to ensure that it operates properly. These tools may collect basic device or usage information which may be regarded as Personal Information under POPIA, but they do not identify you by name or collect contact details. We do not use cookies for advertising or marketing.
- You can manage or disable cookies at any time through your browser settings, although this may affect how the Website functions.
- Your right to update, correct, or delete your information
- You have the right to request access to the Personal Information we hold about you, to ask that any inaccurate, irrelevant, excessive, outdated, incomplete, or misleading Personal Information be corrected or updated, and to request deletion of Personal Information that we are not permitted to retain.
- If you wish to exercise any of these rights, please contact us at our Privacy Mailbox.
- Your right to object to the processing of your Personal Information
- You have the right to object to the processing of your Personal Information where such processing is based on our legitimate interests, your legitimate interests, or those of a third party, and there are reasonable grounds in your particular circumstances which justify the objection.
- If you wish to object to the processing of your Personal Information as described under this heading, kindly contact us at our Privacy Mailbox.
- Storage and security of your Personal Information
- We implement technical and organisational measures, in compliance with the requirements of applicable law, to ensure that the Personal Information in our possession remains confidential and secure against unauthorised or unlawful processing, and against accidental loss, destruction, or damage. Such measures include:
- restricting access to Personal Information to authorised personnel only, based on a need-to-know basis;
- the use of password protection and access controls on systems that process or store Personal Information;
- encrypting Personal Information during transmission over public networks;
- regular backups of Personal Information to prevent data loss;
- the use of reputable third-party hosting and infrastructure providers who implement industry-standard security controls;
- maintaining firewalls and antivirus or endpoint protection software on systems used in our operations;
- logging and monitoring of system access to detect and respond to security events; and
- ensuring that staff with access to Personal Information are bound by confidentiality obligations and receive basic data protection training.
- You acknowledge and agree however that there are inherent risks to the security of data in the use of electronic services. We accordingly do not guarantee that your Personal Information cannot ever be compromised, and you accept this risk by engaging with us.
- We implement technical and organisational measures, in compliance with the requirements of applicable law, to ensure that the Personal Information in our possession remains confidential and secure against unauthorised or unlawful processing, and against accidental loss, destruction, or damage. Such measures include:
- How we share your Personal Information
- Subject to compliance with POPIA, we may disclose your Personal Information as requested by you or as strictly necessary, including disclosure to:
- partner organisations, funders, or donors involved in the evaluation, approval, or administration of grant applications;
- service providers who support our operational, administrative, communication, or information-technology functions, including secure data hosting, storage, collaboration, and reporting tools;
- professional advisers, consultants, or auditors who assist us in fulfilling our governance and accountability obligations; and
- other third parties where disclosure is required or permitted by law.
- Some of our service providers and partners organisations are located outside of South Africa, and accordingly your Personal Information may be transferred outside of South Africa. We will only do so in accordance with the requirements for the lawful transfer of Personal Information outside of South Africa, as set out in POPIA.
- Subject to compliance with POPIA, we may disclose your Personal Information as requested by you or as strictly necessary, including disclosure to:
- Disclosures
- On rare occasions, we may be required to disclose your Personal Information because of legal or regulatory requirements. In such instances, we may disclose your Personal Information as required in order to comply with our legal obligations, including complying with court orders, warrants, subpoenas, service-of-process requirements, and/or discovery requests.
- We may also disclose Personal Information where such disclosure is reasonably necessary to protect or enforce our legitimate rights or interests, to respond to or defend legal claims, to prevent or address fraud or security concerns, or to enforce our policies or agreements.
- How to contact the Information Regulator
- Section 74(1) of POPIA provides that any person may submit a complaint to the Regulator in the prescribed manner and form alleging interference with the protection of the Personal Information of a data subject.
- Contact information of the Information Regulator:
|
Postal address |
JD House 27 Stiemens Street Braamfontein Johannesburg 2001 |
|
Telephone number |
+27 (0) 10 023 5200 |
|
Fax number |
086 500 3351 |
|
Email address |
|
|
Website |
We may place small text files on your device when you visit our website that allow us to provide you with a personalised experience by associating your personal information with your device. They let us remember your preferences, allow third parties to provide services to you, and otherwise serve useful purposes for you. Your internet browser generally accepts them automatically, but you can often change this setting or delete them manually by amending your browser settings. However, we won’t be able to provide you with access to certain aspects of our website where cookies are necessary, if you do so, we have no access to or control over any cookies that our business partners use on our website and they have their own privacy polices that govern them.
Protection of Personal Information Act of 2013 (“POPI”)
We are committed to protecting your privacy. Whenever you use our website, complete an application form or contact us electronically, you consent to our processing of your personal information in accordance with the requirements of POPI. In the event that you wish to revoke your consent, please send an email to popia@mergon.co.za.
