in accordance with the requirements as prescribed in
the Protection of Personal Information Act No. 4 of 2013 (POPIA).
Parklands College is committed to protecting the privacy of personal information in accordance with the requirements as prescribed in the Protection of Personal Information Act No. 4 of 2013 (POPIA). The Act introduces measures to ensure and safeguard the right to privacy weighed up against the right to access of information as well as the sharing of personal information. It furthermore aims to provide everyone’s right to privacy as enshrined in the Constitution and offers protection and recourse to those whose personal information rights are infringed.
The standards set out in the Act require companies to protect personal information obtained for administrative purposes and impacts the collection, handling, retention, dissemination and disposal of such data.
The eight conditions or guiding principles that must be complied with are:
This policy covers all information collected by the College in order to carry out normal school operations as dictated by the various Acts governing educational institutions. In terms of POPIA, we are required to take reasonable practicable steps to inform all data subjects as to certain matters relating to their personal information, which is set out in this policy. By engaging with us and providing us with your personal information you acknowledge that you have read and understood this policy, agree to its contents and permit and consent us to take the actions set out herein in relation to your or your child’s personal information submitted.
The complete list of definitions is to be found in the Protection of Private Information Act No. 4 of 2013.
|Biometrics||Personal identification based on physical, physiological or behavioural characterization, eg. fingerprinting, retinal scanning and voice recognition|
|Child (learner)||A natural person under the age of 18 years|
|Consent||Any voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information|
|Data subject||Means the person to whom personal information relates. Data subjects may include, but are not limited to: learners and students; prospective learners and students; applicants; alumni; employees and employee candidates; visitors; suppliers and members of the public.|
|Electronic communication||Means any text, voice, sound or image sent over a network|
|Information Officer or Deputy Information Officer||Relating to a public body means an information or deputy information officer as contemplated in terms of section 1 or 17; or Relating to a private body means the head of a private body as contemplated in section 1 of the Promotion of Access to Information Act. The Information Officer may appoint Deputy Information Officers to assist in complying with the Act.|
|Operator||Means a person who processes personal information for a responsible party|
|College (School)||Means Parklands College and Christopher Robin Pre-Primary|
|PAIA||Promotion of Access to Information Act, 2000 (Act No. 2 of 2000)|
|Person||Means a natural person or a juristic person|
|Personal Information and Special Personal Information||Means information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person, included but not limited to:|
•Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
•Information relating to the education or the medical, financial, criminal or employment history of the person;
•Any identifying number, symbol, email address, physical address, telephone number, location, online identifier or other particular assignment to the person;
•Biometric information of the person;
•Personal opinions, views or preferences of the person;
•Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
•The views or opinions of another individual about the person;
•The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal personal information about the person; and
•With regard to Special Personal Information, personal information as set out in section 36 of POPIA
|Processing||Refers to any act that can be performed when handling personal information. POPI defines processing to include collecting, recording, organizing, updating, storing, distributing, destroying or deleting personal information.|
|Record||A record is a form of collating information, regardless of the medium on which it is recorded, that is under the control of a responsible party|
|Regulator||The Information Regulator established in terms of section 39 of the Act|
|Responsible party||Refers to a public or private body and any other person who determines the purpose and means of processing personal information in their possession|
Personal information is gathered from submissions to the College. This applies to learners via their parents/guardians, students, employees, candidate employees and other data subjects.
The personal information is collected in order to conduct and meet the minimum standards required for the function and activity of the day-to-day operation of the College and is specific for the purpose for which it is collected. Only the personal information that is adequate, necessary, relevant and not excessive will be collected in terms of the provisions of POPIA.
The collection and processing of personal information for data subjects may include the following:
The collection and processing of special personal information includes:
The data subject personal information (including prospective learners, students and employees) is collected from the data subjects and could be in the form of paper-based or electronic information, recorded on application forms, emails, CV’s and website enquiries.
The College shall ensure that all agreements in place with suppliers and other third parties in terms of which they are required to collect and use personal information shall adhere to the terms of this policy and that there will be a mutual understanding regarding the protection of such personal information.
Personal information is processed in order to conduct and meet the minimum standards required for the function and activity of the day-to-day operations of the College. This will be done lawfully and in a reasonable manner that does not infringe on the privacy of a data subject.
Parent/guardian, learner and student information is processed for the purposes of, not limited to:
Employee information is processed for the purposes of, not limited to:
Parent/guardian consent is required for all information pertaining to a learner. Any identifiable information regarding a person under the age of 18 years is considered Special Personal Information.
Other data subject information is processed for the purposes of, not limited to, performing business activities such as buying, services or installation bookings, deliveries, payments and marketing.
The processing of information is not used for any other purpose other than for the purpose for which it was specifically collected without the written permission and consent of the data subject.
In general, personal information is retained as per the prescribed norms and applicable restriction is placed upon archived information and records.
The College will retain data subject personal information in its databases and systems for a period of seven years from the last day of enrolment/termination of services. After this period, only basic information will be retained, such as parent/guardians, learners and students names, system identification numbers and academic records. This is in order to retain the integrity of our historical data.
Data subject biometric data will be removed from College biometric attendance systems at the end of the last day of a data subject’s enrolment/employment at the College pending outstanding Finance department queries.
After the above-mentioned retention periods, the College will destroy and/or render unusable the personal information that is no longer required, unless the provisions of section 14 of POPIA apply.
In compliance with the requirements of the Act, Parklands College is required to appoint an Information Officer (and Deputy Information Officers) and register the individuals with the Information Regulator.
The duty of these officers is, but not limited to, ensuring that the College complies with the provisions of the Act by monitoring and implementing codes of conduct issued by the Information Regulator.
The officer will deal with any requests made under the Act as well as the Promotion of Access to Information Act (PAIA) (Act No 2 of 2000) and assist the Information Regulator with any investigations conducted in respect of the College.
Furthermore, they are required to develop, implement, monitor and maintain a compliance framework within the College to ensure lawful processing and create internal awareness amongst relevant staff with regard to the requirements of the Act.
Data subjects have the right to request correction or deletion of personal information or destruction or deletion of record of personal information by submitting the applicable forms contained in the POPIA and PAIA regulations. The Information Officer can offer assistance in this regard.
Data subjects have the right to have their personal information processed lawfully and should be informed of the purpose for which the information is being collected.
They have the right to establish what information the College holds and request the correction of the personal information where necessary.
Data subjects have the right to be informed if their information has been accessed/acquired by an unauthorized person.
The College strives to safeguard personal information in its possession through policies and procedures and technical measures that have been put in place. It remains the objective of the College to identify all reasonably foreseeable internal and external risks and to continuously verify the effectiveness of those measures against new risks that may arise.
If you would like to discuss anything regarding this privacy notice, or have any queries relating to POPIA you can:
Should you believe we are processing your personal data with disregard to the data protection regulations in force, any claim can be sent to our Information Officer (as listed above) or to the Information Regulator who can be contacted below:
Telephone number +27 (0) 10 023 5200, Cell No. +27 (0) 82 746 4173 or by email at: complaints.IR@justice.gov.za or firstname.lastname@example.org.
The College may need to update this privacy notice periodically. Please review this information frequently.