We routinely use your personal information:
- To communicate and manage our relationship with you;
- To provide you with public services, as required or allowed by law;
- To manage security and access control to our buildings and facilities; and
- For record keeping and other administrative purposes, as required by law.
We will not provide your personal information to anyone else unless you consent thereto or one of the following exceptions applies:
- You would reasonably expect us to use the information for that purpose;
- It is legally required or authorised, such as by a law, or a court or tribunal order;
- It is reasonably necessary for an enforcement-related activity;
- We reasonably believe that it is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety;
- We have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in and we reasonably believe that it is necessary for us to take appropriate action in relation to the matter;
- It is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim; or
- The information is used only for historical, statistical or research purposes and is not published in an identifiable form.
When we share your personal information with selected service providers who work on our behalf, for specific defined purposes related to public services we provide we will ensure that appropriate protections of your personal information are in place with these third parties, in accordance with our obligations under the POPIA.
We are very careful with special personal information, and where practical, we usually group personal information together as aggregated data so that individuals cannot easily be identified.
Unless we have your clear informed consent or the law clearly allows us in certain limited circumstances, we will not:
- Sell or rent personal information;
- Use your personal information for purposes that are different, unusual or unexpected in relation to the reason for collecting it in the first place; or
- Share your personal information with third parties in circumstances other than the ones we have referred to above.
Storage and data security
We respect and protect your privacy and store your personal information according to generally accepted information security practices. We take all reasonable steps to protect the personal information held in our possession against loss, unauthorised access, use, modification, disclosure or misuse.
Storage of personal information (and the disposal of information when no longer required) is managed in accordance with the Western Cape Government records management regime as provided for in the Provincial Archives and Records Service Act of the Western Cape, 2005. When the personal information we collect is no longer required, we delete or destroy it in a secure manner, unless we are required to maintain it because of a law, or court or tribunal order.
Where a breach of personal information occurs we will notify the Information Regulator and affected individuals as required. We will aim to provide you with timely advice to ensure you are able to manage any loss—financial or otherwise—that could result from the breach.