Stedin School Privacy Notice
Introduction:
This Notice explains how we obtain, use and disclose your personal information in accordance with the requirements of the Protection of Personal Information Act, 4 of 2013 (POPIA). Stedin School is committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently.
Who we are:
We are an educational institute that offers quality education to children from Grade R to Grade 12.
When will we process your personal information:
In terms of POPIA the justification grounds which we base our processing on consist out of the following:
- The data subject or a competent person where the data subject is a child consents to the processing. Kindly note that you have the right to withdraw your consent;
- The processing is necessary to carry out actions for the conclusion or performance of a contract to which the data subject is a party;
- The processing complies with an obligation imposed by law on the business;
- The processing protects a legitimate interest of the data subject;
- The processing is necessary for the proper performance of a public law duty by the business; or
- The processing is necessary for pursuing the legitimate interests of the business or of a third party to whom the information is supplied,
Stedin School undertakes to obtain written consent wherever possible for the collection and processing of Personal Information; however, there are instances where such consent may be tacit or verbal and consent under these conditions should be recorded in writing at the time by the person collecting the Personal Information (Only when we rely on consent as a lawful basis of processing personal information).
Personal information will generally be collected directly from the data subject but we may process personal information from other sources subject to the provisions of Section 12 of POPIA.
Processing and Disclosure
Processing of Personal Information will be conducted only where the purpose is consistent/compatible with Stedin School‘s activities and objectives Your PI may be disclosed under the following circumstances:
- To our service providers who are involved in the delivery of product or services to you. They are required to comply with the provisions of the Act.
- Where we have a duty or a right to disclose in terms of law or industry codes. ∙ Where we believe it is necessary to protect our rights.
- Where such disclosure matches the legitimate purposes associated with each of the persons and organisations described above.
Further processing, if lawfully warranted, will only be carried out where it is compatible with the purpose of collection.
The information we collect:
Personal Information will be collected to meet, and further, the aims of Stedin School and especially the principal operating activity of the body as stated above. The definition of Personal Information is contained in Section 1 of POPIA, however in our context such will include, but not necessarily be limited to:
- Addresses, postal and physical
- Contact details including telephone/cell phone numbers and email addresses ∙ Banking details for payment of fee accounts
It is specifically noted that as an educational institution Personal Information of Children is key to the activities carrying out education including, where appropriate and, in accordance with Part C of the Act, Personal Information of children.
Website usage information may be collected using ‘cookies’ which allows us to collect standard internet visitor usage information.
Personal Information is collected from:
As the nature of Stedin School is founded on the relationship between people and these bodies, there are various persons, natural and juristic, who have an interest in being associated with each other. These include but are not necessarily limited to:
- Current pupils
- Staff members, present and past
- Parents, present and past
- Donors and benefactors
- Governmental institutions
How we store your personal information:
Condition 7 of POPIA sets out the principles for the security and safeguarding of Personal Information; however, in general terms, Stedin School in meeting its obligations thereunder will include:
- Minimising the number of electronic databases where Personal Information is stored. ∙ Limiting and consolidating where practical the number of hard-copy records.
- Restricting access to hard-copy records.
- Instituting and maintaining a variety of electronic safeguards which include:
- Firewalls
- Password protection
- Data encryption where appropriate and practical
- Securely shredding hard-copy data either internally or via a reputable third-party provider who will provide a certificate of safe destruction.
- Denaturing, de-identifying and deleting and prevent from reconstruction electronic records.
- Employing physical barriers such as locks, access control mechanisms and security cameras.
- Regard all Personal Information as confidential in nature and take all reasonable steps to prevent inappropriate disclosure whether accidentally or via unauthorised access
In maintaining and retaining Personal Information Stedin School shall have reference to:
- The retention of records in accordance with the law.
- The period for which Stedin School requires the Personal Information in order to carry out its activities;
- De-identify or destroy/delete Personal Information records in a responsible manner that precludes reconstruction once it has no further use for them. Where possible a certificate of destruction of records will be obtained.
Your data protection rights:
- You are entitled to access your personal data by sending a written request to Mrs T Viljoen – accounts@stchris.co.za.
- You may also request Stedin School to correct or supplement any of your personal data which Stedin School will undertake as soon as practicable.
- Request the destruction of your personal data. Mrs Viljoen (Information Officer) will consider your request in light of any other laws or regulations prohibiting Stedin School from destroying your personal data.
- Whilst it is your right to withdraw consent to our processing of your Personal Information, we draw your attention to the fact that such withdrawal may have unintended consequences relating to your contractual or other relationship with the Stedin School.
Integrity of Personal Information:
As we are required to ensure that the Personal information we hold is accurate, we request that you regularly update us, in writing, of any changes to your Personal Information so that we may amend our records accordingly.
Communication:
In the context of providing education, information relating thereto, particularly to parents who are not locally resident, the School need to employ the techniques afforded by modern electronic communication such as, but not limited to, specialist database platforms, bulk e-mails other similar e-notification methodologies, and social media. Should you wish not to be part of such communication, please notify us thereof in writing.
Amendments to the Privacy Notice:
Our business changes constantly and our privacy statement and our website terms and conditions will also change from time to time. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our website frequently to see recent changes. Unless stated otherwise, our current privacy statement applies to all information that we have about you and your account.
Contact details of Information Officer:
Name – Niel Van Daalen
E-mail – marketing@stedin.co.za
How to complain:
If you have any concerns about our use of your personal information, you can make a complaint to us at marketing@stedin.co.za
Should you believe that Stedin School has utilised your personal information contrary to Applicable Laws, you undertake to first attempt to resolve any concerns with Stedin School. If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator, using the contact details listed below.
Their contact details are as follows:
The Information Regulator (South Africa)
33 Hoofd Street
Forum III, 3rd Floor Braampark
P.O Box 31533
Braamfontein, Johannesburg, 2017
Complaints email: complaints.IR@justice.gov.za
Forms
In accordance with section 83(3)(d) of PAIA, the following forms are available to download:
Form 02: Request for Access to Record