The Protection of Personal Information Act
The purpose of The Protection of Personal Information Act 4 of 2013 (hereafter ‘the Act’) is to give effect to the constitutional right to privacy. This is achieved by safeguarding personal information (PI) when processed by a responsible party, LNDR (Pty) Ltd (hereafter ‘the Credit Provider’), subject to justifiable limitations that are aimed at balancing the right to privacy against other rights, particularly the right of access to information; and protecting important interests, including the free flow of information within the Republic of South Africa and across international borders.
The Act regulates the manner in which PI may be processed, by establishing conditions, in harmony with international standards, that prescribe the minimum threshold requirements for the lawful processing of PI. Furthermore, it provides persons with rights and remedies to protect their PI from processing that is not in accordance with the Act.
It is important, however, to realise that the Act does not aim to stem the free flow of information. Its aim is to encourage such flows, but in a secure and responsible manner, finding a balance with the above-mentioned constitutional values. All Credit Providers are required to develop and implement a Privacy Policy (hereafter ‘Policy’) that informs existing and prospective clients how they process PI through various activities which could include collecting, receiving, recording, storing, updating, using, transferring or erasing PI.
The Credit Provider is committed to protecting existing and prospective client’s privacy and will ensure that their PI is used appropriately, transparently, and according to applicable law.
LNDR (Pty) Ltd is a registered Credit Provider NCRCP933 providing unsecured personal loans.
PI is information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including but not limited to:
- information relating to race, gender, marital status, ethnicity or social origin, age, disability;
- an identifiable number, email address, physical address, telephone number, identification number, location information, online identifier;
- biometric information;
- personal preferences, views or opinions;
- correspondence of a private or confidential nature;
- and a name if it appears with other PI relating to you or if disclosing your name itself will reveal information about you. Therefore, any information about human beings or companies will be deemed to be PI and must be protected by the FSP.1Processing the PI of a child is strictly prohibited, unless such child is legally competent or is assisted by a competent person.
The Credit Provider is responsible for the lawful processing of PI in accordance with the conditions described under chapter 3 of the Act, these principles include:
- Accountability;
- Processing limitation;
- Purpose specification;
- Further processing limitation (information should only be processed for the reason it was originally collected);
- Information quality;
- Openness;
- Security safeguards; and
- Data subject participation.
The Credit Provider is only able to collect as much information as is necessary to fulfil the intended purpose for which the information is collected. However, they can collect more information, for a further intended purpose, if they obtain the necessary consent2 from the individual3. The Credit Provider will collect and process PI to provide individuals with access to products and services of providers, with whom they have contractual agreements in place, and to help them improve their services to their clients.
The type of information collected will depend on the need(s) and will be processed for that specific purpose. Where possible, the Credit Provider will inform the individual as to the information they are required to provide and what information is optional. The Credit Provider may, with explicit consent, supplement the information that is provided with information they receive from other providers to offer a personalized and streamlined experience.
When an individual elects to engage with the financial proposal(s) being offered from the said service providers, these providers may require additional information as they will be subject to the same privacy regulations as this Credit Provider.
From time to time the Credit Provider will collect PI from trusted third parties, in which case it will ensure that the individual has provided consent for their PI to be disclosed to the Credit Provider.
The Credit Provider does not collect PI when using cookies as these are used to obtain information about when and how individuals use the Credit Provider’s website. A cookie is a small text file that is stored on a computer and it holds information such as the identity of the computer or device that was used to access the website, the server address, domain name, the time and date that the website was visited, pages, product and documentation that the individual accessed or viewed as well as the internet browser that was used The Credit Provider uses cookies so that it can provide a more personalised service, communication and products by better understanding its prospective and existing client base and their browsing behaviour to improve their website Internet browsers generally accept cookies automatically, but this setting can be changed to stop accepting them – you can also delete cookies manually. However, no longer accepting cookies or deleting them will prevent individuals from accessing certain aspects of the Credit Provider’s website where cookies are necessary. For more information about cookies go to www.allaboutcookies.org.
The Credit Provider may monitor and record any telephone call that occurs between themselves and an existing or prospective client made to or from their call centre. These calls are recorded to improve service delivery, record the individuals details to update them and or to meet any regulatory requirement The Credit Provider will not sell your PI and no PI will be disclosed to anyone except as provided for in this Policy.
Information that does not need to comply with the Act is personal information:
- Processed in the course of a purely personal or household activity;
- That has been de-identified to the extent that it cannot be re-identified again;
- Processed by or on behalf of the state and involving national security or the prevention and detection of criminal activities and offences;
- For exclusively journalistic purposes;
- Solely for the purpose of literary or artistic expression;
- Processed by certain government offices;
- Processed by courts.
‘Consent’ means any voluntary, specific, and informed expression of will in terms of which a data subject agrees to the processing of personal information relating to him or her.
Refer to Condition 4 (section 15 of POPI).
The Credit Provider will only use PI for the purposes which it was collected and agreed to. This may include:
- Providing products or services and carrying out requested transactions;
- or underwriting purposes;
- Assessing and processing claims;
- Conducting credit reference searches or verification;
- Confirming and verifying an individual’s identity;
- For credit assessment and credit management;
- For purposes of claims history;
- For the detection and prevention of fraud, crime, money laundering or other malpractice;
- Conducting market or customer satisfaction research;
- For audit and record keeping purposes;
- In connection with legal proceedings;
- Maintaining and constantly striving to improve customer relationships;
- Providing individuals with communications regarding the Credit Provider and regulatory matters that may affect you as a client or prospective client;
- Complying with legal and regulatory requirements or when it is otherwise allowed by law.
The Credit Provider will try its utmost to keep the PI collected as accurate, complete, and up to date as necessary for the purposes defined in this Policy, however, it may request you to update your PI.
The Credit Provider may disclose PI to the providers whose services or products clients elect to utilise, and there are agreements in place to ensure that the said providers comply with the Credit Provider’s privacy terms and conditions.
Under certain circumstances the Credit Provider may be required to disclose your PI if required to do so by law or in response to valid requests by public authorities, for example, a court or a government agency.
Furthermore, the Credit Provider may disclose PI if it believes in good faith that such an action is necessary to:
- To protect and defend the rights and property of the Credit Provider;
- To prevent or investigate possible wrongdoing in connection with a service provided;
- To protect the personal safety of users of the services provided or the general public at large;
- To protect against legal liability.
The Act requires the Credit Provider to adequately protect the PI held and avoid unauthorised access and use of PI. The Credit Provider will continuously review their security controls and processes to ensure that PI is secure.
However, because no method of internet transmission or electronic storage is completely secure the Credit Provider cannot guarantee its absolute security.
If the Credit Provider needs to transfer PI to another country for processing or storage they will ensure that any party to whom the PI is passed onto will treat this information with the same level of protection as required from this Credit Provider.
- You have the right to enquire from the Credit Provider (at no cost) whether they hold your PI (this information will only be provided once adequate proof of identity has been furnished);
- where necessary, request the correction or deletion of your PI;
- object to, restrict or limit the processing of your PI; and
- object to using your PI for purposes of direct marketing.
The Credit Provider can be contacted, and relevant information can be obtained on the numbers or addresses listed below:
Information Officer | |
Telephone number | 087 012 5461 |
Physical address | 087 012 5461 |
Telephone number | Cnr Lynnwood & Botterklapper, The Willows, Pretoria, Gauteng |
Email address | info@lndr.credit |
Website | https://lndr.co.za |
Please note that the Credit Provider may amend this Policy from time to time. Please check the website periodically to inform yourself of any changes.