PRIVACY POLICY

1. Introduction

1.1       CGF Research Institute (Pty) Ltd is a private company incorporated and registered (under registration number 2004/00744/07) in accordance with the laws of the Republic of South Africa, with our principal place of business at Randburg, Gauteng (“we”/”us”/”our”).

1.2       We take our obligations for the processing of personal information very seriously and we are committed to protecting your, our client’s (“you”/”yours”), privacy.

1.3       This privacy policy together with our website (bok.praefectus.co.za) terms of use, governs how we treat any personal information or personal data which we collect from you, or which you provide to us.

1.4       We confirm that we will take all reasonable measures to protect your personal information and personal data and to keep it confidential.

1.5       You agree that this privacy policy and our terms of use govern your use of our website. All disputes over privacy and your data will be governed as set out in this privacy policy, terms of use and our client license agreements.

1.6       We are a “responsible party”, as defined in the Protection of Personal Information Act No. 4 of 2013 (“POPI”) and we have appointed Mr. Terrance Booysen as our Information Officer in terms of POPI).

2.         Information we may collect from you

2.1       We may collect and process the following data or information from or about you:

2.1.1       Information which you provide when you communicate with us (by way of email, telephone or otherwise), or personal information (as defined in POPI) which you provide to us.

1. 1. 1. Information which you provide by filling in forms on our website. This includes information provided at the time of registering to use our website, subscribing to our service or our electronic and IP updates, posting material or requesting services. We may also ask you for information when you report a problem with our website.
      2. If you contact us, we may keep a record of that contact.
      3. We may ask you to complete surveys which we use for research purposes, although you do not have to respond to them.
      4. Details of transactions which you carry out through our website and of the fulfilment of your orders/purchases.
      5. Details of your visits to our website including, without limitation, traffic data, location data, weblogs and other communication data.

2.2       Where you provide us with personal information of a third-party data subject (for example, your company), you warrant that you have obtained all necessary consents from that data subject, including its consent for you to share its personal information with us.

2.3       You agree to provide accurate, truthful and current information, and not to impersonate or misrepresent any person or entity or falsely state or otherwise misrepresent your affiliation with anyone or anything. Failure to adhere to this requirement will entitle us to take the appropriate steps.

2.4       The supply of your personal information is voluntary, however, you acknowledge that we cannot complete or provide all services to you if you do not wish to supply that personal information.

2.5       By continuing to use our website you consent to processing, collection, storage, and use of the personal information you provide for any of the purposes set out in this privacy policy, and you consent to our collection of any changes or updates which you may provide, or which is collected by us. If you do not agree to our privacy policy, please do not use our website.

3.         Categories of personal information we may process

We may process the following categories of personal information about you:

1. 1. Personal identifiers, for example, name, surname, passport or national identity number.
   2. Contact details, for example, correspondence address, telephone number or email address.
   3. Client details, for example, details of individuals instructing us, employer details, personal information in any communication (including, without limitation, electronic correspondence and telephonic discussions), documents, evidence or other materials which we process in the course of providing our services; meeting details (including attendance; minutes and so on).
   4. Consent records, for example, details of any consent you may have given us (including, without limitation, the date, time and manner of consent and any related information).
   5. Financial information, for example, billing address, payment method, bank account number or credit card number, invoice records, payment records, SWIFT details, IBAN details, payment amount, payment date, and proof of payment.
   6. Data relating to website visits, for example, traffic data, location data, weblogs, your IP address, operating system, browser type, and other communication data.

4.         IP addresses and cookies

4.1       We may collect information about your computer, including where available, your IP address, operating system, browser type and Internet service provider, for system administration and to report aggregate information to our business partners and service providers. This is statistical data about our users' browsing actions and patterns and does not identify any individual.

4.2       For the same reason, we may obtain information about your general internet usage by using a “cookie file” which is stored on the hard drive of your computer. “Cookies” refers to information which is sent from our website to your hard drive where it is saved and contains information to personalise your experience on our website. In this way, the next time you use our website, we will know who you are and that you have previously visited our website. Cookies help us to improve our website and to deliver a better and more personalised service to you. They also enable us to:

1. 1. 1. estimate our audience size and usage pattern.
      2. store information about your preferences and allow us to customise our website according to your individual interests.
      3. speed up your searches.

4.3       You may refuse to accept cookies by activating the relevant setting on your browser. However, if you select this setting, you may be unable to access certain parts of our website. Unless you have adjusted your browser setting to refuse cookies, our system will issue cookies when you log on to our website.

4.4       Please note that our business partners and service providers may also use cookies, over which we have no control.

5.         How your information is used and disclosed

5.1       We use information collected from you or from a third-party or held about you to:

1. 1. 1. ensure that content from our website is presented in the most effective manner for you and for your computer;
      2. provide our services;
      3. provide you with information about products or services which we think may interest you;
      4. carry out our obligations in terms of any contracts entered into between us;
      5. respond to any queries you lodge;
      6. allow you to participate in interactive features of our website;
      7. notify you about changes to our services;
      8. maintain our internal administrative or client relationship management systems, including the use of third-party IT outsourced providers;
      9. carry out and manage our business operations and activities;
      10. carry out quality and risk management reviews and legal reporting obligations;
      11. in aggregate form, for internal business purposes including, for example, generating statistics and developing our strategic and marketing plans; and
      12. assist us in any future dealings with you.

5.2       We may also use your information or permit selected third parties to use your information, to provide you with information about products and services which may be of interest to you and we or they may contact you about these by post, telephone or e-mail.

5.3       If you are an existing client, we may contact you by electronic means with information about products and services similar to those which were the subject of a previous transaction with you.

5.4       We may exchange information with other parties for the purposes of fraud protection and credit risk reduction.

1. 1. We may disclose your personal information to third parties:

5.5.1       if we are under a duty to disclose or share your personal information to comply with any legal obligation;

1. 1. 1. to enforce or apply our terms of use or terms and conditions of contract and other agreements;
      2. to protect our, our other clients’ or third-parties’ rights, property or safety; and
      3. to assist us in providing you with our service or products.

5.6       We will be entitled to disclose your personal information to those of our affiliates, agents, advisors, employees or third-party service providers and suppliers who assist us to interact with you via our website, mobile communications or email, and need to know your personal information in to do so properly and efficiently. We will ensure that all those persons are bound by appropriate and legally binding confidentiality and non-use obligations in relation to your personal information.

5.7       If we are required to disclose your personal information due to legal or regulatory requirements, we reserve the right to do so as required to comply with our legal obligations, including, without limitation, to complying with court orders, warrants, subpoenas, service of process or discovery requests.

5.8       We may disclose information about our users to law enforcement officers or others, in the good faith belief that such disclosure is reasonably necessary to enforce this privacy policy, or protect our rights, property, or personal safety or the personal safety of our users or the general public.

5.9       We do not exercise control over third-parties’ privacy policies and you should refer to their privacy policies to establish how they protect your privacy.

6.         Protection of your personal information

1. 1. To protect your personal information, we will:
      1. treat it as strictly confidential;

6.1.2    take appropriate reasonable technical and organisational measures to keep it secure and protected against unauthorised or unlawful processing, accidental loss, destruction, damage, alteration, disclosure or access;

1. 1. 1. promptly notify you if we become aware of any unauthorised use, disclosure or processing of your personal information;
      2. provide you with reasonable evidence of our compliance with our obligations under this privacy policy on reasonable notice and request; and
      3. upon your request, promptly return or destroy any and all of your personal information in our possession or control (subject to any legal obligation on us to retain it).
   2. You agree that we may retain your personal information to fulfil the purposes explicitly set out in this privacy policy and for as long as:
      1. retention is required or authorised by law;
      2. we reasonably require it for lawful purposes related to our activities; or
      3. retention is required for any contract between us or retention is necessary for statistical or research purposes (subject to appropriate safeguards).

7.         Storage of your personal information

7.1       All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential.

7.2       As you know, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

8.         Cross border transfer

8.1       The data or information which we collect from you may be transferred to and stored at a destination outside the Republic of South Africa. It may also be processed by staff operating outside the Republic of South Africa who work for us or for our service providers. By submitting your personal data or information, you agree to such transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data or information is treated securely and in accordance with this privacy policy.

8.2       We will not transfer the data or information we collect from you and to a third-party outside the Republic of South Africa unless the third party is subject to a law, binding corporate rules (as defined in POPI) or a binding agreement (as defined in POPI) which provides an adequate level of protection in accordance with this privacy policy and which includes provisions which are substantially similar to those contained in this privacy policy in respect of the further transfer of your data or information unless you have consented to the transfer or the transfer is necessary for the performance of a contract between us.

9.         Your rights

9.1       You have the right to object to the processing of your personal information.

9.2       You have the right to access your personal information, including to correct factual errors, review or update information. Your request can be made by sending an email to us at [email protected]. Any access request may be subject to a fee to meet our costs in providing you with details of the information we hold about you.

9.3       Should you believe that we have processed your personal information contrary to legislation in the Republic of South Africa as read with this privacy policy, you undertake to first attempt to resolve any concerns by addressing a complaint in writing to our Information Officer. If you are not satisfied with the outcome of that process, you have the right to lodge a complaint with the Information Regulator. Our Information Officer is Mr. Terrance Booysen ([email protected]). The Information Regulator’s details are [email protected], JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001.

 10.      Links to other websites

Our website may, from time to time, contain links to third-party websites. If you follow a link to any of those websites, please note that we do not accept any responsibility or liability for their privacy policies. We do not exercise control over third parties’ privacy policies, and you should refer to their privacy policies to establish how they protect your privacy before you submit any personal information to their websites.

11.       Changes to our privacy policy

We reserve the right to change this privacy policy from time to time, and in our sole discretion. We may send you a notice regarding material changes to this privacy policy, but we encourage you to frequently check our website for our current privacy policy at any given time. Your continued use of our website will constitute your acceptance of the then applicable privacy policy.

12.       Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to our Information Officer at [email protected] with “Privacy Policy” in the subject line.

13.       Applicable law

This privacy policy will be governed by the laws of the Republic of South Africa. You consent to the jurisdiction of the South African Courts for any dispute which may arise out of this privacy policy.

14.       Copyright warning

The Copyright Act No. 98 of 1978, governs the making or printing of copies or other reproductions of the content of our website. No part of our website nor any content contained on our website may be copied or reproduced in whole or in part without our prior written consent. All rights are reserved.

Version Body

TERMS AND CONDITIONS OF USE

1.    Introduction

These terms and conditions (“Terms”) apply to the website located at bok.praefectus.co.za. The website (“Website” is owned by CGF Research Institute (Pty) Ltd) (“CGF”). 

The Website enables organisations and individuals who are CGF clients and who want to make use of the Website’s services (“Client”) to access a repository of governance, risk and compliance (“GRC”) information known as the Body of Knowledge®.  Such information has been aggregated from multiple sources and aims to educate any person accessing the Website (“User(s)”) on various GRC topics.  The Website does not purport to put forward any particular view on a GRC topic, but rather endeavours to present a collection of opinions and research for interpretation by the User.

CGF will not be liable for any interpretation outcomes, or any losses or damages sustained by the Client and/or Users in connection with the Use of information contained in the GRC repository.  CGF will be responsible for updating the Body of Knowledge® with relevant GRC information on a regular basis to ensure that the Client is kept abreast of GRC developments. 

These Terms constitute an agreement between CGF and the Client and are binding on everyone who chooses to access the Website, without qualification or exception. By using this Website, any User accessing the Website agrees to be bound by and shall be regarded to have accepted to abide by these Terms and acknowledges to have read and understood them. If the User does not agree to any of the Terms, the User should not enter, view or make use of the Website. 

2.    Use of and Access to this Website

CGF owns and operates this Website.

In order to access and use the Website, the User must have been approved and registered as a User by CGF and agree to these Terms as part of the onboarding process to verify the User.

Upon acceptance of these Terms by signing up to the Website, CGF grants the User a non-exclusive right to access and use the Website, which the User may not assign, sub-license, transfer and which license is granted to the User only and which license will not confer any rights of use of the Website to any third-party. 

CGF shall have the right to terminate the User’s license to access or use the Website, or a User’s registration to the Website, in the event that the User does not adhere to the Use restrictions and/or these Terms, or in the event of non-payment of the prescribed subscription fee by the Client.

All materials on this Website, including but not limited to text, graphics, user interfaces, visual interfaces, photographs, trademarks, logos, sounds, music, artwork and computer code (collectively, "Content"), including but not limited to the design, structure, selection, coordination, expression, "look and feel" and arrangement of such Content, contained on the Website are the property of CGF, the respective owner(s) and/or licensor(s) and are protected by law. Materials that are viewed, printed, and/or downloaded from this Website are to be used only for personal use and may not be used for any commercial purposes to derive profit. 

The User may not directly, or indirectly, attempt or use, reproduce, adapt, alter, distribute, monitor, modify, publish, upload, post, transmit or in any other way deal or interfere with the Website or Content, or any portion of the Website or Content, without CGF's prior written consent.  The use of such materials is strictly prohibited as such unauthorised use or reproduction may violate local and international copyright, trademark, or other laws. 

The User may not establish a hyperlink, frame, metatag, similar reference, whether electronically or otherwise, or any other reference to the Website or Content without the prior written consent of CGF. 

The User agrees not to use any device, software or routine to interfere or attempt to interfere with the proper working of the Website or any communication or transaction being conducted on the Website, or with any other user or visitor’s use of the Website.

3.    Access to Password-Protected or Secured Areas 

Access to and use of password-protected or secured areas of this Website is restricted to authorised Users only. Where necessary, the User will be asked to provide accurate and current information on all registration forms on this Website. If the User uses this Website, the User is entirely responsible for maintaining the confidentiality of the User’s account and password and for restricting access to the User’s computer and agrees to accept responsibility for all activities that occur under the User’s account. 

The User agrees to notify CGF immediately of any unauthorised use of the User’s account or password, or any other breach of security.

The User may not misuse or share the username or password, misrepresent identity or affiliation with an entity, impersonate any person or entity, or misstate the origin of any materials the User is exposed to through this Website. The User may not at any time use any other user’s password or account details without the express permission and consent of such user. The User may not by any means, directly or indirectly, attempt to gain unauthorised access to any portion or feature of the Website, or any other systems or networks connected to the Website, or to any of the services offered on or through the Website. CGF cannot and will not be liable for any loss or damage arising from the User’s failure to comply with these obligations.

If the User violates the obligations under this section, the User may be held liable for losses incurred by CGF.  

4.    Communications

All communications from the User to this Website, in the form of comments, questions, or general feedback, will be considered non-confidential and non-proprietary. The User agrees that any such communications will be deemed to be the property of CGF and CGF shall be entitled to full rights of ownership, including without limitation, unrestricted right to use or disclose such communications, for any purpose, without compensation to the User. 

CGF may provide users with forums where they can post content to our Website. CGF does not necessarily endorse, support, or agree with content posted by users. 

The User agrees not to post any unlawful, abusive, offensive, sexually oriented, obscene, defamatory, harassing, profane, or otherwise indecent information of any kind, including without limitation any communications that would constitute a criminal offense, give rise to civil liability, or violate local or international law, or infringe upon another person or organisation’s rights. The User acknowledges and agrees that it is solely responsible for the content of their communications and their legality under all laws. 

CGF undertakes to ensure that the Website used to deliver products and services in accordance with these Terms, will be maintained in a manner which ensures compliance with at least the minimum standard required by law and be of a standard no less than standards which comply with the international best practice for the protection, control and use of personal information.

5.    Third-Party Websites

The Website may contain links to other websites. CGF has no control over such websites and does not review or endorse their content and will not be responsible for their content or accuracy. The User’s accesses such websites at the User’s own risk and judgment.

6.   Privacy

CGF's Privacy Policy applies to use of this Website, and its terms are made a part of these Terms by this reference.

By accepting these Terms, the Client confirms that it has obtained consent to provide CGF with the names and email addresses of the person(s) who will be registered as Users of the Website.

7.   Updating of these Terms 

CGF reserves the right to change, modify, add to, or remove portions or the whole of these Terms from time to time. Changes to these Terms will become effective upon such changes being posted to this Website. It is the User’s obligation to periodically check these Terms on the Website for changes or updates. The User’s continued use of this Website following the posting of changes or updates will be considered notice of the User’s acceptance to abide by and be bound by these Terms, including such changes or updates. 

8.     Subscription Fees and Payment

The Client will be required to pay an agreed subscription fee for access to the Website and its services. Subscription fees will be quoted separately and will be dependent on the number of Users registered by the Client.

Subscription fees for the Use of this Website are payable monthly in advance and will be subject to annual escalation at CGF’s discretion.  The Client will pay all amounts invoiced to it by CGF within 30 (thirty) days of the date of each invoice, free of deduction or set off, by electronic funds transfer to the bank account directed by CGF in its invoices.

If any CGF invoice is not timeously paid, CGF will be entitled, without notice to the Client, without prejudice and in addition to any other right or remedy which it may have in accordance with these Terms or at law, to immediately suspend the carrying out of any or all of its obligations in terms of this agreement pending payment of the unpaid amount in full.

9.     Cancellation and termination

The Client agreement with CGF may be cancelled by either party giving one (1) calendar month’s notice.  User access to the Website will be terminated on the last day of notice.

10.   Disclaimer

Except as expressly provided for in these Terms, CGF does not make any representations or warranties of any kind, express or implied, in connection with the Website or any other services provided for under this agreement. Without limiting the foregoing, CGF disclaims any warranty that the Website will be error-free or uninterrupted, that all errors will be corrected or that the Website is fit for a particular purpose.

11.   Governing Law 

The entire provisions of these Terms shall be governed by and construed in accordance with the laws of the Republic of South Africa. Furthermore, the parties to these Terms hereby irrevocably and unconditionally consent to the non-exclusive jurisdiction of the courts of the Republic of South Africa in regard to all matters arising from these Terms.

12.   Questions and Information

For additional information and any queries regarding these Terms, please contact [email protected].

1.    Introduction

This cookie policy applies in relation to the website bok.praefectus.co.za (“Website”) and/or any other internet-based platform owned by CGF Research Institute (Pty) (Registration no. 2004/00744/07 (“CGF”). 

CGF uses cookies and similar technologies to collect and use information on its Website as set out in our Privacy Policy .

By accessing and using this Website, the person accessing the Website (the “User”) agrees to the use of cookies and similar technologies for the purposes described in this policy.

2.    What are cookies

To monitor and improve the Website, CGF may use technology to gather information about the User including details of the User’s operating system, browser version, domain name, and IP address (the IP address is a string of numbers that tells CGF which server the User is using).

The process of gathering the information as described immediately above uses a technology known as “cookies”. A cookie is a small file which asks permission to be placed on a User’s computer's hard drive. Once the User agrees to the use of cookies, the file is added and the cookie helps analyse web traffic or lets the User know when the User visits the Website. 

If the User does not wish CGF to collect the information, the User’s browser should allow the disablement of cookies.

3.    Why we use cookies

Cookies are used by CGF for the convenience of our Users. Cookies automatically authenticate the User. This enables CGF to recognise the User’s browser and capture and remember certain information so that CGF can offer better Website experiences, products, services and tools to the User in future.

CGF uses cookies to help it remember, process and compile aggregate data about Website traffic and Website interaction. Cookies also enable CGF to make the User’s usage of the Website faster and more secure. For example, CGF uses cookies to enable and support security features, keep the User’s account safe and to assist with detecting malicious activity and violations of CGF's Website Terms and Conditions .

4.    Consent to cookies

Most Web browsers are set up to accept cookies, although the User can reset their browser to refuse all cookies or to indicate when a cookie is being sent. 

A User can access the Website with the cookie feature turned off; however, in doing so the User may find themselves challenged for username and password information on multiple occasions. 

Please also note that some portions of CGF's Website may not work properly if the User refuses cookies.

5.    Questions and Information

For additional information and any queries, please contact [email protected].