Castlerock Managed IT Services Company Privacy Policy

The purpose of Castlerock Managed IT Services Company’s (“Castlerock’s”) privacy policy is to set out the basis on which Castlerock (“Us”, “We”, “Our”) process Personal Information. When visiting Castlerock’s website (https://www.castlerock.co.za/), Castlerock’s blog or Castlerock social network sites or pages (“our site”) or by utilising our services you are accepting and consenting to the practice described in this policy.

For purposes of the Protection of Personal Information Act 4 of 2013 (the Act), the responsible party referred to in the privacy policy is Castlerock. Our nominated Information Officer for the purpose of the Act is: Aidan Casserly.

Updated 29 November 2021

Information

The collection and processing of personal information will be by the following means:

Personal Information provided by you:

  1. By clicking on the contact us button on our site and providing the information requested;
  2. By telephoning Castlerock and providing personal information requested by personnel;
  3. When subscribing to one of our services;
  4. When subscribing to our newsletter;
  5. When you subscribe to receive updates from our blog, comments or discussion made to our blog posts;
  6. When making contact through one of our social media forums (including but not limited to Facebook, Twitter, LinkedIn);
  7. When you complete a Castlerock survey; and
  8. When you report any problem to Castlerock.

Personal Information collected by us about you via our site:

  1. Technical information, including the internet protocol (IP) address used to connect your computer to the internet; your login information (where applicable); browser type and version; time zone setting; browser plug-in types and versions; operating system and platform.
  2. Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time); services/ products you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks and mouse-overs); methods used to browse away from the page and any phone number used to call us as well as other useful technical information about your visit to our sites.

Personal Information received from other sources:

  1. We may receive information about you when you use any of the other services we provide or where you have authorised us to collect information from selected third parties. Any information gathered in this manner will carry your consent, as we would have informed you that, when we collected that information, it may be shared internally and/or be combined with other information
  2. We are also working closely with third parties (including, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

Reference to “consent”, “your consent” or “your explicit consent” shall include the clicking of “subscribe” or “send message” button or pressing the “ENTER” button to submit any information.

Cookies

  • Cookies may be used by us to better understand your use of our site. Cookies allow us to understand who has seen which pages, to determine how frequently particular pages are visited and to determine the most popular areas of our site.
  • Depending on the type of cookies we use (persistent or session cookies), cookies also allow us to make our site more user friendly, for example, permanent cookies allow us to save the user’s password so that he/she does not have to re-enter it every time he/she visits our site;
  • Please remember, cookies do not contain personal information such as your home address, telephone number or credit card details. However personal information that we store about you, as explained above, may be linked to the information stored in and obtained from cookies.
  • We do not exchange cookies with any third-party websites or external data suppliers;

Uses made of the information

We use the information held about you in the following ways:

Personal Information provided by you to us. We will use this information to:

  1. Carry out our obligations (whether day-to-day administration or project specific) arising from any contracts entered into between you and us and to provide you with the information and services you requested from us;
  2. Provide you with information about other services we offer that are similar to those that you have already acquired or enquired about;
  3. provide you, or permit selected third parties to provide you, with information about goods or services we feel may be of interest to you. It is important to note that, if you are an existing client, we will only contact you with information about services similar to those which were the subject of a previous service provision or service negotiations. If you are a new client, and where we permit selected third parties to use your information, we (or they) will contact you only if you have consented to this. If you do not want us to use your information in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your Personal Information for these purposes. Except as stated under this policy, we will not share your personal information with any third party;
  4. notify you about changes to our Services;
  5. ensure that Content from our site is presented in the most effective manner for you as well as your computer;
  6. deal with enquiries and complaints made by or about you relating to our site

Personal Information we collect about you. We will use the Personal Information:

  1. To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  2. To improve our site to ensure that content is presented in the most effective manner for you and for your computer;
  3. To allow you to participate in interactive features of our service (when you choose to do so);
  4. As part of our efforts to keep our site safe and secure;
  5. To make suggestions and recommendations to you and other users of our site.

Information we receive from other sources.

We may combine this information with information you give to us and information we collect about you. Depending on the types of information we receive, we may use this information and the combined information for the purposes set out above.

Submission of Personal Information on behalf of another:

It is important to note that if you provide information on behalf of someone else, then it is your responsibility to ensure that you have obtained the necessary consent from such person. Such consent must be obtained before making the information available to us. On receipt of personal information, we assume that the necessary consent has been obtained and will process the Personal Information as per our Privacy Policy. You indemnify us against any third-party claim where it is claimed that personal information has been processed without the necessary consent or other available exception under the Act.

We will only use your personal information received for another purpose when:

  1. You consent thereto; or
  2. It is in your interest, e.g. necessary to lessen or prevent a serious or imminent threat to life, health or safety; or
  3. Is required by law or for law enforcement purposes.

Where consent for the use and disclosure of personal information is required, Castlerock will seek consent from you directly.

Disclosure of your information

We may share the information with our personnel, business partners and sub-contractors so as to effectively perform our obligations to you.

We may share the information with selected third parties including:

  1. Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you
  2. Selected service providers to provide you with our services which include marketing material;
  3. Analytics and search engine providers that assist us in the improvement and optimisation of our site.

We may disclose the information to third parties:

  1. In the event that we sell or buy any business or assets, in which case we may disclose the information to the prospective seller or buyer of such business or assets.
  2. If we or substantially all of our assets are acquired by a third party, personal information held by us about our customers will be one of the transferred assets.
  3. If we are under a duty to disclose or share the information in order to comply with any legal obligation,
  4. In order to enforce or apply our terms of use applicable to any particular website of ours;
  5. To protect our rights, property, or safety, or that of our customers and other third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Security: Where we store your information

  1. The information that we collect from you may be transferred to, and stored at, a destination outside the Republic of South Africa (“RSA”). It may also be processed by staffs operating outside the RSA who work for us or for one of our suppliers or service providers. Such staff may be engaged in, among other things, the fulfilment of our obligations towards you, the processing of your payment details and the provision of support services. By submitting the information, you agree to this.
  2. We will take all steps reasonably necessary to ensure that the information is treated securely and in accordance with this privacy policy. And that said destination’s data protection legislation is similar to our POPI Act.
  3. All of the information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site (login facility), you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Should you share your password with anyone, you indemnify us against any damages or third party claims which resulted from said sharing;
  4. Records of the Personal information will not be retained for longer that is necessary for operational or archiving purposes, unless retention of record is required or authorised by law. Records of the information may be retained for periods in excess of those contemplated for historical, statistical or research purposes. This will be subject to us establishing appropriate safeguards (which can include de-identifying the records) against the records being used for any other purpose;
  5. Unfortunately, the transmission of information via the internet is not completely secure. We will use appropriate and reasonable technical and organisational measurements to protect the information, we cannot guarantee the security of your data transmitted to our site or to any other location by electronic means. Any transmission is at your own risk. However, once we have received the information, we will use appropriate and reasonable technical organisational measurements to try and prevent unauthorised access;

Social media platforms

  1. Communication, engagement and actions taken through external social media platforms that we, our directors or employees participate in, are subject to the specific terms and conditions and privacy policies of those social media platform.
  2. Our site may link to social media platforms or use such platforms as methods to login. It is important note that these platforms have their own terms of use and privacy policy which will apply to your use of the respective platforms. You must not breach these platforms policies when using them either through our site or in order to login is as directed by our site.
  3. We will never ask for personal or sensitive information through social media platforms. We encourage users, wishing to discuss sensitive details or to resolve issues/concerns, to contact us through primary communication channels (see our contact us page).

Our social networks page(s) may share web links to relevant web pages. By default some social media platforms shorten lengthy URL’s. You are advised to take caution and good judgement before clicking any shortened URL’s published on social media platforms by this website. Despite our best efforts to ensure only genuine URL’s are published, many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting shortened links.

Interception and monitoring of information

In order for us to deliver suitable security and check for viruses, we reserve the right to intercept, monitor, copy or block communications to and from our communication facilities (in accordance with the relevant provisions of law.

Your rights

  • Marketing: You have the right to ask us not to process the information for marketing purposes. Usually (before collecting your data) you will be informed if we intend to use your data Personal Information for such purposes or if we intend to disclose your Personal Information to any third party for the purpose of marketing. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise this right, at any time, by contacting us at Castlerock or use the unsubscribe functionality on our email communications.
  • Third party websites/social media sites: Our site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please read these policies before submitting any personal information to these websites.
  • Access to information: You have a right to see/access the information that we keep about you. You may instruct us to provide you with any personal information we hold about you upon receipt of a written request and payment of a fee as per the Promotion of Access to Information Act 2 of 2000 (“PAI Act”) (click here to view the PAI Act). It is important to take note that not all information requested may be disclosed. Disclosure of information shall take place in accordance with the PAI Act.
  • Protection of personal information: We may not process any personal information concerning you unless we have your prior consent to do so. It is important to take note that not all information may be prohibited from being processed or distributed. The processing of information shall take place in accordance with the Protection of Personal Information Act 4 of 2013 (“POPI” Act) (click here to view the POPI Act).

Quality of personal information

  • It is your responsibility to check the accuracy of the information prior to submitting it to us. On receipt of the information we assume that you have checked it and that the information is accurate;
  • Please contact us if the information that we hold about you needs to be corrected or updated. Take note that a request to update the information may take up to 48 (forty-eight) hours to execute.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on our site and, where appropriate (not obliged), notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.