1. Introduction:
Nimble Group (‘Company’, ‘we’, ‘us’, ‘our’) and all of its subsidiaries understand your concern about how we use your personal data. This policy explains how we collect, share and protect your personal information, what your rights are and how you may complain, as required by the Protection of Personal Information Act (“POPIA”), and our Company Code of Ethics.
This policy applies to all personal information that we process including personal and special information you give to us or which we may collect from third-parties. Some information fields will be mandatory if you want to use a product or service. This includes but is not limited to the following:
We may change the policy from time to time if the law or our business needs require it. The latest version will always be published on the websites.
2. Definitions:
3. Privacy:
Nimble takes your privacy and the protection of your personal information very seriously, and we will only use your personal information for the purposes for which it was collected, and in accordance with this Policy and applicable data protection legislation. It is important that you take all necessary and appropriate steps to also protect your personal information yourself.
4. Categories of Personal Information:
Different categories of Personal Information will be processed, depending on the reason for processing. Generally speaking we may process any or all of the following categories of Personal Information:
5. How we process Special Personal Information:
6. How we collect Personal Information:
You may provide Personal Information to us either directly or indirectly (via third-parties) by/when using our products and services in the following ways:
We may also collect your Personal Information from our group entities and its partners, credit providers, service providers or other third-parties that may hold such information.
Some Personal Information is automatically collected:
7. How we use your information:
We may use, transfer, share and disclose your personal information for the purposes of:
We may from time to time (and at any time) contact you about services, products and offerings available from Nimble or specific Group subsidiaries which we believe may be of interest to you, by email, phone, text or other electronic means.
8. Sharing information with third parties:
We will process and share your personal information with third-parties where:
Some of our subsidiaries share information with third-parties, including our clients, for purposes of services, updating information, collections, and tracing.
We may also share your personal information with third-party service providers, agents, contractors, employees, law enforcement agencies or business affiliates.
If we make use of third-party service providers to provide products or services to you or to provide products or services on our behalf, we will regulate these relationships contractually to ensure that they process your personal information according to the law. Third-party service providers may only use your personal information directly for the purposes for which we provided it to them.
We may also share your information for the following purposes:
9. Transferring personal information cross-border:
You agree that we may transfer your personal information cross border if our business interests require trans-border flow of information. This may typically happen where we have decided to store information with a trusted third-party in another country or where a service provider makes use of systems or processes cross border.
Where it becomes necessary to transfer data to other countries to ensure an ongoing service to our Customers; we will ensure that all appropriate measures are in place to comply with Data Privacy and Security Laws applicable to that country, ensuring the safeguarding of your personal data.
10. Retention of your information:
We will retain your personal information as required by law and/or physical requirements and for as long as necessary considering the purpose for which it was collected. Where we provide a service to a client, we will retain your information in accordance with the client’s instructions.
11. Security
We have implemented reasonable technical and operational measures to keep your personal information secure.
Nimble ensures that personal data is stored securely using modern software that is kept up-to-date.
Access to personal data is limited to personnel who need access and appropriate security is in place to avoid unauthorised sharing of information.
All our third-party suppliers must have appropriate Data Protection and Security measures in place that will comply with our Privacy Statements and rules if we choose to outsource any services.
When personal data is dehumanized this is done safely so that the data is irrecoverable.
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we will inform you by contacting you on the contact details we have available, by press release, or by any other reasonably suitable method. We will also report a data breach to the Information Regulator.
12. Your rights:
You may request details of personal information which we hold about you under the Protection of Personal Information Act, 2013 (“POPIA”). Fees to obtain a copy or a description of personal information held about you are prescribed in terms of the Promotion of Access to Information Act, 2000 (“PAIA”). Confirmation of whether or not we hold personal information about you may be requested free of charge.
You may at any time request that we update or correct your personal information by contacting our Information Officer at Informationofficer@nimblegroup.co.za and by submitting the prescribed Form 2 as per Regulation 3 of Information officer.
Please ensure that the information we hold about you is complete, accurate and up to date.
You have a right in certain circumstances to request the destruction or deletion or dehumanization of and, where applicable, to obtain restriction on the processing of personal information held about you. If you wish to exercise this right, please contact us using the contact details set out below.
You have a right to object on reasonable grounds to the processing of your personal information where the processing is carried out in order to protect our legitimate interests or your legitimate interests, unless the law provides for such processing.
13. Complaints
Should you believe that Nimble has utilised your personal information contrary to applicable laws, we request that you contact our Information Officer to attempt to resolve any concerns with us.
If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator, using the contact details listed below:
Website: https://inforegulator.org.za
Address: 27 Stiemens St, Braamfontein, Johannesburg, 2017
Contact number: 010 023 5200
Email: enquiries@inforegulator.org.za
14. How to contact us:
If you have any questions about this Policy, please contact our Information Officer at Informationofficer@nimblegroup.co.za.
Last updated August 23, 2023