1. PURPOSE AND SCOPE
1.1. LM Vervoer CC (“LM Vervoer”) provides transport- and agricultural- related services throughout South Africa.
1.2. In general, this policy indicates how and why we collect and process personal information.
1.3. Due to the nature of our business, we are necessarily involved in the collection, processing and disclosure
of personal information of clients, prospective clients and other persons who interact or attempt to transact
with us. Any person whose information we collect is known as a “data subject” in this policy.
1.4. We may collect and process personal information for any legitimate purpose, including (but not limited to)
the following: to ensure that we offer sound and professional services; to ensure the good upkeep,
development and safeguarding of our business; and to protect and promote our legitimate interests.
1.5. In compliance with the Protection of Personal Information Act 4 of 2013, we commit to processing the
personal information of data subjects lawfully and in a reasonable manner.
2. WHY WE COLLECT PERSONAL INFORMATION
2.1. In general, we will collect and process personal information as necessary for any legitimate purpose related
to (but not limited to):
2.1.1. Performance of any services requested of us;
2.1.2. Undertaking of any other activities requested of us;
2.1.3. Any further purpose ancillary to the performance of such services or activities;
2.1.4. Undertaking of know-your-client and related background checks, which may be required by law or which may be
2.1.5. Recruitment and related activities;
2.1.6. Marketing and related activities.
2.2. Although providing personal information is generally voluntary, we reserve the right to decline to transact or deal with
any person who fails to provide personal information which we have requested and which we deem necessary, in our
sole discretion. This will also apply to situations where consent is withdrawn or where a data subject objects to the
processing of personal information.
3. HOW WE COLLECT PERSONAL INFORMATION
3.1. Personal information is usually collected directly from a data subject or their representatives. We may collect
personal information through electronic communications, meetings, telephone calls and in general dealings with data
subjects or their representatives.
3.2. We may refer to a data subject’s website and any social media and online profiles, to better understand their
activities and ethos and to collect personal information from these and other public platforms.
3.3. We may collect personal information about data subjects from third parties where necessary. In this regard, we may
run checks on, inter alia, identity, criminal record and credit history.
3.4. We may monitor activity on any of our IT and electronic networks and our website and gather information about who
is visiting and using our website and how.
4. SAFEGUARDS AND STORAGE
4.1. We may store personal information physically and/or electronically (which may include cloud-based storage).
4.2. Our servers are located around the world, and personal information may be stored in any one of them.
4.3. We will take reasonable and appropriate measures to keep personal information secure, although we cannot
guarantee it’s absolute security.
4.4. We store and process personal information for so long as we maintain a business relationship or contact with such
data subject, and for so long as may be permitted by law thereafter.
This is to:
4.4.1. ensure that we maintain personal information of all data subjects who could benefit from our services and activities; and
4.4.2. carry out good record-keeping practices.
5. EMPLOYEES AND THIRD PARTIES
5.1. The firm’s owners, managers, employees and consultants will need to review, consider, verify and discuss the
personal information collected by it.
5.2. We may transfer or disclose personal information to third party contractors, subcontractors, and/or their subsidiaries and affiliates.
5.3. Examples of third party contractors we use are providers of IT services, website management, data backup, security, and cloud storage.
5.4. Where required by law, some or all of the personal information collected by us may be disclosed to any
governmental authority or regulatory body.
5.5. We may also disclose your personal information to third parties where necessary to carry out the services or
activities requested of us, or to protect our legitimate interests, including where the disclosure is necessary for us to
perform in terms of a contract or for the implementation of pre-contractual measures taken in response to a request from the data subject.
6. TRANS-BORDER INFORMATION FLOW
6.1.1. If we collect or process your personal information, your personal information may be transferred to and stored
outside South Africa or the country where you are located. This may include countries that do not have laws that provide
specific protection for personal information.
6.1.2. In general, the firm will not transfer personal information to a party in a foreign country, unless:
a) the data subject consents to the transfer, or
b) the transfer is necessary for us to perform in terms of a contract or for the implementation of pre-contractual
measures taken in response to a request from the data subject; or
c) the foreign country has a law that provides adequate protection; or
d) there is an agreement between the firm and the relevant foreign party that provides adequate protection; or
e) there are binding corporate rules that provide adequate protection.
7. DATA SUBJECT RIGHTS
7.1. We will take reasonable and appropriate measures to accurately record a data subject’s personal information as
provided by them or their representatives and make reasonable efforts to ensure that personal information is complete, accurate and not misleading.
7.2. Data subjects have the right to access their personal information and the right to request the correction, reduction or deletion thereof, subject to reasonable qualifications.
7.3. Any such request must be in writing and submitted to the information officer of the firm concerned.
7.4. Each data subject has the right to:
7.4.1. withdraw any of the consents given in relation to the processing of their personal information (however, we may continue to process the personal information to the extent necessary to implement a contract with the data subject, or to protect the legitimate interests of the data subject, or to protect our legitimate interest, or to comply with any legal obligation);
7.4.2. ask us to reveal what personal information we have relating to the data subject and who has had access to that
information (in which case we will respond as soon as reasonably practicable);
7.4.3. ask us to correct or delete any of their personal information, which is inaccurate, irrelevant, out of date, incomplete
or misleading (in which case we will respond by altering our records, or substantiating our records, as appropriate, as soon as reasonably practicable);
7.4.4. ask us to destroy or delete any of their personal information if it is no longer lawful for us to retain it (in which case
we will respond as soon as is reasonably practicable, allowing time for us to seek legal advice if necessary);
7.4.5. object to us processing any of their personal information where the processing is:
a) not covered by consent;
b) not necessary for carrying out a contract between us and the data subject;
c) not necessary to discharge a legal obligation or protect our legitimate interests, and provided that the data subject
has reasonable grounds for objection (in which case we will cease processing the personal information);
7.4.6. object to the processing any of their personal information to prevent any direct marketing by us (in which case we must cease processing the personal information for this purpose);
7.4.7. lodge a complaint to the Information Regulator at:
JD House, 27 Stiemens Street
PO Box 31533
Braamfontein, Johannesburg, 2017
Tel: 010 023 5207
Email: complaints.IR@justice.gov.za / firstname.lastname@example.org.