1. Definitions
1. "consent" means the voluntary, specific and informed consent, which you in your capacity as Data Subject, may give to us, under certain circumstances, to process your Personal Information for a specified purpose;
2. "Data Subject" means you, the natural/juristic person to whom the Personal Information we process relates;
3. "Operator" is any person who processes your Personal Information on our behalf in terms of a contract or mandate, without coming under our direct authority;
4. "Personal Information" means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:
1. Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
2. Information relating to the education or the medical, financial, criminal or employment history of the person;
3. Any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
4. The biometric information of the person;
5. The personal opinions, views or preferences of the person;
6. Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence.
7. The views or opinions of another individual about the person; and
8. The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person;
5. "Policy" means this Privacy Policy;
6. “process” or "processing" means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including:
1. The collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
2. Dissemination by means of transmission, distribution or making available in any other form; or merging, linking, as well as restriction, degradation, erasure or destruction of information;
7. “purpose” means the reason for which your Personal Information needs to be processed by us;
8. "Responsible Party” means us, the person/entity who is processing your Personal Information.
2. Introduction
1. Futurewise Education (Pty) Ltd (“Futurewise Education", "we", "us" and "our") respects your right to privacy, security and online safety and we will only process, collect, use and retain your Personal Information in accordance with this Policy. We take our responsibility to protect your Personal Information very seriously and therefore this Policy describes how we handle and process the Personal Information we collect about you and/or receive from you.
2. We, in our capacity as a Responsible Party, will have to process your Personal Information in order to engage with you, and in doing so, are required to comply with POPIA, which regulates and controls the processing of Personal Information of a natural or juristic person in South Africa (also referred to as the “Data Subject”), which processing includes the collection, use, and transfer of a Data Subject’s Personal Information.
3. In terms of POPIA, Personal Information must be processed in a lawful, legitimate and responsible manner.
4. In order to comply with POPIA, a Responsible Party who processes a Data Subject’s Personal Information must:
1. Provide the Data Subject with details pertaining to the processing of the Personal Information; and
2. Get permission or consent, explicitly or implied, from the Data Subject, in order to process the Personal Information, subject to certain exclusions, such as:
1. In fulfilment of a contractual or legal obligation;
2. For a legitimate purpose or as is necessary to protect the legitimate interest(s) and/or for pursuing the legitimate interests of i) the Data Subject; ii) the person processing the Personal Information; or iii) that of a third party to whom the Personal Information is supplied; or
3. Is necessary for the proper performance of a public law duty by a public body or on behalf of a public body.
3. We are committed to ensuring that at all times we comply with the 8 conditions for lawful processing of Personal Information, and as such we ensure that at all times Personal Information is:
1. Processed fairly and lawfully, in accordance with legal standards applicable to such Personal Information;
2. Obtained only for specific lawful purposes;
3. Adequate, relevant and not excessive;
4. Accurate, and kept up to date;
5. Held for no longer than necessary for the purpose it was obtained for;
6. Processed in accordance with the rights of the Data Subject;
7. Is protected in appropriate ways, methodologies and procedures and according to suitable methods, both organisationally and technologically;
8. Is not disclosed or transferred or exported illegally, or in breach of any agreement with you.
3. Purpose of why we process your Personal Information
1. Your Personal Information will be processed by us for the following purposes:
1. Due diligence/legitimate purpose: To carry out any due diligence before we decide to engage or interact with you or to do business with you, including obtaining and verifying your credentials/information;
2. Contract purposes/assessment and conclusion of a contract: To investigate and determine whether we are able or willing to conclude a contract with you based on the findings of any abovementioned due diligence, and, if appropriate, to conclude a contract with you;
3. Attending to administrative and financial matters pertaining to any transaction: To administer accounts or profiles related to you, including but not limited to registrations, subscriptions, purchases, billing events, fees, costs and charges calculations, quoting, invoicing, receipt of payments or payment of refunds, reconciliations and financial management in general;
4. To process transactions and render/provide/receive products and services, or for the conclusion of a contract/s: To perform under any contract which has been concluded with you, including any action reasonable, necessary or incidental to fulfilling any contractual obligations, or exercising any contractual rights;
5. Communications: To make contact with you and to communicate with you generally or in respect of our or your requirements, or instructions;
6. Operational issues – compliance with laws and manage contracts: To communicate, enforce and ensure that compliance with any applicable laws, contracts or policies, including in relation to legal obligations, claims or actions or legal requirements and conducting investigations and incident responses, including reviewing your communications in these situations in accordance with any applicable laws, contracts or policies;
7. Security purposes: To permit you access to our offices, facilities, manufacturing or parking areas, as well as to controlled areas, for the purposes of monitoring via CCTV, your interaction and access in and from our facilities described above, and for general risk management, security and emergency incident control purposes as well as for data and cybersecurity purposes;
8. Internal research and development purposes: To conduct internal research and development for new content, products, and services, and to improve, test, and enhance the features and functions of our current products and services;
9. Sale, merger, acquisition, or other disposition of our business (including in connection with any bankruptcy or similar proceedings): to proceed with any proposed or actual sale, merger, acquisition, or other disposition of our business (including in connection with any bankruptcy or similar proceedings);
10. Marketing and electronic communications related thereto: To provide you with communications regarding us, our products and services and or other notifications, programs, events, reminders, or updates that might be applicable to you or that you register or ask for, and to send you offers, advertising, and marketing materials, including providing personalized advertising to you, save where you have opted out of this activity;
11. Risk assessment and anti-bribery and corruption matters: To carry out vendor, organizational and enterprise-wide risk assessments, in order to detect and prevent bribery, corruption, fraud and abuse, to comply with all applicable laws, as well as to identify and authenticate your access to and to provide you with access to our products, services or premises and generally to ensure the security and protection of all persons, and/or to exercise our rights and to protect our and others’ rights and/or property;
12. Legal obligations, litigation, insurance and public duties: To comply with the law and our legal obligations, including the requirements to register with Regulators, obtain and hold permits and certificates, register for, or verify details relating to, VAT, Tax, PAYE, SDL, COIDA and UIF, customs and excise etc, to submit legal or statutory reports or provide various regulatory or statutory notices or returns, to litigate and/or to pursue or defend legal claims or collections, to attend to insurance claims and related procedures, to respond to a request or order from a SAP official, investigator or court official, regulator, or public authority.
4. Personal/Other information we collect from you
1. In order to engage and/or interact with you, for the purposes described above, we will have to process certain types of your Personal Information, including but not limited to:
1. Your or organization’s contact information, such as name, alias, address, identity number, passport number, phone number, cell phone number, vehicle make and registration number, social media user ID, email address, and similar contact data, serial numbers of equipment, and other contact information including details of your employer, memberships or affiliations, such as the name of your employer or organization that you are a member of, information about your colleagues or those within your organization, your status with an organization, and similar data, which are required for various legitimate interest, contractual and/or lawful reasons;
2. Specific identifiers, which are required in order to protect legitimate interests, comply with legal obligations or public legal duties, or financial and credit history;
3. Account Information, including banking details, security-related information (including usernames and passwords, authentication methods, and roles), service-related information (including purchase history and account profiles), billing-related information (including payment, shipping, and billing information), and similar data, all which are required to perform contractual matters and/or in order to provide you with our products and/or services;
4. User Content, such as content of communications, suggestions, questions, comments, feedback, and other information you send to us, that you provide to us when you contact us, or that you post on our websites, applications, mobile applications, or social media portals or platforms including information in alerts, folders, notes, and shares of content), and similar data which are required to perform contractual matters and/or in order to provide you with our products and/or services or attend to queries;
5. Device and Browser Information, such as network and connection information (including Internet Service Provider (ISP) and Internet Protocol (IP) addresses), device and browser identifiers and information (including device, application, or browser type, version, plug-in type and version, operating system, user agent, language and time zone settings, and other technical information), advertising identifiers, cookie identifiers and information, and similar data, which are required to perform contractual matters and / or in order to provide you with our products and/or services or attend to queries or to ensure that security safeguards are in place;
6. Usage Information and Browsing History, such as usage metrics (including usage rates, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs), content interactions (including searches, views, downloads, prints, shares, streams, and display or playback details), and user journey history (including clickstreams and page navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information (such as scrolling, clicks, and mouse-overs), and download errors), advertising interactions (including when and how you interact with marketing and advertising materials, click rates, purchases or next steps you may make after seeing an advertisement, and marketing preferences), and similar data which are required to perform contractual matters and/or in order to provide you with our products and/or services or attend to queries or to ensure that security safeguards are in place;
7. Your Image, such as still pictures, video, voice, and other similar data, which are required to perform contractual matters and/or in order to provide you with our products and/or services or attend to queries or to ensure that security safeguards are in place;
8. Financial Information, such as billing address, credit card information, billing contact details, and similar data., tax numbers and/or VAT numbers, which are required to perform contractual matters and/or in order to provide you with our products and/or services or attend to queries or to ensure that security safeguards are in place and/or which are required to comply with applicable laws and public duties;
9. Career, Education, and Employment Related Information, such as job preferences or interests, work performance and history, salary history, status as a veteran, nationality and immigration status, demographic data, disability- related information, application information, professional licensure information and related compliance activities, accreditations and other accolades, education history (including schools attended, academic degrees or areas of study, academic performance, and rankings), and similar data, which are required for contractual or employment related matters, or which are required to comply with applicable laws and public duties;
10. Social Media and Online Content, such as information placed or posted in social media and online profiles, online posts, and similar data, which are required to perform contractual matters and/or in order to provide you with our products and/or services or attend to queries and generally for the purposes of advertising, marketing and related communications.
5. Sources of information: How and where we collect your Personal Information 
1. Depending on your requirements, we will collect and obtain Personal Information about you either directly from you, from certain third parties (such as your employer or regulators), or from other sources which are described below:
1. Direct Collection: You provide Personal Information to us when you, for example:
1. Use our websites, applications, mobile applications, or social media portals or platforms;
2. Interact/engage with us, or otherwise contact/attempt to contact us;
3. Enquire about, or search for our products or services;
4. Create or maintain a profile or account with us;
5. When you submit a request for quotation or tender or when you conclude a contract with us;
6. Purchase or subscribe to our products or services;
7. Use our products or services;
8. Purchase, use, or otherwise interact with content, products, or services from third party providers who we have a relationship with;
9. Create, post, or submit user content on our websites, applications, mobile applications, or social media portals or platforms;
10. Register for or attend one of our marketing or other events, functions, meetings, consultations, or locations;
11. Request or sign up for information, including marketing material;
12. Communicate with us by phone, email, chat, in person, or otherwise;
13. Complete a questionnaire, survey, support ticket, or other information request form.
2. Automatic Collection: We collect your Personal Information automatically from you when you:
1. Search for, visit, interact with, or use our websites, applications, mobile applications, or social media portals or platforms;
2. Use our products or services (including through a device);
3. Access, use, or download content from us;
4. Open emails or click on links in emails or advertisements from us;
5. Otherwise interact or communicate with us (such as when you request support or send us information, or when you mention or post to our social media accounts).
3. We only process Personal Information of children with the consent of a parent or guardian. You may not provide Personal Information to us if you are under the age of 18. If you are providing Personal Information on behalf of a spouse, dependent, parent, extended family, or child, you confirm that you are duly authorised and have the necessary consent to provide this Personal Information to us for processing.
6. How we share your Personal Information
1. We share Personal Information for the purposes set out in this Policy and with the following categories of recipients:
1. Us, our employees and our affiliates:
1. We may share your Personal Information amongst our employees and affiliates for business and operational purposes. Our employees and affiliates will process your Personal Information in accordance with this Policy and our Internal Data Privacy and Security Policy, a copy of which can be provided on written request.
2. Business Partners:
1. We may share your Personal Information and requests with our business partners to jointly offer, provide, deliver, analyze, administer, improve, and personalize products or services.
3. Third Party Service Providers:
1. We may share your Personal Information and requests with our third party service providers to perform tasks on our behalf and which are related to our relationship with you, including but not limited to financial, management and general operational or organisational service providers, and to assist us in offering, providing, delivering, analyzing, administering, improving, and personalizing such services or products; as well as those who provide technical and/or customer support on our behalf, who provide application or software development and quality assurance, who provide tracking and reporting functions, research on user demographics, interests, and behaviour, and other products or services. These third-party service providers may also collect Personal Information about or from you in performing their services and/or functions in relation to our services.
4. Advertisers:
1. We may share your Personal Information with third parties that we engage for advertising services, to deliver advertising, and to assist us in advertising our brand and products and services. Those advertising services may also target advertisements on third party websites based on cookies or other information.
5. Users:
1. We may aggregate information from any publicly available records/information, such as phone books, social networks, marketing surveys, business websites, reviews, and comments, for our business, operational, research, statistic, advertising, marketing, or general purposes.
6. In the Event of Merger, Sale, or Change of Control:
1. Your Personal Information may be transferred to a third-party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of ownership/control (such as the result of a bankruptcy proceeding).
7. Regulators and law enforcement agencies:
1. We may share your Personal Information in order to comply with any applicable law or regulation, to comply with or respond to a legal process, or upon request from law enforcement or government.
7. Protection of Information 
1. We shall preserve the security of Personal Information and, in particular, prevent its unauthorised alteration, loss and damage, or access by non-authorised third parties.
2. We will ensure the security and integrity of Personal Information in its possession or under its control with appropriate, reasonable technical and organisational measures to prevent loss, unlawful access and unauthorised destruction of Personal Information.
3. We have implemented physical, organisational, contractual and technological security measures (having regard to generally accepted information security practices or industry specific requirements or professional rules) to keep all Personal Information secure, including measures protecting any Personal Information from loss or theft, and unauthorised access, disclosure, copying, unauthorized use or modification.
4. Your Personal Information may also be stored electronically and/or in a hard copy format and will be accessible to persons employed or contracted by us, as is reasonably necessary for operational and business-related reasons.
5. Once your Personal Information is no longer required due to the fact that the purpose for which the Personal Information was held has come to an end, such Personal Information will be retained for a duration of time which ensures compliance with the following requirements:
1. Adhere to the terms and conditions of this Policy;
2. Fulfil the purposes described in this Policy, and our general business-related purposes;
3. Meet the timelines determined or recommended by regulators, professional bodies, or associations;
4. Comply with legal and contractual obligations; and
5. Comply with your requests.
6. Should you disclose your Personal Information to any third party other than us, we shall not be liable for any loss or damage arising or suffered by you as a result of the disclosure of such Personal Information to any third party. This is because we do not regulate or control how that third party uses your Personal Information. You should always ensure that you read the privacy policy of any third party prior to providing them with any of your Personal Information.
8. Data Retention and Data Destruction 
1. Data Retention as required under the POPI Act
1. Except for the exceptions as set out below, Futurewise shall, in accordance with provisions of section 14(1) of the POPI Act, ensure that it shall not keep records of Data Subjects personal information for a period longer than what is necessary for achieving the purpose for which the information was initially collected.
2. General exceptions to section 14(1) of the POPI Act
1. Where applicable, Futurewise shall retain records of its Data Subjects for a period longer that what is necessary as set out in sections 14(1) and 14(3) of the POPI Act, under the following circumstances:
1. As and when it is required or authorised to do so by law, which shall include any governmental regulation and/or legislation;
2. As and when it is reasonably required for lawful purposes related to Futurewise’s activities and/or functions;
3. As and when it is required to do so by contract, in so far as it relates to the Futurewsie’s activities and/or functions;
4. With the consent of the Data Subject; and
5. In accordance with the provisions of s 14(2) of the POPI Act.
2. Data Destruction in terms of sections 14(4) and 14(5) of the POPI Act
1. Covered Records: This section covers all the official records generated in the ordinary course of Futurewise’s operations and/or business, including but not limited to:
1. Typed, or printed hardcopy (i.e., paper) documents;
2. Electronic records and documents (e.g., email, Web files, text files, PDF files);
3. Video or digital images;
4. Electronically stored information contained on network servers and/or document management systems; and
5. Recorded audio material.
2. In terms of section 14(4) of the POPI Act, Futurewise undertakes to destroy or delete any record of personal information or de-identify it as soon as reasonably practicableafter it is no longer authorised to retain the record in terms of subsections 14(1) or 14(2) as indicated above.
3. In terms of section 14(5) of the POPI Act, Futurewise will ensure that the destruction or deletion of any record of personal information in terms of subsection 14(4) as indicated above, will be carried out in a manner that prevents its reconstruction in an intelligible form, this includes both hard copy and/or electronic copies of information.
9. Access by other and cross-border transfer
1. We may share your Personal Information for further processing with other parties, including but not limited to:
1. Our holding company or subsidiaries, auditors, organs of state, regulatory bodies and/or national government, credit bureaus, sub-contractors, persons to whom we cede our rights or delegate our authority to, third party service providers, agents, contractors, employees or law enforcement agencies.
2. Personal Information will only be shared in a justified manner and in order to comply with a regulatory requirement in terms of legislation or during a legal process or for a legitimate business purpose.
3. The disclosure of your Personal information will always be in terms of an agreement which will be concluded as between ourselves and the party to whom we are disclosing your Personal Information to, which contractually obliges the recipient of your Personal Information to comply with conditions relating to confidentiality, data security, and privacy law.
4. Where Personal Information and related data is transferred to a country which is situated outside of the Republic of South Africa, your Personal Information will only be transferred to those countries which have similar data privacy laws in place or where the recipient of the Personal Information concludes an agreement which contractually obliges the recipient to comply with conditions relating to confidentiality, data security, and South African privacy law.
10. Correction and Access to information
1. The Promotion of Access to Information Act (PAIA) together with POPIA provides an individual the right to access information that is held by a public or private body in certain instances. This right can be exercised as provided for in the Futurewise Education PAIA Manual on our website futurewise.co.za.
11. Your rights and obligations
1. As a Data Subject, you have certain rights, such as:
1. The right to data portability: should you want your Personal Information to be transferred to another party, you can request same by emailing us on info@Futurewise.co.za or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Port Info”.
2. The right to have your Personal Information deleted: where any overriding legal basis or legitimate reason to process your Personal Information no longer exists, and the legal retention period has expired, you may request that we delete the Personal Information, which can be done by emailing us on info@Futurewise.co.za or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Deletion of Info”
3. The right of access: You may ask us, free of charge, to confirm that we hold your Personal Information, or ask us to provide you with details, at a fee, of how we have processed your Personal Information, which can be done by either emailing us on info@Futurewise.co.za, or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Access to Information”.
4. The right to object to and restrict further processing: where we do not need your consent to process your Personal Information, but you are not in agreement with such processing, you can object to us processing such Personal Information, which can be done by emailing us on info@Futurewise.co.za, or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Objection to Processing Info”.
5. The right to rectification: You have the right to ask us to update or rectify any inaccurate Personal Information, which can be done by emailing us on info@Futurewise.co.za or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Rectification of Info”.
6. The right to withdraw consent: you have the right to withdraw your consent, which can be done by emailing us on info@Futurewise.co.za, or via our self-service portal on futurewise.co.za. If you are notifying us by email, we ask that you kindly make the subject line, “POPIA Request: Withdrawal of Consent”.
2. You also have the right to request us not to contact you for purposes of direct marketing by any form of electronic communication such as automatic calling machines, email and/or SMS notifications by “opting-out” of any direct marketing communications we may send to you.
12. Changes to this Policy 
1. We reserve the right to make amendments to this Policy from time to time and will use reasonable efforts to notify you of such amendments. We therefore encourage you to visit our Site frequently in order to keep abreast with any changes to both our Privacy Statement and this Privacy Policy. Copies of the Privacy Statement and Privacy Policy may also be requested at any time by emailing info@Futurewise.co.za. Kindly make the subject line, “POPIA Request: Updated Policy Documents”.
2. The current version of this Policy and the Privacy Statement will govern the respective rights and obligations between you and Futurewise Education each time that you access and use our website.
13. Acceptance
1. By providing us with any Personal Information as provided under this Policy:
1. You indicate your acceptance of our Policy and that you acknowledge that you understand why your Personal Information needs be processed;
2. You accept the terms which will apply to such processing, including the terms applicable to the transfer of such Personal Information cross-border, the terms contained in this Policy, and the terms contained in our Privacy Statement, accessible on our website at futurewise.co.za, which must be read as an extension to and part of this Policy. A copy of the updated Privacy Statement may also be requested at any time by emailing info@Futurewise.co.za. Kindly make the subject line, “POPIA Request: Updated Privacy Statement”;
3. Where consent is required for any processing as per the terms and conditions/requirements contained in these sources, you agree that we may process this particular Personal Information;
4. You confirm that you have shared this Policy and/or its terms and conditions with your employees, contractors and subcontractors and have received from them the required consent in order for you to provide us with their respective Personal Information for processing as provided for and described under this Policy, and where consent is required for any processing as reflected in this Policy, such persons have agreed that we may process their particular Personal Information.
2. The rights and obligations of the parties under this Policy will be binding on, and will be of benefit to, each of the parties successors in title and or assigns where applicable.
3. Furthermore, should any of the Personal Information concern or pertain to a natural/juristic person whom you represent, you confirm that you have the necessary authority to act on behalf of such person and that you have the required permissions required for the processing of that person’s Personal Information.
14. Complaints

If you feel that we are not living up to this Policy, or if you have any questions about this Policy, please contact us via our website www.futurewise.co.za or call 0800 388883.

Should you feel unsatisfied with our processing of your Personal Information, or about any complaint that you have made to us, you have the right to lodge a complaint with the Information Regulator at:

Physical Address: The Information Regulator (South Africa), JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
Postal Address: P.O Box 31533, Braamfontein, Johannesburg, 2017 Complaints email: POPIA.IR@justice.gov.za
General enquiries email: inforeg@justice.gov.za