Privacy policy

1.DEFINITIONS

In this Policy the following words and expressions bear the meanings assigned to them and cognate expressions bear corresponding meanings -


1.1 “TAU Mining” means group of companies:
(i) TAU Mining Consultants (Pty) Ltd;
(ii) TAU Mining Kalahari (Pty) Ltd;
(iii) TAU Klipspruit (Pty) Ltd;
(iv) TAU Mining Contractors (Pty) Ltd;

1.2 “Child” - means a natural person under the age of 18 years who is not legally competent, without the assistance of a competent person, to take any action or decision in respect of any matter concerning him or herself;

1.3 “Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Information under the control of or in the possession of TAU Mining;

1.4 “Data Subject” means the person to whom Personal Information relates;

1.5 “Direct Marketing” means to approach a person, by electronic communication, for the purpose of promoting or offering to supply, in the ordinary course of business, any goods or services to the Data Subject;

1.6 “Employees” means any employee of the TAU Mining;

1.7 “Operator” means a person or entity who Processes Personal Information for a Responsible Party in terms of a contract or mandate, without coming under the direct authority of that Responsible Party;

1.8 “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to -
a) information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
b) information relating to the education or the medical, financial, criminal or employment history of the person;
c) any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
d) the biometric information of the person;
e) the personal opinions, views or preferences of the person;
f) correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
g) the views or opinions of another individual about the person;
h) the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

1.9 “Policy” means this Privacy Policy;

1.10 “POPIA” means the Protection of Personal Information Act 4 of 2013;

1.11 “PAIA” means the Promotion of Access to Information Act 2 of 2020;

1.12 “Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including -
(a) the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
(b) dissemination by means of transmission, distribution or making available in any other form;
(c) merging, linking, as well as restriction, degradation, erasure or destruction of information.

1.13 “Regulator” means the South African Information Regulator established in terms of POPIA;

1.14 “Responsible Party” means a public or private body or any other person which alone or in conjunction with others, determines the purpose of and means for Processing Personal Information;

1.15 “Special Personal Information” means Personal Information concerning a Data Subject’s religious or philosophical beliefs, race or ethnic origin, trade union membership, political opinions, health, sexual life, sexual orientation, genetic information, biometric information or criminal behaviour;

1.16 “Third Party” means any independent contractor, agent, consultant, sub-contractor or other representative of TAU Mining;

1.17 “Website” means the TAU Mining website currently located at www.taumining.co.za.


2. PURPOSE OF THIS POLICY. CHANGES TO THIS POLICY

2.1 The purpose of this Policy is to inform Data Subjects about how TAU Mining Processes their Personal Information.

2.2 TAU Mining reserves the right to make amendments to this Policy from time to time and will use reasonable efforts to notify Data Subjects of such amendments, such as by posting prominent notice on the Website.


3. APPLICATION

3.1 TAU Mining, in its capacity as Responsible Party and/or Operator, shall strive to observe, and comply with its obligations under POPIA, as well as accepted information protection principles, practices and guidelines when it Processes Personal Information from or in respect of a Data Subject.

3.2 This Policy applies to Personal Information collected by TAU Mining in connection with the services and which we offer and provide. This includes information collected directly from you as a Data Subject, as well as information we collect indirectly through our Direct Marketing campaigns and online through our websites, branded pages on Third Party platforms and applications accessed or used through such websites or Third Party platforms which are operated by or on behalf of TAU Mining.

3.3 This Privacy Policy does not apply to the information practices of Third Party companies who we may engage with in relation to our business operations (including, without limitation, their websites, platforms and/or applications) which we do not own or control; or individuals that TAU Mining does not manage or employ. These Third Party sites may have their own privacy policies and terms and conditions and we encourage you to read them before using them.


4. COLLECTING PERSONAL INFORMATION

4.1 TAU Mining collects Personal Information directly from Data Subjects, unless an exception is applicable (such as, for example, where the Data Subject has made the Personal Information public or the Personal Information is contained in or derived from a public record) and/or in some cases, from Third Parties.

4.2 TAU Mining will always collect Personal Information in a fair, lawful and reasonable manner to ensure that it protects the Data Subject’s privacy and will Process the Personal Information based on legitimate grounds in a manner that does not adversely affect the Data Subject in question.


5. PROCESSING OF PERSONAL INFORMATION

5.1 Where TAU Mining is the Responsible Party, it will only Process a Data Subject’s Personal Information (other than for Special Personal Information) where -
5.1.1 consent of the Data Subject (or a competent person where the Data Subject is a Child) is obtained;
5.1.2 Processing is necessary to carry out the actions for conclusion of a contract to which a Data Subject is party;
5.1.3 Processing complies with an obligation imposed by law on TAU Mining;
5.1.4 Processing protects a legitimate interest of the Data Subject;
5.1.5 Processing is necessary for pursuing the legitimate interests of TAU Mining or of a third party to whom the information is supplied; and/or
5.1.6 Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in TAU Mining.

5.2 TAU Mining will only Process Personal Information where one of the legal bases referred to in paragraph 5.1 above are present.

5.3 TAU Mining will make the manner and reason for which the Personal Information will be Processed clear to the Data Subject.

5.4 Where TAU Mining is relying on a Data Subject’s consent as the legal basis for Processing Personal Information, the Data Subject may withdraw his/her/its consent or may object to TAU Mining’s Processing of the Personal Information at any time. However, this will not affect the lawfulness of any Processing carried out prior to the withdrawal of consent.

5.5 If the consent is withdrawn or if there is otherwise a justified objection against the use or the Processing of such Personal Information, TAU Mining will ensure that the Personal Information is no longer Processed.

5.6 TAU Mining does not transfer personal information to another person or institutions unless the data subject or legislation permits such transfer.


6. PURPOSE OF COLLECTING AND PROCESSING PERSONAL INFORMATION

TAU Mining collects and processes personal information for, amongst others, the purposes, including (but not limited to):
a) providing its services to the Data Subject for Direct Marketing purposes from time to time;
b) in case when personal Information is processed in order to comply with obligations imposed on the TAU Mining under the Based Black Economic Empowerment Act 53 of 2003;
c) to comply with orders of court;
d) to process applications for employment, for recruitment and general employee management;
e) to process applications of service providers;
f) for marketing requirements;
g) for conclusion and management of various contracts;
h) personal Information is processed for employment-related purposes, determining Employment Equity Act 55 of 1998 statistics;
i) to respond to any correspondence that the Data Subject may send to TAU Mining, including via email, Website or by telephone;
j) in connection with the execution of payment processing functions, including payment of TAU Mining’s suppliers’ invoices;
k) for purposes of interacting with you on our Website and generally monitoring your use our Website, including for purposes of improving same;
l) any further purpose ancillary to the performance of services or activities.


7. SPECIAL PERSONAL INFORMATION. PERSONAL INFORMATION OF CHILDREN

7.1 Special Personal Information is sensitive Personal Information of a Data Subject and TAU Mining acknowledges that it will generally not Process Special Personal Information unless:
(i) processing is carried out in accordance withthe Data Subject’s explicit consent; or
(ii) information has been deliberately made public by the Data Subject; or
(iii) processing is necessary for the establishment, exercise or defence of a right or legal claim or obligation in law); or
(iv) processing is for historical, statistical or research purposes, subject to stipulated safeguards; or
(v) for purpses of POPIA - specific authorisation has been obtained in terms of POPIA.

7.2 TAU Mining acknowledges that it may not Process any Personal Information concerning a Child and will only do so where it has obtained the consent of the parent or guardian of that Child or where it is permitted to do so in accordance with applicable laws.


8. SAVEGUARD AND STORAGE OF PERSONAL INFORMATION

8.1 TAU Mining stores personal information physically and/or electronically (including cloud based storage).

8.2 TAU Mining takes reasonable and appropriate measures to keep personal information secure.

8.3 TAU Mining shall preserve the security of Personal Information and, in particular, prevent its alteration, loss and damage, or access by non-authorised third parties.

8.4 TAU Mining will ensure the security and integrity of Personal Information in its possession or under its control with appropriate, reasonable technical and organisational measures to prevent loss, unlawful access and unauthorised destruction of Personal Information.

8.5 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of Data Subjects,TAU Mining implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk of Processing, including measures protecting any Personal Information from loss or theft, and unauthorised access, disclosure, copying, use or modification, including –
8.5.1 the pseudonymization and encryption of Personal Information;
8.5.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services;
8.5.3 the ability to restore the availability and access to Personal Information in a timely manner in the event of a physical or technical incident; and
8.5.4 a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of Processing.

8.6 Further, TAU Mining maintains and regularly verifies that the security measures are effective and regularly updates same in response to new risks.

8.7 TAU Mining will not retain personal information for a period longer than is necessary to achieve the purpose for which it was collected or processed and is required to delete, destroy (in such a way that it cannot be reconstructed) or de-identify the information as soon as is reasonably practicable once the purpose has been achieved.

8.8 Anyway, storage and process of personal information are done for so long as TAU maintains a business relationship or contact with data subjects or permitted by law.


9. BREACHES OF PERSONAL INFORMATION

9.1 A Data Breach refers to any incident in terms of which reasonable grounds exist to believe that the Personal Information of a Data Subject has been accessed or acquired by any unauthorised person.

9.2 A Data Breach can happen for many reasons, which include:
(a) loss or theft of data or equipment on which Personal Information is stored;
(b) inappropriate access controls allowing unauthorised use;
(c) equipment failure;
(d) human error;
(e) unforeseen circumstances;
(f) deliberate attacks on systems, such as hacking, viruses or phishing scams; and/or
(g) alteration of Personal Information without permission and loss of availability of Personal Information.

9.3 TAU Mining will address any Data Breach in accordance with the terms of POPIA.

9.4 TAU Mining will notify the Regulator and the affected Data Subject (unless the applicable law requires that we delay notification to the Data Subject) in writing in the event of a Data Breach (or a reasonable belief of a Data Breach) in respect of that Data Subject’s Personal Information.

9.5 TAU Mining will provide such notification as soon as reasonably possible after having become aware of any Data Breach in respect of such Data Subject’s Personal Information.

9.6 Where TAU Mining acts as an Operator and should any Data Breach affect the data of Data Subjects whose information TAU Mining Processes as an Operator, TAU Mining shall (in terms of POPIA) notify the relevant Responsible Party immediately where there are reasonable grounds to believe that the Personal Information of relevant Data Subjects has been accessed or acquired by any unauthorised person.


10. PROVISION OF PERSONAL INFORMATION TO THIRD PARTY

10.1 May disclose Personal Information to Third Parties and will enter into written agreements with such Third Partiesto ensure that they Process any Personal Information in accordance with the provisions of this Policy and POPIA.

10.2 Notes that such Third Parties may assist TAU Mining with the purposes listed in paragraph 6 above.

10.3 TAU Mining will disclose Personal Information with the consent of the Data Subject or if TAU Mining is permitted to do so without such consent in accordance with the applicable laws.

10.4 TAU Mining does not generally do cross border Personal Information transfers.
However, in the unlikely event that cross border transfer of Personal Information is necessary and/or unavoidable, TAU Mining shall ensure that the data protection laws of such countries to which Personal Information is transferred, are similar to the POPIA requirements, and that the recipients of the Personal Information commit to the same standard of data protection as that which TAU Mining has committed to.

10.5 The Data Subject should also take note that the Processing of Personal Information in a foreign jurisdiction may be subject to the laws of the country in which the Personal Information is held, and may be subject to disclosure to the governments, courts of law, enforcement or regulatory agencies of such other country, pursuant to the laws of such country.


11. ACCESS TO PERSONAL INFORMATION

11.1 A Data Subject has certain rights under POPIA, including the following:
11.1.1 a right of access: a Data Subject having provided adequate proof of identity has the right to:
(i) request a Responsible Party to confirm whether any Personal Information is held about the Data Subject; and/or
(ii) request from a Responsible Party a description of the Personal Information held by the Responsible Party including information about Third Parties who have or have had access to the Personal Information. A Data Subject may request:
11.1.1.1 TAU Mining to confirm, free of charge, whether it holds any Personal Information about him/ her/it; and
11.1.1.2 to obtain from TAU Mining the record or description of Personal Information concerning him/her/it and any information regarding the recipients or categories of recipients who have or had access to the Personal Information. Such record or description is to be provided:
(a) within a reasonable time;
(b) in a reasonable manner and format and in a form that is generally understandable;
(c) TAU Mining may charge an access fee to the Data Subject to enable TAU Mining to respond to the request. In such instances TAU Mining must provide the Data Subject with a written estimate of the fee before providing the services.
11.1.2 a right to request correction or deletion: a Data Subject may also request TAU Mining to –
11.1.2.1 correct or delete Personal Information about the Data Subject in its possession or under its control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully; or
11.1.2.2 destroy or delete a record of Personal Information about the Data Subject that TAU Mining is no longer authorised to retain records in terms of POPIA’s retention and restriction of records provisions.
On receipt of such a request, TAU Mining is required to, as soon as is reasonably
practicable -
(a) correct the information;
(b) delete or destroy the information;
(c) provide the Data Subject with evidence in support of the information; or
(d) where the Data Subject and Responsible Party cannot reach agreement on the request and if the Data Subject requests this, TAU Mining will take reasonable steps to attach to the information an indication that correction has been requested but has not been made.
11.1.3 a right to withdraw consent and to object to processing: a Data Subject that has previously consented to the Processing of his/her/its Personal Information has the right to withdraw such consent and may do so by providing TAU Mining with notice to such effect at the address set out in TAU Mining`s Contact details. Further, a Data Subject may object, on reasonable grounds, to the Processing of Personal Information relating to him/her/it.

11.2 Accordingly, TAU Mining may request the Data Subject to provide sufficient identification to permit access to, or provide information regarding the existence, use or disclosure of the Data Subject’s Personal Information.

11.3 Any such identifying information shall only be used for the purpose of facilitating access to or information regarding the Personal Information.

11.4 The Data Subject can request in writing to review any Personal Information about the Data Subject that TAU Mining holds including Personal Information that TAU Mining has collected, utilised or disclosed.

11.5 TAU Mining shall respond to these requests in accordance with POPIA and will providethe Data Subject with any such Personal Information to the extent required by law and any of TAU Mining’s policies and procedures which apply in terms of the PAIA.

11.6 The request and the response to it must be issued in accordance with the forms approved by TAU Mining internal regulations.

11.7 The Data Subject can challenge the accuracy or completeness of his/her/its Personal Information in TAU Mining’s records at any time in terms of the PAIA.

11.8 TAU Mining does not have any internal appeal procedures that may be followed after a request to access information has been refused. As such, the decision made by the Information Officer is final, and requestors will have to exercise such external remedies at their disposal if the request for information is refused and the requestor is not satisfied with the answer supplied by the Information Officer. A requester dissatisfied with an Information Officer’s refusal to disclose information, may within 30 days of notification of the decision, apply to the Information Regulator or a competent court for relief.

11.9 If a Data Subject successfully demonstrates that their Personal Information in TAU Mining’s records is inaccurate or incomplete, will ensure that such Personal Information is amended or deleted as required (including by any Third Parties).


12. REQUEST PROCESSING TIME AND FEES

12.1 The TAU Mining will process any written requests from a Data Subject within 30 days, unless the request contains considerations that are of such a nature that an extension of the 30 days time limit is necessitated.

12.2 Where an extension of the 30 days time limit is required, the requester shall be notified, together with reasons explaining why such extension is necessitated.

12.3 The prescribed fees to be paid for copies of the Data Subject’s Personal Information are listed in the PAIA Manual.


13. USE COOKIES

We may use tracking technologies (further named as “cookies”) to collect and store Personal Information when you use, access or otherwise interact with our Website. Information about how we use cookies and the choices you may have can be found in our Cookie policy.


CONTACT DETAILS

If you have any questions about this Policy, please, contact us via Contact Us page at our Website.
If your request was not satisfied you can contact to The Information Regulator (South Africa).

Cookie policy

1.1 This document is part of the TAU Mining`s Privacy policy and describes how TAU Mining uses cookies on its Website.

1.2 This Policy uses the definitions of terms given in TAU Mining`s Privacy policy.

1.3 This Policy is to use cookies only with the consent of users of the services we provide, unless the use of cookies is strictly necessary for the operation or use of the service.

1.4 Cookie is a small text file that is sent by a website to your computer or mobile device where it is stored by your web browser. Cookies may store information such as your IP address or other identifier, your browser type, and information about the content you view and interact with on digital services. By storing such information, web browser cookies can remember your preferences and settings for online services and analyze how you use online services.

1.5 Cookie are used to ensure Websites function properly, store user preferences when needed and collect anonymous statistics on Website usage.

1.6 With your consent we may also use cookies for other purposes, such as the generation of aggregate statistics about how people use it; for error management and troubleshooting; to help you share content with others; to enable you to receive information about other products and services; and to improve your experience of the Website.

1.7 When you first visit our Website you will be presented with a banner which offers you a choice about whether to accept or reject cookies, with the exception of those cookies which are strictly necessary for a particular service.

If you wish to amend your choice at any time, you can do so using the option of Settings/ Customize.

1.8 If you accept cookies, you agree that we may use your personal information collected using cookies (subject to the provisions of this Policy). Where you reject cookies, you are informed that you may not be able to fully experience the interactive features of our Website.

1.9 If you wish, you can also choose how web browser cookies are handled by your device via your browser settings. Some devices allow you to control this through your device settings. If you choose not to receive cookies at any time, Website may not function properly and certain services will not be provided. Each browser and device are different, so check the settings menu of the browser or device to learn how to change your settings and cookie preferences.

1.10 Depending on the purpose of use there are types of cookies:
1.10.1 Essential cookies are necessary for a website to function;
1.10.2 Non-essential cookies are used for ancillary purposes such as marketing, statistics and setting user preferences.

1.11 Depending on the party saving cookies there are next categories of them:
1.11.1 First-party cookies are stored on a user’s device by the website they are browsing;
1.11.2 Third-party cookies are stored on a user’s device by an organization other than the website owner.


List of cookies we use:
Host: https://taumining.co.za


CONTACT DETAILS
If you have any questions about this Policy, please, contact us via Contact Us page at our Website.