Protection of Personal Information
HOW TO CONTACT US
1.1. Cederberg is engaged in the following business activities:
1.1.1. the production, marketing, sale and distribution of liquors products in the South African and international markets;
1.1.2. the provision of accommodation.
1.2. As part of managing Cederberg’s business and creating value for all its stakeholders, Cederberg is required, in certain instances, to process Personal Information. Accordingly, Cederberg is required to protect such Personal Information as set out in the Protection of Personal Information Act and declares its commitment to comply with the Act.
1.3. Cederberg shall ensure that all Personal Information is processed within the parameters of the law.
INTERPRETATION AND DEFINITIONS
PROCESSING OF PERSONAL INFORMATION4.1. Data Subject Personal Information collected by Cederberg and the basis thereof.
Cederberg may use the Personal Information of a Data Subject to provide the Data Subject with information, products and services including, but not limited to: 4.3.1. online or physical events, such as webcast events; 4.3.2. press releases; 4.3.3. promotions and competitions; 4.3.4. job postings; 4.3.5. financial results; 4.3.6. marketing communications about Cederberg products and services. Cederberg will obtain consent for marketing to the extent required by law; 4.3.7. contact and interact with the Data Subject, including to: 22.214.171.124. receive information from the Data Subject; 126.96.36.199. request the Data Subject to update it information, including Personal Information on Cederberg website, online shopping platform and other records; 188.8.131.52. respond to requests from the Data Subject (including in circumstances where a Data Subject applied for employment); and 184.108.40.206. provide important notices and updates, such as changes to terms, standard operating procedures (SOPs), policies, security alerts and administrative messages. 4.3.8. operate Cederberg’s business, including: 220.127.116.11. screening visitors through CCV footage, conducting searches for dangerous weapons and completing the attendance register for security purposes to ensure that only authorised persons enter the premises of Cederberg; 18.104.22.168. complying with applicable laws, regulations and guidance; and 22.214.171.124. complying with demands or requests made by regulators, governments, courts and law enforcement authorities. 4.3.9. improve Cederberg’s day-to-day operations, including: 126.96.36.199. for internal purposes such as auditing, data analysis and research to help Cederberg deliver and improve its digital platforms, content and services; 188.8.131.52. to monitor and analyse trends, usage and activities in connection with Cederberg products and services to understand which parts of Cederberg digital platforms and services are of the most interest and to improve the design and content of those platforms; 184.108.40.206. to improve Cederberg products and services and communications to the Data Subject; and 220.127.116.11. to ensure that Cederberg has up-to-date contact information for the Data Subject, where applicable. 4.4. Retention period by Company of Personal information of a Data Subject Cederberg will always keep the Personal Information of a Data Subject for the period required by law and where it needs to do so in connection with legal action or an investigation in which it is involved or to mitigate risks which Cederberg is exposed to in the normal course of its business. Otherwise, Cederberg will keep Personal Information of a Data Subject: 4.4.1. for as long as needed to provide the Data Subject with access to products and services he/she/it has requested; 4.4.2. where the Data Subject has contacted Cederberg with a question or request, for as long as necessary to allow Cederberg to respond to the question or request and as required by law. 4.5. Permitted sharing by Company of Personal Information of a Data Subject 4.5.1. Cederberg may share Personal Information of a Data Subject with the following third parties and/or Operators: 18.104.22.168. The entities in the Cederberg group and including but not limited to any holding company/ies or subsidiary/ies as defined in the Companies Act, Act 71 of 2008 or affiliates, irrespective of the legal nature of how the entities comprise the group; 22.214.171.124. Cederberg directors, officials, Employees, agents, Operators and suppliers, including those who provide it with technology services such as data analytics, hosting and technical support; 126.96.36.199. Cederberg’s professional advisors, auditors and business partners; 188.8.131.52. regulators, governments and law enforcement authorities; and 184.108.40.206. other third parties in connection with re-organising all or any part of Cederberg’s business. 4.5.2. Personal Information of a Data Subject may be processed by Cederberg and/or Cederberg’s Operators outside of the Republic of South Africa. The Data Subject acknowledges that Personal Information laws in the countries to which the Personal Information of a Data Subject is transferred, may not always be equivalent to, or as protective as, the laws in the Republic of South Africa and agrees and consents to its Personal Information being transferred as such. 4.5.3. Cederberg will implement appropriate and reasonable measures to ensure that the Personal Information of a Data Subject remains protected and secure when it is transferred outside of the Republic of South Africa, in accordance with applicable Personal Information protection and privacy laws. These measures include data transfer agreements implementing standard data protection clauses. 4.6. Data Subject’s rights regarding his Personal Information The Data Subject is entitled, subject to Cederberg’s rights as set out in the Act, to: 4.6.1. request Cederberg for access to Personal Information Cederberg holds about him/her/it; 4.6.2. request a correction and/or deletion of his/her/its Personal Information; 4.6.3. request the restriction of the Processing of his Personal Information, or object to that Processing; 4.6.4. withdraw his/her/its consent to the Processing of his/her/its Personal Information (where Cederberg is Processing his/her/its Personal Information based on his/her/its consent); 4.6.5. withdraw his/her/its consent to receive marketing messages; 4.6.6. request for the receipt or the transfer to another organisation, in a machine-readable form, of the Personal Information, that he/she/it has provided to Cederberg; and 4.6.7. complain to his local data protection authority if his/her/its privacy rights are violated, or if he/she/it has suffered as a result of unlawful Processing of his Personal Information. 4.7. What the Data Subject should do if he/she/it does not want to provide Cederberg with his Personal Information 4.7.1. Where a Data Subject is given the option to share his/her/its Personal Information with Cederberg, he/she/it can always elect not to do so. 4.7.2. If a Data Subject objects to the Processing of his/her/its Personal Information, or if he/she/it has provided his/her/its consent to Processing and he/she/it later chooses to withdraw it, Cederberg will comply with the request in accordance with its legal obligations. Cederberg’s legal obligations in respect of the withdrawn Personal Information shall therefore cease to exist. 4.7.3. The rights of the Data Subject are subject to Cederberg’s rights as set out in the Act.
IMPORTANT NOTICE TO DATA SUBJECTS
7.1. Should the Data Subject believe that Cederberg has utilised Personal Information contrary to the Act, the Data Subject undertakes to first attempt to resolve any concerns with Cederberg. 7.2. If the Data Subject is not satisfied with such process, the Data Subject may have the right to lodge a complaint with the Information Regulator, using the contact details listed below: Tel: 012 406 4818 Fax: 086 500 3351 E-mail: email@example.com