MCI Consultants (Pty) Ltd, herein referred to as “MCI”, respects your right to privacy and is committed to safeguarding your personal information when processing your personal information, herein referred to as “data”, in terms of the Protection of Personal Information Act (POPI Act).

This privacy statement applies to natural and juristic persons whose data is processed by MCI, including potential clients, existing clients, service providers and applicants for employment, herein referred to as “Data Subject”.

Our privacy statement outlines our policy surrounding the protection and processing of your data and our commitment to comply with the conditions set out in the Protection of Personal Information Act (POPIA) when collecting, recording, storing, disseminating, and destroying data.

Data being collected and processing activities

Data that may be collected by MCI includes, but is not limited to the following:

• information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
• information relating to the education or the medical, financial, criminal or employment history of the person;
• any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
• the biometric information of the person;
• the personal opinions, views or preferences of the person;

• correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
• the views or opinions of another individual about the person; and
• the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

 

MCI shall only process data in a lawful manner. Processing, in the context of this privacy statement, means any operation or activity or any set of operations, whether or not by automatic means, concerning personal or any information, including but not limited to:

• the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;

• dissemination by means of transmission, distribution or making available in any other form; or
• merging, linking, as well as restriction, degradation, erasure or destruction of information

 

Commitment to compliance with POPI

• MCI will comply with the POPI regulations and process all the information and/or personal data in respect of the services being rendered in accordance with the said regulation and only for the purpose of providing the Services set out in the agreement between MCI and the Data Subject.

• The Data Subject owns the data and all intellectual property rights in it.
• Both parties agree and acknowledge that all information provided, whether personal or otherwise, may be used and processed by MCI and such use may include placing such information in the public domain;
• MCI acknowledges that in providing the services to the Data Subject that MCI may be exposed to the client’s Data.
• MCI will use its best endeavours and take all reasonable precautions to ensure that any information provided, is only used for the purposes it has been provided.
• The Parties specifically record that all Data provided by the Data Subject to MCI or to which MCI may be exposed in the performance of its obligations in terms of the Agreement, shall constitute Confidential Information and as such, MCI shall comply with all the provisions of the Agreement in relation to same.

• MCI hereby warrants in favour of the Data Subject, that it shall, at all times, strictly comply with all applicable legislation and with all the provisions and requirements of the Data Subject’s Data protection policies and procedures as may be updated from time to time as notified to MCI in writing.
• MCI hereby warrants and undertakes that it shall not, at any time copy, compile, collect, collate, process, mine, store, transfer, alter, delete, interfere with or in any other manner use the Data for any purpose other than with the express prior written consent of the Data Subject, and to the extent necessary to provide the services to the Data Subject.

• All Data provided by the Data Subject, or accessed (or accessible) by MCI, shall be used by MCI only in connection with the provision of the services and shall not be commercially exploited by MCI in any manner whatsoever.
• MCI further warrants that it shall ensure that all its systems which it uses to provide the Services, including all systems onto which the Data Subject’s Data is copied, compiled, collected, collated, processed, mined, stored, transmitted, altered or deleted or otherwise used as part of providing the Services, shall at all times be of a minimum standard required by law for the protection, control and use of Data.
• MCI has procured written undertakings from all its staff that those staff members who have access to Confidential Information are bound by confidentiality undertakings no less onerous than those contained in this Agreement.
• MCI may retain Confidential Information to the extent required by, and for the duration of, any services performed for the Data Subject in terms of agreements between the Parties, provided that the Data Subject has not waived performance of such services and subject to the right of the Data Subject to recover the Confidential Information at any time on the terms agreed herein.

 

Warranty

MCI warrants that:

• It shall at all times perform its responsibilities in a manner that does not infringe, or constitute an infringement or misappropriation of, any Intellectual Property or other proprietary rights of the Data Subject or any third party;

• It is and will remain fully cognisant of and compliant with any relevant legislative or regulatory requirements and/or rulings or codes of practice of any competent authority or industry body that has jurisdiction over the provision of or is relevant to the Services provided;
• It shall remain compliant with all applicable legislation, including its statutory obligations set out in the POPI Act and the Consumer Protection Act 68 of 2008 (“CPA”) if, and then to the extent, so required by the POPI Act and the CPA, respectively.

 

Return and deletion of data

• On termination of an agreement between MCI and the Data Subject for any reason, or upon written request from the Data Subject at any time, MCI shall cease Processing any Personal Data, and (at the Data Subject’s instruction) return to the Data Subject or delete (in accordance with MCI’s document retention and deletion policies), any Personal Data in MCI’s possession or control, except as required by law or as required in order to defend any actual or possible legal claims.

• The Data Subject acknowledges and agrees that MCI shall have no liability for any losses incurred by the Data Subject arising from or in connection with MCI’s inability to perform the Services as a result of Supplier complying with a request to delete or return Personal Data made by the Data Subject.

 

Policy changes

This statement was last revised on 30 June 2021. Any material changes hereto will be published on our website. Your continued use of our services following the update means that you accept MCI’s updated privacy statement.