Privacy Policy
Introduction
At Setsoto Local Municipality, accessible from https://www.setsoto.gov.za, one of our main priorities is the privacy of our visitors. We respect your privacy and take the protection of personal data very seriously. The purpose of this policy is to describe the way that we collect, store, use and protect data that can be associated with you or another specific natural or juristic person and can be used to identify you or that person (personal data).
We have updated this policy to comply with the European Union’s General Data Protection Regulation (GDPR); South Africa’s Protection of Personal Information Act (Popia); and the Google Privacy Policy.
Audience
This policy applies to you if you are:
- a visitor to our website; or
- a customer who has ordered, registered for or uses the services that we provide.
Personal data
Personal data includes:
- certain information that we collect automatically when you visit our website;
- certain information collected on registration (see below);
- certain information collected on submission; and
- optional information that you provide to us voluntarily (see below);
but excludes:
- information that has been made anonymous so that it does not identify a specific person;
- permanently de-identified information that does not relate or cannot be traced back to you specifically;
- non-personal statistical information collected and compiled by us; and
- information that you have provided voluntarily in an open, public environment or forum, including any blog, chat room, community, classifieds or discussion board (because the information has been disclosed in a public forum, it is no longer confidential and does not constitute personal data subject to protection under this policy).
Common examples
Common examples of the types of personal data we may collect and process include your:
- identifying information – such as your name, date of birth, or identification number of any kind;
- contact information – such as your phone number or email address;
- address information – such as your physical or postal address; or
- demographic information – such as your gender or marital status.
Sensitive personal data
Depending on the services that you require, we may also collect sensitive personal data, including your:
- financial information – such as your bank account details;
- sensitive demographic information – such as your race or ethnicity; and
- employment information – including your job title and the industry you work in.
Acceptance of this policy
Acceptance required
You must accept all the terms of this policy when you register for, or use the website or any of our services. If you do not agree with anything in this policy, then you may not register for or use the website or any of our services. You may not register for or use the website or any of our services if you do not accept this policy.
Legal capacity
You may not access our website or order our services if you are younger than 18 years old or do not have legal capacity to conclude legally binding contracts.
Deemed acceptance
By accepting this policy, you are deemed to have read, understood, accepted, and agreed to be bound by all of its terms.
Your obligations
You may only send us your own personal data or the information of another data subject where you have their permission to do so. Our website may give you the option to post information in a way that is publicly accessible and may be collected by others (such as via comments on articles). You are responsible for any personal data that you post in this way.
Changes
We may change the terms of this policy at any time by updating this web page. We will notify you of any changes by placing a notice in a prominent place on the website, or by sending you an email detailing the changes that we have made and indicating the date that they were last updated. If you do not agree with the changes, then you must stop using the website and our services. If you continue to use the website or our services following notification of a change to the terms, the changed terms will apply to you and you will be deemed to have accepted those updated terms.
Collection of data
On registration
Once you register on our E-Statement Consumer Portal or website, you will no longer be anonymous to us. You will provide us with certain personal data.
This personal data will include:
- your name and surname;
- your email address and mobile number;
- your username and password.
We will use this personal data to fulfill your account, provide additional services and information to you as we reasonably think appropriate, and for any other purposes set out in this policy.
On order
When you order any services from us, you may be asked to provide us with additional information on a voluntary basis (services information). This information may include:
- your ID number;
- your postal address or street address; and
- your telephone number.
From browser
We automatically receive and record internet usage information on our server logs from your browser, such as your internet protocol address (IP address), browsing habits, click patterns, version of software installed, system type, screen resolutions, colour capabilities, plug-ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on the website, and the dates and times that you visit the website, paths taken, and time spent on sites and pages within the website (usage information).
Please note that other websites you visited before entering our website might place personal data within your URL during a visit to it, and we have no control over such websites. Accordingly, a subsequent website that collects URL information may log some personal data.
Web beacons
Our website may contain electronic image requests (called a single-pixel GIF or web beacon request) that allow us to count page views and to access cookies. Any electronic image viewed as part of a web page (including an ad banner) can act as a web beacon. Our web beacons do not collect, gather, monitor or share any of your personal data. We merely use them to compile anonymous information about our website.
Purpose for collection of data
We may use or process any services information, or optional information that you provide to us for the purposes that you indicated when you agreed to provide it to us. Processing includes gathering your personal data, disclosing it, and combining it with other personal data. We generally collect and process your personal data for various purposes, including:
- services purposes – such as providing our services;
- legal purposes – such as handling claims, complying with regulations, or pursuing good governance.
We may use your usage information for the purposes described above and to:
- remember your information so that you will not have to re-enter it during your visit or the next time you access the website;
- monitor website usage metrics such as total number of visitors and pages accessed.
Consent to collection of data
We will obtain your consent to collect personal data:
- in accordance with applicable law;
- when you provide us with any registration information or optional information.
Use of data
Our obligations
We may use your personal data to fulfill our obligations to you. This could include delivering service accounts to you, allowing you to access exclusive content on our website, billing you for our services, or improving our offerings.
Messages and updates
We may send administrative messages and email updates to you about the website. We may wish to provide you with information about new goods or services in which we think you may be interested.
Disclosure of data
Sharing
We may share your personal data with:
- other departments within the municipality to which we belong to provide joint content and services like registration, for transactions and customer support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our services, and communications (they will only use this information to send you communications if you have requested their services);
- service providers under contract who help provide certain services or help with parts of our business operations, including fraud prevention, bill collection, technology services;
- social media platforms when you use tools or functionality on our website provided by those platforms (such as “recommend” or “share” buttons); and
- other third parties who provide us with relevant services where appropriate.
Regulators
We may disclose your personal data as required by law or governmental audit.
Law enforcement
We may disclose personal data if required:
- by a subpoena or court order;
- to comply with any law;
- to protect the safety of any individual or the general public; and
- to prevent violation of our customer relationship terms.
No selling
We will not sell personal data. No personal data will be disclosed to anyone except as provided in this privacy policy.
No linked websites
We do not share personal data with any websites linked to on our site, unless they are a party with whom we are allowed to share personal data, as indicated in this policy. Please check these websites’ own privacy policies before sharing your personal data with them.
Marketing purposes
We may disclose aggregate statistics (information about the customer population in general terms) about the personal data to other government entities.
Employees
We may need to disclose personal data to our employees that require the personal data to do their jobs. These include our responsible management, human resources, accounting, audit, compliance, information technology, or other personnel. Any of our employees or personnel that handle your personal data will have signed non-disclosure and confidentiality agreements.
Security
We take the security of personal data very seriously and always do our best to comply with applicable data protection laws. Our hosting company will host our website in a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders. We authorise access to personal data only for those employees who require it to fulfill their job responsibilities. We implement disaster recover procedures where appropriate.
Accurate and up to date
We will try to keep the personal data we collect as accurate, complete and up to date as is necessary for the purposes defined in this policy. From time to time we may request you to update your personal data on the website. You are able to review or update any personal data that we hold on you by accessing your account online, emailing us or phoning us.
Please note that in order to better protect you and safeguard your personal data, we take steps to verify your identity when granting you access to your account or making any corrections to your personal data. Throughout your interaction with us you retain the right to rectify personal data that is incorrect or inaccurate. This does not apply if we process your personal data in our capacity as an operator or processor on behalf of a responsible party or data controller.
Retention of data
We will only retain your personal data for as long as it is necessary to fulfill the purposes explicitly set out in this policy, unless:
- retention of the record is required or authorised by law; or
- you have consented to the retention of the record.
We may retain your personal data in physical or electronic records at our discretion.
Updating or removing
You may choose to correct or update the personal data you have submitted to us, by contacting us by phone or email.
You are entitled to a right to be forgotten. We will delete any personal data that you don’t want us to have. If you do this, we will remove your personal data from our system, but we may still retain certain personal data as required or allowed by law, including:
- where we can show legitimate grounds for processing your personal data that override your request; or
- where we process your personal data in order to establish, exercise or defend legal claims.
You understand that if we delete your data from our system, we may be unable to continue providing some or all of our services to you.
Restriction of processing
You may request that we restrict the use of your personal data. When we restrict your personal data we still have the right to store it but not use it. You can ask that we do this verbally or in writing.
Data breaches
We will notify our customers of any confirmed data breaches that has occurred. It is our customers’ responsibility to notify relevant supervisory authorities and any affected data subjects of the data breach.
Limitation
We are not responsible for, give no warranties, nor make any representations in respect of the privacy policies or practices of any linked or third-party websites.
Enquiries
If you want to update or remove your personal data, restrict how we process it, or opt in or out of receiving service accounts, please contact us:
- Telephone: (051) 933 9300
- Email: admin@setsoto.co.za
Registered users on our E-Statement Customer Portal can also View and edit personal details, Set communication preferences.
If you have any questions or concerns arising from this privacy policy or the way in which we handle personal data, please contact us via one of the following methods:
- Telephone: (051) 933 9300
- Email: admin@setsoto.co.za
- Post: 27 Voortrekker Street, Ficksburg, 9730
Complaints
If you have any complaints about the way we handle your personal data, please contact our office as described above, so that we can resolve it. You may choose, however, to approach a supervisory authority instead, including:
- the data protection authority in your jurisdiction, where you are covered by the EU GDPR; or
- the South African Information Regulator.
You can find out who your data protection authority, commissioner or regulator is by visiting this website.
© Setsoto Local Municipality (2024)
Last Updated: 28 February 2024