Contact Me

Privacy Policy

Background

I understand that your privacy is important to you and that you care about how your personal information is used. I respect and value the privacy of all those whom I deal with. I use all personal information in the ways described here and consistent with my obligations and your rights under the law.

1. Information About Me

Carl Haylett
Physical address: 3 Quenet Cresent, Worcester, 6850
Email address: carl@carlhaylett.co.za
Phone number: 072 051 4929

2. What Does This Notice Cover?

This Privacy Notice explains how I use your personal information: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal information.

3. What Is Personal Information?

Personal information is defined by the Protection of Personal Information Act (“POPIA”) as ‘any information relating to an identifiable living natural or existing juristic person’.

Personal information is, in simpler terms, any information about you that enables you to be identified. Personal information covers obvious information, such as your name and contact details, but it also covers less obvious information, such as identification numbers, electronic location data, and other online identifiers.

I process personal information by both automated (electronically) and non-automated means (paper-based as part of a filing system).

The personal information that I use is set out in Part 5 below.

4. What Are My Rights?

Personal information may only be processed if you consent thereto, alternatively where it is necessary to do so for the conclusion or performance of a contract, an obligation in terms of law, to protect your legitimate interest/s, or to pursue my legitimate interest/s.

Personal information must, as far as possible, be collected directly from you.

Under POPIA, you have the right to have your personal information processed according to 8 processing conditions that are summarized as follows:

  • Condition 1 – Accountability. I must ensure that the conditions set out in Chapter 3 of the Act and all the associated measures are complied with.
  • Condition 2 – Personal information must be collected and processed lawfully in a reasonable manner that does not infringe on your rights. Personal information may only be processed if it is adequate, relevant, and not excessive.
  • Condition 3 – Personal information must be collected for a specific, explicitly defined, and lawful purpose related to a function or activity of mine. Such personal information may not be retained any longer than necessary for achieving the purposes for which the information was collected and/or subsequently processed.
  • Condition 4 – Further processing of your personal information unless such processing is compatible with the initial purpose of collecting the information is prohibited.
  • Condition 5 – I must take reasonable, practicable steps to ensure that your personal information is complete, accurate and not misleading. Such personal information must also be kept up to date, taking into consideration the purpose of the personal information. The nature and purpose of your personal information will dictate how often such information must be updated.
  • Condition 6 – As far as it is practicable, I must inform you before your personal information is collected and the purpose of collecting and from where your personal information will be collected. As per Section 72 of the Act, you will be advised if your personal information will be transferred across the borders of South Africa.
  • Condition 7 – I must secure the integrity and confidentiality of your personal information by taking appropriate reasonable, technical and organisational measures to prevent the loss thereof or unlawful access thereto.
  • Condition 8 – You have the right to establish whether your personal information is held by me and to have it corrected or destroyed if it is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or has been obtained unlawfully.

You further have the following rights, which I will always work to uphold:

  • The right to access the personal information I hold about you. 
  • The right to rectify your personal information if any of your personal information held by me is inaccurate or incomplete. 
  • The right to be forgotten, for example, the right to ask me to delete or otherwise dispose of any of your personal information that I hold. 
  • The right to restrict (i.e. prevent) the processing of your personal information.
  • The right to object to me using your personal information for a particular purpose or purposes.
  • The right to withdraw consent. This means that if I am relying on your consent as the legal basis for using your personal information, you are free to withdraw that consent at any time.
  • The right to not have your personal information processed for the purposes of direct marketing by means of electronic communication without your consent.

For more information about my use of your personal information or exercising your rights as outlined above, please contact me using the contact details listed in Part 1.

It is important that your personal information is kept accurate and up to date. If any of the personal information I hold about you changes, please keep me informed as long as I have that information.

Further information about your rights can also be obtained from the Information Regulator’s Office at https://www.justice.gov.za/inforeg.

If you have any cause for complaint about my use of your personal information, you have the right to lodge a complaint with the Information Regulator’s Office. I would welcome the opportunity to resolve your concerns myself, so please contact me first.

5. What Personal Information Do You Collect and How?

I may collect and hold some or all of the personal information set out below, using the methods also set out below each paragraph.

Information Collected

Identity Information including but not limited to name, surname, date of birth and identity number. Contact and location information including but not limited to telephone and cellphone numbers, email addresses, physical addresses, postal addresses and geographical location data.

How I Collect the Personal Information

As far as practicably possible directly from you. If it is not practicable or possible to obtain such information directly from you, I will obtain such personal information from third parties or public forums where you may have made your personal information deliberately public.

6. How Do You Use My Personal Information?

Under POPIA, I must always have a lawful basis for using personal information. I may use your personal information for one or all of the following purposes:

  • The administration of my business.
  • Supplying my services to you.
  • Managing payments for my services.
  • Personalising and tailoring my services for you.
  • Communicating with you.
  • Supplying you with information by electronic communication if you have agreed thereto (you may opt-out at any time by using the contact details in Part 1).
  • With your permission, I may also use your personal information for marketing purposes, which may include contacting you by email and/or phone and/or text message with information, news and offers on my services. You will not be sent any unlawful marketing or spam. I will always work to fully protect your rights and comply with my obligations under POPIA, and you will always have the opportunity to opt out. 
  • I will only use your personal information for the purpose(s) for which it was collected originally unless I reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal information for that purpose. If I do use your personal information in this way and you wish me to explain how the new purpose is compatible with the original, please contact me.
  • If I need to use your personal information for a purpose that is unrelated to or incompatible with the purpose(s) for which it was originally collected, I will inform you and explain the legal basis which allows me to do so or obtain permission from you to do so.
  • In some circumstances, where permitted or required by law, I may process your personal information without your knowledge or consent. This will only be done within the bounds of POPIA and your legal rights.

7. How Long Will You Keep My Personal Information?

I will not keep your personal information for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal information will, therefore be kept for:

  • as long as it serves the purpose it was collected and intended for,
  • such periods as prescribed in any legislation applicable to my business,
  • any period agreed to in a contract,
  • the purposes of fulfilment of a contract or
  • any period you may have agreed to

8. How and Where Do You Store or Transfer My Personal Information?

I will endeavour to store your personal information in South Africa. This means that it will be fully protected under POPIA.

I may, however, transfer your personal information across South Africa’s borders for storage, the performance of a contract, an obligation in terms of international law or for internal purposes. These are referred to as “third countries”. I will take additional steps in order to ensure that your personal information is treated just as safely and securely as it would be within South Africa and under POPIA as follows:

  1. I will ensure that your personal information is protected or
  2. I will only store or transfer personal information in or to countries deemed to provide adequate protection for personal information or
  3. I will use contracts and/or service agreements that ensure the same levels of personal information protection that apply under POPIA.

The security of your personal information is essential to me and to protect your information, I take a number of important measures, including the following:

I have identified all reasonable and foreseeable internal and external risks and introduced safeguards to mitigate such risks.

Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal information) include notifying you and the Information Regulator’s Office, where I am legally required to do so.

Continuous maintenance and updating of such safeguards to secure your personal information.

9. Do You Share My Personal Information?

I will not share any of your personal information with any third parties for any purposes, subject to the following exception/s.

In some limited circumstances, I may be legally required to share certain personal information, which might include yours, if I am involved in legal proceedings or complying with legal obligations, a court order or the instructions of a government authority.

If any of your personal information is shared with a third party, as described above, I will take reasonable steps to ensure that your personal information is handled safely, securely and in accordance with your rights.

Operators

I may make use of third-party service providers to process personal information on my behalf. I will enter into a formal written agreement with the service provider to protect such personal information. In terms of such an agreement, the service provider will be required to process personal information per the conditions prescribed by me, including measures to protect the security and integrity of such personal information.

10. How Can I Access My Personal Information?

If you want to know what personal information I have about you, you can ask me for details of that personal information and for a copy of it (where any such personal information is held). This is known as a Subject Access Request (“SAR”).

All SARs should be made in writing and sent to the email shown in Part 1. 

There may be a fee charged for a Subject Access Request, especially if your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover my administrative costs in responding.

I will respond to your data subject access request within one month. Normally, I aim to provide a complete response, including a copy of your personal information within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date I receive your request. You will be kept fully informed of my progress.

11. Changes to this Privacy Notice

I may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes or if I change my business in a way that affects personal information protection.

Any changes will be made available on my website.

Book Your Complimentary Session

Phone, Whatsapp or SMS me.

072 051 4929

If sending an SMS, please include your first name and phone number and I'll phone you when I'm available.