privacy policy
What is this document about?
This Privacy Policy stipulates how the Sister Lilian Centre (Pty) Ltd and Sensitive Midwifery process your personal information. This includes why we collect information about you, the type of information we collect, how we collect it, with whom we will share it, the security measures we use to protect the information, and how you may obtain access to and correct your information. You should read this Privacy Policy carefully. Every provision is essential and material. If something is unclear to you, please ask that it be explained.
Explanation of Terms Used
- “Data subject” refers to the person (e.g., user and health professional) or entity to whom the personal information relates.
- “Personal information” has the meaning assigned to it in POPIA and refers to information relating to identifiable, living human beings (natural persons) and identifiable, existing juristic persons. It includes information such as race, gender, pregnancy status, age, health status, medical information, date of birth, identification number, contact details, and confidential correspondence.
- “Processing” has the meaning assigned to it in POPIA and refers to any operation or activity concerning personal information, such as the collection, receipt, recording, storage, updating, alteration, use, distribution, erasure, or destruction of the information.
- “User” means a user of our products and services.
- “POPIA” means the Protection of Personal Information Act (Act 4 of 2013) and its Regulations.
- “We” / “us” / “our”/ “Sister Lilian Centre” / “the Centre” refers to the Sister Lilian Centre (Pty) Ltd, Registration No: 2015/178124 /07 and Sensitive Midwifery.
- “Website” means https://sensitivemidwifery.co.za/.
- “You” / “your” refers to the data subject (i.e., the individual or entity) whose personal information is processed by us.
About the Centre
Sister Lilian Centre provides health education and advises families regarding pregnancy, birth, baby and toddler care, and general health concerns. It provides education to midwives and maternal health-related professionals under the Sensitive Midwifery® brand.
Our contact details are as follows:
Physical Address: Sister Lilian Centre c/o Zinplex, 332 Alwyn Street, Waltloo Ext 1
Postal Address: PO Box 11156, Silver Lakes, 0054
Telephone Number:012-809 3342
Email: info@sisterlilian.co.za
Websites: https://sisterlilian.co.za/ and https://sensitivemidwifery.co.za/
Information Officer
The Information Officer of the Centre is:
Name: Hermanus JH Fourie
Telephone Number: 012-803 6969
Email: zinplex@gmail.com
Our Commitment
We understand that your personal information is important to you and that you may be anxious to disclose it. Your privacy is just as important to us, and we want to ensure you understand how your information will be processed. We take our commitment to protecting your personal information seriously. We will, therefore, only process your personal information, which includes collecting, using, storing, or disclosing your information, as permitted by law or with your consent. We will always strive to keep your information confidential.
When Providing Information about Others
You must make sure that when you provide personal information about any individual (such as a spouse or child) or entity to us, you may lawfully do so (e.g., with their consent). We will accept that you may share the information with us lawfully. You should ensure that the persons (or entities) whose information you share understand how we will use and disclose their information. This is also set out in this Privacy Policy.
Purposes of Processing Personal Information
We generally process your personal information for the following purposes:
- to conduct and manage the Centre lawfully, including conducting an online shop and collecting payment for goods and services,
- for providing health education to users,
- to facilitate access to clinical services offered by healthcare professionals,
- for membership administration,
- for communication purposes,
- for the administration of our newsletter,
- for conducting symposiums and workshops, contracting speakers and managing attendance,
- for the maintenance of company records,
- for employment/contracting purposes and related matters,
- for reporting to persons and bodies as needed and authorised by you or the law,
- for historical, statistical, and research purposes,
- to enforce the rights of the Centre, including legal defence purposes, and
- for any other lawful purpose related to our business.
Collection of Personal Information
- We collect personal information about you if necessary.
- We obtain personal information directly from you when –
- you seek education or purchase a product or service from us.
- you become a member of Sensitive Midwifery.
- you become an employee of or contractor to the Centre.
- you supply personal information on our websites when subscribing to our newsletter, purchasing a product or requesting a service.
- you attend one of our events.
- you become part of our network of healthcare professionals.
- you provide a testimonial regarding our products and services.
- we procure products or services from you.
- you become a sponsor or partner.
- We may collect personal information about you which is publicly available. We may also collect personal information from other sources when it is not possible to obtain the information directly from you, to protect your legitimate interests, or when it is necessary to protect our legitimate interests or to exercise or defend our rights, such as for legal defence purposes. If we use ‘legitimate interest’ as the basis for processing your personal information, we will first conduct a legitimate interest assessment.
- We may collect information about job applicants from personnel agencies and vetting agencies.
- We collect information about the dependants of employees when our employee benefits also benefit them.
Processing of Personal Information
Various laws permit the processing of data subjects’ personal information, such as POPIA. Employment and labour laws permit the processing of employees’ personal information. The Companies Act allows the processing of personal information of shareholders and directors. We collect the personal information of the data subjects listed below. Other personal information may be collected and processed if required, subject to applicable laws.
Directors and Shareholders:
We generally process the following personal information about directors and shareholders, as may be necessary, and retain it as part of our records:
- Names and surnames, titles, identity numbers, contact details, physical and postal addresses, telephone numbers, nationalities, gender and correspondence.
Employees, Contractors and Job Applicants:
We generally process the following personal information about employees and job applicants, as may be necessary, and retain it as part of our records:
- Names, titles, contact details, addresses, telephone numbers, identity numbers, dates of birth, age, gender, qualifications, profession, references and CVs, South African Nursing Council (SANC) or other statutory council numbers, positions or roles at the Centre, job descriptions, bank details, relevant health and disability information, vetting reports (qualifications and criminal records), employment-related information, including all information supplied on the employment contract and in supporting documentation, disciplinary-related information, leave records, absenteeism information, remuneration and employment benefits, tax numbers and related tax information, health and safety-related incidents, next-of-kin details and information on dependants,
- Signatures of official signatories of the Centre and their FICA documentation,
- Records created in the performance of their duties and correspondence.
Users (including Members):
We generally process the following personal information about users when they sign up for our newsletter or purchase a product online, and retain it as part of our records:
- First and last names, email address, and
- Payment details, payment confirmations.
Our Network Professionals:
We generally process the following personal information about our members and healthcare professionals to whom we refer users, and retain it as part of our records:
- Email addresses, contact numbers, social media pages, locations, website addresses, names and surnames, professions, SANC or other statutory council numbers, practice addresses, identity numbers, practice names, telephone numbers, qualifications, services offered and photos,
- Payment details, payment confirmations, and correspondence.
Suppliers, Vendors and Other Third Parties:
We generally process the following personal information about suppliers, vendors and other third parties, if necessary, and retain it as part of our records:
- Persons’ or entities’ names and contact details,
- Names, titles and contact details of relevant persons or office bearers,
- Agreements and related information, invoices and payment information,
- Official documentation, including newsletters and statements,
- Market information and correspondence.
Consent
Where you are required to consent to the processing of your personal information, you may withdraw your consent at any time. This does not affect information that we have already processed. If you withdraw your consent, we will continue to process your information in accordance with the law. This may impact the services that you require from us. This will be discussed with you at the time if necessary.
Objection to Processing
When we process your personal information to protect your legitimate interests or based on the legitimate interests of the Centre or those of a third party to whom we supply the information, you may object if it is reasonable to do so in the circumstances. You must complete a form for this purpose, which is available at the Centre or from the Information Officer. This does not affect your personal information, which we have already processed. If you object, and we agree with your objection, your personal information will only be processed in accordance with the law.
Sharing and Disclosure of Personal Information
We will share the personal information of data subjects in general with the following persons and entities if it is necessary and lawful in the circumstances:
- Law enforcement and government agencies or other related third parties: From time to time, we may be required to provide personal information to a third party to comply with a subpoena, court order, government investigation, reporting obligation, or another legal process, including a complaint. If we disclose your personal information in this way, we will reasonably attempt to provide you with advance notice unless we are prohibited from doing so or if it is not appropriate in the circumstances.
- Corporate transactions: If we become insolvent or are involved in a merger, acquisition, reorganisation, or sale of all or a portion of our business or assets, we may share or transfer your personal information as part of such corporate transaction.
- Our staff who perform services on behalf of the Centre: To perform their roles and functions at the Centre and to provide you with access to products and services.
- Service providers (such as IT service providers) who assist us in providing the products and services, subject to confidentiality undertakings and legislation protecting the privacy of the personal information.
- Banks: Personal information may be shared on banking platforms for the payment of staff and other invoices.
- Our accountant and auditor.
- Professional advisers (including legal advisers) of the Centre.
- Our insurers.
- The public (information on the Centre’s website).
Staff and job applicants’ personal information may also be shared with –
- Their next-of-kin in emergencies.
- Vetting and employment agencies (if applicable).
Social Networking Platforms
We may use social networking platforms, such as Facebook, Instagram, and YouTube, as well as podcast platforms like Apple and Spotify, to communicate with the public and healthcare professionals about our services. When you communicate with us through these channels, the relevant platform may collect your personal information for its own purposes. You should consult their privacy policies and documents for information about their privacy practices.
Record-Keeping
We keep records of your personal information for as long as it is necessary for lawful purposes related to the conducting of our business, complying with legal obligations, resolving complaints, attending to litigation if it concerns the Centre, enforcing agreements and for historical, statistical and research purposes subject to the provisions of the law.
Information Sent Across the Borders of the Republic of South Africa
We process and store your information on Google Drive, which does have a ‘cloud’ (data centre) in the Republic of South Africa. The email addresses of our newsletter subscribers are stored and managed in HighLevel (based in the United States of America). If we must disclose your personal information to any other third party in another country, we will obtain your prior consent unless such disclosure is authorised by law.
Security of Your Personal Information
We are committed to ensuring the security of your personal information to protect it from unauthorised processing and access as well as loss, damage or unauthorised destruction. There are inherent risks associated with the electronic transfer (e.g., via email) and storage of personal information. We will take all reasonable steps to protect your information. We have implemented and will continually review and update information protection measures to ensure the security, integrity, and confidentiality of your information, following industry best practices. These measures include encryption of information and devices, and off-site data backups in the ’cloud’. Additionally, only those employees and service providers who require access to your information to fulfil their duties and provide services to us are granted access to your information. They must also sign agreements with us regarding the protection of your information. They may only use your information to render services to us. We will inform you and the Information Regulator if any person has unlawfully obtained access to your personal information, subject to the applicable laws.
Right to Access Personal Information
You have the right to request access to your personal information and records and to obtain the identities of the third parties to whom we have supplied your information. Your right is not unlimited. The law imposes certain restrictions on this right. If you wish to exercise this right, you must complete a specific form available on our website or from the Information Officer. Costs may apply to your request. Our Information Officer can provide further information. You should also consult our PAIA Manual, which is available on our website.
Accuracy of Personal Information
We must always have accurate information about you on record. Therefore, you must inform us as soon as your information changes. You may also request that we correct or delete any information. Such a request must be made in writing on a specific form, which is available on our website or can be obtained from the Information Officer. You must provide sufficient detail to identify the information and the correction or deletion required. Information will only be corrected or deleted if we agree that it is incorrect or should be deleted. It may not be possible to delete the information if we may lawfully retain it. Please get in touch with the Information Officer to discuss how we can assist you with your request. If we correct any information, and the corrected information will impact any decision about you, we will send the corrected information to the persons to whom the information has been disclosed in the past, if they should be aware of the changed information.
Changes to the Privacy Policy
In our sole and absolute discretion, we reserve the right to revise or supplement this Privacy Policy from time to time to reflect changes related to processing personal information or the law. We will publish the updated Privacy Policy on our website. Any revised version of the Policy will take effect as of the date it is posted on the website. Therefore, please refer to the website for the latest version of the Policy. You should always make sure that you have read the latest version of the Policy. You are responsible for ensuring you are satisfied with any changes before continuing to use our services. Please get in touch with our Information Officer if you have any questions regarding this Policy.
Enquiries and Concerns
All enquiries, requests, or concerns regarding this Policy or the processing of your personal information should be addressed to the Information Officer. You may also complain to the Information Regulator at POPIAcomplaints.IR@inforegulator.org.za (violation of personal information) or PAIAcomplaints.IR@inforegulator.org.za (access to record requests). We would appreciate it if you would allow us to consider your request or complaint before you approach the Information Regulator.
Law Applicable to the Privacy Policy
This Privacy Policy is governed by the laws of the Republic of South Africa and is subject to the jurisdiction of the South African courts.