TANDM (referring to TANDM Technologies (Pty) Ltd and/or TANDM Systems (Pty) Ltd) (“the Company”) is involved in the collection, use, and disclosure of personal information relating to both natural and juristic persons.
The Company recognises the importance of privacy and is committed to protecting the personal information of all data subjects. Personal information is processed in a lawful, reasonable, and transparent manner.
The purpose of this Policy is to inform data subjects of:
This Policy is aligned with the provisions of:
POPIA gives effect to the constitutional right to privacy by ensuring that personal information is processed lawfully and in a reasonable manner that does not infringe on this right.
PAIA gives effect to the constitutional right of access to information held by private bodies. The Company’s PAIA Manual outlines the categories of information available and the process to request access where required.
The Company may collect personal information from various sources, including:
At the time of collection, the Company will indicate the purpose for which the information is being collected and whether the provision of such information is mandatory or voluntary.
Personal information collected by the Company may include, but is not limited to:
Where necessary, the Company may request additional information such as physical address, account details, or identifying information.
Where the data subject is a juristic person, the Company may process personal information relating to individuals associated with that entity, including directors, employees, representatives, and authorised signatories. It is assumed that the necessary consent has been obtained when such information is provided.
The Company does not knowingly collect or process personal information relating to children.
The Company will only collect personal information that is reasonably necessary for the purpose for which it is required and will retain such information only for as long as necessary, unless otherwise required by law or contractual obligation.
The Company will process personal information only where one or more of the following conditions are met:
Personal information may be processed for the following purposes:
Where a data subject is an existing customer, personal information may be used to communicate information about products, services, or special offers.
Where a data subject is not an existing customer, marketing communications will be sent only with consent, as required by law.
In all cases, data subjects may opt out of receiving marketing communications at any time.
The Company will take reasonable steps to ensure that personal information is accurate, complete, and up to date.
Data subjects are responsible for notifying the Company of any changes to their personal information. Requests to access, correct, or update personal information may be submitted to the Company at any time.
Where personal information is obtained from third parties, the Company will take reasonable steps to verify its accuracy.
A data subject may request the deletion of personal information, subject to any legal or contractual obligations requiring retention.
Personal information is generally retained for a minimum period of five (5) years from the date of the last interaction, unless otherwise required by law.
Where information is retained for statistical or research purposes, it will be de-identified where appropriate.
The Company does not sell, rent, or provide personal information to unauthorised third parties for independent use.
Personal information may be disclosed where:
Access to personal information is managed in accordance with the Company’s PAIA Manual.
Requests for access must be submitted to the Information Officer in line with the prescribed procedures.
The Company will obtain voluntary, specific, and informed consent prior to processing personal information where required.
Consent will be requested in clear and understandable language and will not be pre-selected or assumed.
Data subjects may withdraw their consent at any time.
The Company uses cookies to enhance website functionality and improve user experience.
Cookies are used for purposes such as:
Users may disable cookies through their browser settings, although certain functionality may be affected.
The Company uses tools such as Google Analytics to monitor and analyse website usage.
This information assists in improving website performance and user experience. Data subjects may opt out of tracking through available browser tools.
The Company may share personal information with affiliate partners, service providers, and third parties where necessary for business operations.
Appropriate agreements are in place to ensure that such parties treat personal information as confidential and process it only for authorised purposes.
The Company does not control the privacy practices of third parties and encourages data subjects to review their policies independently.
As the Company works closely with affiliate parties in several countries, the personal information of a data subject may be shared with these affiliate parties in other countries and processed in those countries as part of the normal service process of the Company.
The Company does not exercise control over the privacy policies of affiliate parties. The Company is not responsible for any representation of information, warranties or content included in the privacy policy of any affiliate party. A data subject should refer to the privacy policy of any affiliate party to see how his/her personal information is protected.
The Company will only transfer a data subject’s personal information to third parties in another country under the following circumstances:
The Company implements appropriate technical, administrative, and physical safeguards to protect personal information.
Access to personal information is restricted to authorised individuals, and reasonable steps are taken to prevent loss, misuse, or unauthorised access.
In the event of a data breach, the Company will follow the procedures required under POPIA.
This includes notifying affected data subjects and the Information Regulator, and taking steps to contain, investigate, and mitigate the impact of the breach.
The Company reserves the right to amend this Policy from time to time.
The Policy will be reviewed periodically to ensure ongoing compliance with applicable legislation and business practices. The most recent version will be made available on the Company’s website.
Should a data subject believe that the Company has utilised his/her personal information contrary to provisions made in POPIA and PAPIA, the data subject undertakes to first attempt to resolve the concern with the Company using the contact details listed below:
Information Officer
Elton Murison
Physical Address
9 George Storrar Drive, Groenkloof, Pretoria, 0181, South Africa
Tel
+27 87 092 0920
dataprivacy@tandm.co.za
Last revision date: May 2026