Data Privacy: TalentintheCloud (PTY) LTD Protection Of Personal Information
1. Company Details
TalentintheCloud is a group of executive search firms, specializing in talent acquisition and management within the Fintech and Payments sector. The group has offices in Mauritius (TalentintheCloud International), England (TalentintheCloud Limited) and South Africa (TalentintheCloud PTY Limited). At current, the TalentintheCloud team consists of 10 people, with grand plans of future expansion. Our core service offerings
Are: Permanent Staffing Solutions, Contract Staffing Solutions, In-house Talent Management, ResponseHandling, Verification Checks and Talent and Market Mapping Services.
Information Officer Details
Unit B 108 Sandown Square Sandown Road
Cape Town, SA, 7441
Unit B 108 Sandown Square Sandown Road
Cape Town, SA, 7441
Tel: +27 (0) 82 669 8967
Contact: Darren Franks
We are committed to compliance with The Protection of Personal Information (POPI) Act which requiresus to:
- Sufficiently inform candidates/applicants/work-seekers (data subjects), hereafter referred to as candidates, the purpose for which we will process their personal information;
- Protect our Information assets from threats, whether internal or external, deliberate or accidental, to ensure business continuation, minimise business damage and maximise business
This policy and compliance framework establishes measures and standards for the protection and lawfulprocessing of personal information within our organisation and provides principles regarding the right of individuals to privacy and to reasonable safeguarding of theirpersonal information.
The Information Officer, (Darren Franks), is responsible for:
- Conducting a preliminary assessment;
- The development, implementation and monitoring of this policy and compliance framework;
- Ensuring that this policy is supported by appropriate documentation;
- Ensuring that documentation is relevant and kept up to date;
- Ensuring this policy and subsequent updates are communicated to relevant managers, representatives, staff and associates, where applicable.
All employees, subsidiaries, business units, departments and individuals directly associated with TalentintheCloud are responsible for adhering to this policy and for reporting any security breaches/incidents to the Information Officer.
Any Service Provider that provides Information Technology services, including but not limited to data storage facilities, to our organization must adhere to the requirements of the POPI Act to ensure adequate protection of personal information held by them on our behalf. Written confirmation to this effect must be obtained from relevant service providers.
3. Policy Principles
Principle 1: Accountability
- We must take reasonable steps to ensure that personal information obtained from candidates is stored safely and
- This includes CV’s, Resumes, References, Qualifications, Integrity Checks and any other personal information that may be obtained for the purpose of candidate representation.
Principle 2: Processing Limitation
- We will collect personal information directly from
- Once in our possession, we will only process or release candidate information with their consent, except where we are required to do so by In the latter case we will always inform the candidate.
Principle 3: Specific Purpose
- We collect personal information from candidates to enable us to represent them to our clients for the purpose of recruitment.
Principle 4: Limitation on Further Processing
- Personal information may not be processed further in a way that is incompatible with the purpose for which the information was collected We collect personal information for recruitment and it will only be used for that purpose. We reserve the right to hold information in a secured database for a period of time up to and until the candidate has asked TalentintheCloud to remove personal information.
Principle 5: Information Quality
- We are responsible for ensuring that candidate information is complete, up to date, and accurate before we use it. This means that it may be necessary to request candidates, from time to time, to update their information and confirm that it is still If we are unable to reach a candidate for this purpose their information will be deleted from our records.
Principle 6: Transparency/Openness
- Where personal information is collected from a source other than directly from a candidate (EG Social media, portals) we are responsible for ensuring that the candidate is aware:
- That their information is being collected;
- Who is collecting their information by giving them our details;
- Of the specific reason that you are collecting their information.
Principle 7: Security Safeguards
- We will ensure technical and organisational measures to secure the integrity of personal information and guard against the risk of loss, damage or destruction Personal information must also be protected against any unauthorised or unlawful access or processing. We are committed to ensuring that information is only used for legitimate purposes with candidate consent and only by authorised employees of our agency.
Principle 8: Participation of Individuals
- Candidates are entitled to know particulars of their personal information held by us, as well as the identity of any authorised employees of our agency that had access They are also entitled to correct any information held by us.
4. Operational Considerations
The Management and Information Officer are responsible for administering and overseeing the implementation of this policy and, as applicable, supporting guidelines, standard operating procedures, notices, consents and appropriate related documents and processes. All employees, subsidiaries, business units, departments and individuals directly associated with us are to be trained, according to their functions, in the regulatory requirements, policies and guidelines that govern the protection of personal information. We will conduct periodic reviews and audits, where appropriate, to ensure compliance with this policy and guidelines.
We shall establish appropriate standard operating procedures that are consistent with this policy and regulatory requirements. This will include:
- Allocation of information security
- Incident reporting and
- User ID addition or
- Information security training and
- Data backup.
Any breach/es of this policy may result in disciplinary action and possible termination of employment.