Comprehensive Privacy Policy

Draft policy. Private and confidential. This does not represent the current approved policy or certification of SystemWorks (Pty) Ltd. 

Last Updated: 03 November 2025

This comprehensive document serves to describe how and why ERP SystemWorks (Pty) Ltd ("the Company", "we", "us", or "our") processes and protects your personal information in accordance to the relevant acts, laws and regulations and outlines our rules, policies and procedures and provides transparency around our processing of personal information and outlines rules and procedures around processing and removal of personal information.

1. Scope

This document applies to any business conducted with the Company, wherever it is conducted, where personal information is processed by the Company, any explicitly authorised "Operators", and describes the types of personal information that may be processed from the "Data Subject" and what rules and policies are in place to process personal information and steps taken to safeguard the information to protect the privacy of the Subject, and in compliance of the following acts, regulations and policies:

1. Protection of Personal Information Act (POPIA), Act No. 4 of 2013, South Africa Link (herein after referred to as the "POPI Act")
2. Promotion of Access to Information Act (PAIA), Act No. 2 of 2000, South Africa Link (herein after referred to as "PAIA")

2. Purpose

The purpose of this document is to enable the company to comply with the relevant acts, regulations and policies, follow good and fair practice, respect and protect personal information of the Data Subject, provide transparency around how personal information is processed, detail how Data Subject's may request access to and removal of personal information, and enable continuous and proactive monitoring of personal information processing.

3. Contents

4. Definitions

The following definitions of terms used in this document, may which are drawn from the Protection of Personal Information Act (POPIA), Act No. 4 of 2013:

4.1. Personal information

"Personal information" means information relating to any identifiable, living natural person and/or existing juristic person including, nut not limited to:

1. information relating to race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
2. information relating to education, medical, financial, criminal or employment history of the person; 
3. any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
4. the biometric information of the person;
5. the personal opinions, views or preferences of the person;
6. correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
7. the views or opinions of another individual about the person; and
8. the name of the person as it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information.

4.2. Special Personal Information

"Special personal information" includes information concerning the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health, sex life, biometric information, or the criminal behaviour of an information subject.

4.3. Processing

"Processing" means any operation, activity or set of operations, whether or not by automatic means, concerning personal information, including:

1. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
2. dissemination by means of transmission, distribution or making available in any other form; or merging, linking, as well as restriction, degradation, erasure or destruction of information.

4.4 Data Subject

"Data Subject" refers to any individual or organisation whom we process their personal information or process personal information on behalf of, including:

1. "the Customer", any individual or organisation that engages business with the Company;
2. "the Employee", any individual who is contracted by the Company in a permanent, contracted or temporary employment situation;

4.5 Company

"Company" refers to the private company ERP SystemWorks (Pty) Ltd. and any department, employee, or individual that is contracted to the company that is under direct authority, or the authorised representative thereof.

4.6. Operator

"Operator" means a person who processes personal information for a responsible party in terms of a contract or mandate, without coming under the direct authority of that party.

5. Information Processing

5.1. Personal information you disclose to us

We collect personal information that is voluntarily provided to us when you interact with the Company by: express interest or request information about us, our products and services, participating with any of our services, and contact us through means including, but not limited to: in-person, physical mail, email, telephone or instant messaging.

This information is processed as required to deliver the requested product or service, and provide you with the needed information and feedback that you explicitly requested.

This information may include the following personal information:

• names;
• phone numbers;
• email addresses;
• usernames;
• passwords;
• contact preferences;
• contact or authentication data;
• billing addresses;
• identifying numbers;
• any other personal information that is voluntarily revealed in the course of direct and indirect communication.

This personal information may be processed by authorised third-party operators, see the section on Third-Party Operators for more information and links to their respective privacy policies.

When engaging with the Company during the course of employment or contract, the following additional information may also be processed:

• gender;
• race;
• disabilities;
• work authorisation;
• job titles;
• criminal record history;
• employment history;
• identifying numbers;
• bank account numbers, bank names, branch codes and names of account holders;
• physical addresses;
• next of kin contact information.

When making making any payments to the Company for products or services, we and our authorised third-party service providers, payment processors and banking institutions may also collect data necessary to process your payment:

• payment instrumentation numbers;
• transaction identifying numbers;
• bank account numbers, account holder names, bank names and branch information;
• security codes.

When engaging with the Company through social media, for example but not limited to our Facebook, Instagram, LinkedIn, X/Twitter and other social media accounts and using your social media information to create a new user account or login to an existing account we may process the following information:

• names;
• email address;
• usernames.

All personal information that you provide to us must be true, complete, accurate, and you must notify us of any changes to such personal information.

5.2. Information automatically processed

We and our authorised service providers also automatically process personal information when you interact with the company in the ways described above for the purposes of legal compliance and security of our Company, the personal and business information of our Data Subjects and the ongoing maintenance and operating of the infrastructure and services required to ensure products and services can be delivered.

This information includes:

• date and time of certain actions;
• IP addresses;
• device data (your browser, physical device, operating system and/or software);
• email addresses;
• location data.

5.3. Information processed from other sources

We may process information from other sources for the purposes of enhancing our ability to provide relevant marketing, products, offers and services to you, maintain compliance with relevant acts, regulations and policies and update our records. This information may include:

• names;
• email addresses;
• phone numbers;
• job titles;
• intent data (behavioural data);
• social media data.

While we make every effort to ensure that this personal information to the best of our knowledge has been freely and lawfully disclosed, we do not exercise direct control over these information sources and third-party service providers and undertake to redact, remove or notify you of any personal information that we have collected if we have evidence that the information was not freely or lawfully disclosed.

5.4. Information shared with authorised operators ("data processors")

We may explicitly and implicitly share information to certain authorised third-party operators and service providers for the purposes of providing products and services to you and the security of our and our subjects' personal and business information and for the purposes of ongoing service continuity.

The following are explicitly authorised service providers and operators, a short summary of the products and services they provide in relation to the information we collect from our Data Subjects, and links to their company information, product and service offerings and privacy policies:

5. Protection of Personal Information

6. Procedures and Resolutions

7. Information Officer

For further information about this policy, or to request further information, submit requests or complaints please contact:

7.1 Information Officer (IO)

Name: Liz Collins
Email Address: [email protected]
Phone: +27 21 154 0999

7.2. Deputy Information Officer (DIO)

Name: 
Email Address:
Phone: