Protection of Personal Information 4/13 (‘POPIA’) Policy


In this Policy, unless the context requires otherwise, the following words and expressions bear the meanings assigned to them and cognate expressions bear corresponding meanings: – 

1.1 “Child” refers to a natural person under the age of 18 who lacks legal competency in the absence of his/her  parent or legal guardian; 

1.2 “Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration,  unauthorised disclosure of, or access to, Personal Information under the control of or in the possession of Savant  People Development;  

1.3 “Data Subject” means the person to whom Personal Information relates and includes a client, potential  client, supplier, and so forth;  

1.4 ‘‘De-identify’’, in relation to personal information of a data subject, means to delete any information that— identifies the data subject can be used or manipulated by a reasonably foreseeable method to identify the data  subject can be linked by a reasonably foreseeable method to other information that identifies the data subject; 

1.5 “Direct Marketing” means to approach a person, by electronic communication, for the purpose of promoting  or offering to supply, in the ordinary course of business, any goods or services to the Data Subject;  

1.6 “Direct Marketer” means a supplier who employs Direct Marketing as an advertising mechanism;  1.7 “Employees” means any employee of the Savant People Development;  

1.8 “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on  the protection of natural persons with regard to the processing of personal data and on the free movement of  such data, and repealing Directive 95/46/EC (General Data Protection Regulation);  

1.9 “Operator” means a person or entity who Processes Personal Information for a Responsible Party in terms  of a contract or mandate, without coming under the direct authority of that Responsible Party; 

1.10 “Person” means a natural person unless otherwise indicated; 

1.11 “Personal Information” means information relating to a Data Subject (for purposes of the GDPR, this is  specifically limited to natural persons only), including but not limited to (i) views or opinions of another individual  about the Data Subject; and (ii) information relating to such Data Subject’s –

1.11.1 race, sex, gender, sexual orientation, pregnancy, marital status, nationality, ethnic or social  origin, colour, age, physical or mental health, well-being, disability, religion, conscience, belief, cultural  affiliation, language and birth;  

1.11.2 education, medical, financial, criminal or employment history;  

1.11.3 names, identity number and/or any other personal identifier, including any number(s), which  may uniquely identify a Data Subject, account or client number, password, pin code, customer or Data  Subject code or number, numeric, alpha, or alpha-numeric design or configuration of any nature,  symbol, email address, domain name or IP address, location information; physical address, cellular  phone number, telephone number or other particular assignment;  

1.11.4 blood type, fingerprint or any other biometric information;  

1.11.5 personal opinions, views or preferences of the Data Subject or of another person about a Data  Subject;  

1.11.6 correspondence that is implicitly or expressly of a personal, private or confidential nature (or  further correspondence that would reveal the contents of the original correspondence); and  

1.11.7 corporate structure, composition and business operations (in circumstances where the Data  Subject is a juristic person) irrespective of whether such information is in the public domain or not. 

1.12 “Policy” means this Privacy Policy;  

1.13 “POPIA” means the Protection of Personal Information Act 4 of 2013;  

1.14 “Processing” means any operation or activity or any set of operations, whether or not by automatic means,  concerning Personal Information, including – 

1.14.1 the collection, receipt, recording, organisation, collation, storage, updating or modification,  retrieval, alteration, consultation or use;  

1.14.2 dissemination by means of transmission, distribution or making available in any other form by  electronic communications or other means; or  

1.14.3 merging, linking, blocking, degradation, erasure or destruction. For the purposes of this definition. “Process” has a corresponding meaning 

1.15 ‘‘Record’’ means any recorded information—regardless of form or medium, including any of the following:  1.15.1 Writing on any material.  

1.15.2 Information produced, recorded, or stored by means of any tape recorder, computer equipment,  whether hardware or software or both, or other device, and any material subsequently derived from information so produced, recorded or stored. 

1.15.3 Label, marking or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means.  

1.15.4 Book, map, plan, graph, or drawing.  

1.15.5 Photograph, film, negative, tape or other device in which one or more visual images are  embodied so as to be capable, with or without the aid of some other equipment, of being reproduced;  

1.15.6 In the possession or. under the control of a responsible party  

1.15.7 Whether or not it was created by a responsible party; and  

1.15.8 Regardless of when it came into existence

1.16 “Regulator” means the South African Information Regulator established in terms of POPIA; 

1.17 “Responsible Party” means a public or private body or any other person which alone or in conjunction with  others, determines the purpose of and means for Processing Personal Information; 

1.18 “Special Personal Information” means Personal Information concerning a Data Subject’s religious or  philosophical beliefs, race or ethnic origin, trade union membership, political opinions, health, sexual life, sexual  orientation, genetic information, biometric information or criminal behaviour;  

1.19 “Third Party” means any independent contractor, agent, consultant, sub-contractor or other representative of Savant People Development; and  

1.20 “Website” means the Savant People Development website currently located at



This policy aims to inform Data Subjects about how Savant People Development Processes their  Personal Information. Savant People Development renders its services in accordance with the Protection of Personal Information Act 4 of 2013.



3.1 Savant People Development, in its capacity as Responsible Party and/or Operator, shall strive to observe,  and comply with its obligations under POPIA as well as accepted information protection principles, practices and  guidelines when it Processes Personal Information from or in respect of a Data Subject.  

3.2 This Policy applies to Personal Information collected by Savant People Development in connection with the  services which we offer and provide. This includes information collected directly from you as a Data Subject, as well as information we collect indirectly through our Direct Marketing campaigns and online through our  websites, branded pages on Third Party platforms and applications accessed or used through such websites or  Third Party platforms which are operated by or on behalf of Savant People Development.  

3.3 This Privacy Policy does not apply to the information practices of Third Party companies who we may engage  with in relation to our business operations (including, without limitation, their websites, platforms and/or  applications) which we do not own or control; or individuals that Savant People Development does not manage  or employ. These Third Party sites may have their own privacy policies and terms and conditions and we  encourage you to read them before using them



4.1 Savant People Development collects Personal Information directly from Data Subjects, unless an exception  is applicable (such as, for example, where the Data Subject has made the Personal Information public or the  Personal Information is contained in or derived from a public record).  

4.2 Savant People Development will always collect Personal Information in a fair, lawful and reasonable manner  to ensure that it protects the Data Subject’s privacy and will Process the Personal Information based on  legitimate grounds in a manner that does not adversely affect the Data Subject in question.  

4.3 Savant People Development often collects Personal Information directly from the Data Subject and/or in  some cases, from Third Parties.  

4.4 Where Savant People Development obtains Personal Information from Third Parties, Savant People  Development will ensure that it obtains the consent of the Data Subject to do so or will only Process the Personal  Information without the Data Subject’s consent where Savant People Development is permitted to do so in  terms of clause 4.1 above.  

4.5 An example of such Third Parties include:  

(i) our clients when Savant People Development handles Personal Information on their behalf;  (ii) credit reference agencies;  

(iii) other companies providing services to Savant People Development; and  

(iv) where Savant People Development makes use of publicly available sources of information.



5.1 Where Savant People Development is the Responsible Party, it will only Process a Data Subject’s Personal  Information (other than for Special Personal Information) where – 

5.1.1 consent of the Data Subject (or a competent person where the Data Subject is a Child) is obtained;  

5.1.2 Processing is necessary to carry out the actions for conclusion of a contract to which a Data Subject  is party;  

5.1.3 Processing complies with an obligation imposed by law on Savant People Development;  5.1.4 Processing protects a legitimate interest of the Data Subject;  

5.1.5 Processing is necessary for pursuing the legitimate interests of Savant People Development or of  a third party to whom the information is supplied; and/or

5.1.6 Processing is necessary for the performance of a task carried out in the public interest or in the  exercise of official authority vested in Savant People Development. 

5.2 Savant People Development will only Process Personal Information where one of the legal bases referred to  in paragraph 5.1 above are present.  

5.3 Savant People Development will make the manner and reason for which the Personal Information will be  Processed clear to the Data Subject.  

5.4 Where Savant People Development is relying on a Data Subject’s consent as the legal basis for Processing  Personal Information, the Data Subject may withdraw his/her/its consent or may object to Savant People  Development’s Processing of the Personal Information at any time. However, this will not affect the lawfulness  of any Processing carried out prior to the withdrawal of consent.  

5.5 If the consent is withdrawn or if there is otherwise a justified objection against the use or the Processing of  such Personal Information, Savant People Development will ensure that the Personal Information is no longer  Processed.



6.1 Special Personal Information is sensitive Personal Information of a Data Subject and Savant People  Development acknowledges that it will generally not Process Special Personal Information unless: 

(i) processing is carried out in accordance with the Data Subject’s explicit consent; or  (ii) information has been deliberately made public by the Data Subject; or 

(iii) processing is necessary for the establishment, exercise or defence of a right or legal claim or  obligation in law); or  

(iv) processing is for historical, statistical or research purposes, subject to stipulated safeguards; or  (v) specific authorisation has been obtained in terms of POPIA.


7.1 The information collected by Savant People Development includes Personal Information of Data Subjects,  whether as the Responsible Person and/or and Operator. 

7.2 Documentation that Savant People Development collects which contains personal information including the  following: 

7.2.1 Service Level Agreements (SLAs); 

7.2.2 Non-Disclosure Agreements (NDAs); 

7.2.3 Employee and/or contractor contracts and records; 

7.2.4 Supplier contracts and contact information; 

7.2.5 Third party information where Savant People Development functions as an Operator to a  Responsible Person; 

7.2.6 Payment information stored on an accounting database;  

7.2.7 Database for marketing communication; and 

7.2.8 Electronic mail correspondence between Savant People Development and any of the  aforementioned persons.


8.1 Savant People Development acknowledges that it may not Process any Personal Information concerning a  Child and will only do so where it has obtained the consent of the parent or guardian of that Child or where it is  permitted to do so in accordance with applicable laws.


9.1 Savant People Development understands its obligation to make Data Subjects aware of the fact that it is  Processing their Personal Information and inform them of the purpose for which Savant People Development Processes such Personal Information. 

9.2 Savant People Development will only Process a Data Subject’s Personal Information for a specific, lawful and  clear purpose (or for specific, lawful and clear purposes) and will ensure that it makes the Data Subject aware of  such purpose(s) as far as possible.  

9.3 It will ensure that there is a legal basis for the Processing of any Personal Information. Further, Savant People  Development will ensure that Processing will relate only to the purpose for and of which the Data Subject has  been made aware (and where relevant, consented to) and will not Process any Personal Information for any  other purpose(s).  

9.4 Savant People Development will generally use Personal Information for purposes required to operate and  manage its normal business operations and these purposes include one or more of the following non-exhaustive  purposes – 

9.4.1 For the purposes of providing its services to the Data Subject from time to time;  

9.4.2 Personal Information is processed in order to conduct due diligence processes on Savant People  Development Clients;  

9.4.3 Personal Information is processed for the purposes of performing general information  technology-related functions for all business functions within the Savant People Development;  

9.4.4 Personal Information is processed in connection with internal audit purposes (i.e. ensuring that  the appropriate internal controls are in place in order to mitigate the relevant risks, as well as to carry  out any investigations where this is required);  

9.4.5 Personal Information is processed for employment-related purposes such as administering  payroll, assessing credit and criminal history, and determining Employment Equity Act 55 of 1998  statistics;  

9.4.6 To respond to any correspondence that the Data Subject may send to Savant People  Development, including via email, Savant People Development’s site(s) or by telephone;  

9.4.7 In connection with the execution of payment processing functions, including payment of Savant  People Development’s suppliers’ invoices;  

9.4.8 To contact the Data Subject for direct marketing purposes subject to the provisions of clause 11 below;  

9.4.9 For such other purposes to which the Data Subject may consent from time to time; and 

9.4.10 For such other purposes as authorised in terms of applicable law. 

9.5 Browsing Data may be captured in order to troubleshoot problems on our website or other online platforms,  prevent fraud and abuse, and inform our marketing activities. Browsing Data may be collected through the use  of online technological tools including Website cookies or other device identification technologies which may be  explored at a later point in time. See paragraph 24 hereinunder for more information on Data Processing on our  Website.


10.1 Savant People Development adheres to the principle of data minimisation wherein only Personal  Information which is strictly necessary for the delivery of services is processed. 

10.2 The aforementioned includes: 

10.2.1 Carry out our contractual commitments to selected partners and providers; 

10.2.2 Meeting legal obligations and regulatory requirements; 

10.2.3 Carry out internal processes such as payroll; 

10.2.4 Understand and determine the need for service improvement and/or additional features; 10.2.5 Conveying necessary information to customers; 

10.2.6 Facilitating support requests; and 

10.2.7 Any other necessary services not specifically accounted for in this list.


11.1 Savant People Development will take reasonable steps to ensure that all Personal Information is kept as  accurate, complete and up to date as reasonably possible depending on the purpose for which Personal  Information is collected or further processed.  

11.2 Savant People Development may not always expressly request the Data Subject to verify and update  his/her/its Personal Information, unless this process is specifically necessary.  

11.3 Savant People Development, however, expects that the Data Subject will notify Savant People Development from time to time in writing of any updates required in respect of his/her/its Personal Information.


12.1 Savant People Development may store your Personal Information in hardcopy format and/or in electronic  format using Savant People Development ‘s own secure on-site servers or other internally hosted technology.  

12.2 Savant People Development endeavours to retain data for no longer than the minimum time required to  achieve and comply with the requisite laws, including any other accounting, tax or other compliance reporting  requirements. 

12.3 Savant People Development may archive some of your personal data, with restricted access, for an  additional period of time when it is required in order for Us to achieve any archiving requirements, whereafter,  the remaining Personal Information will be permanently destroyed or de-identified on our systems. 

12.4 The retention period of a Data Subject’s Personal Information is dependent on the legitimate purpose for  which data is collected and processed, including: 

12.4.1 Where cookies or other technical tracking technologies are placed on your computer or when  Browsing Data is processed. 

12.4.2 Where a Person initiates an enquiry and Savant People Development retains such Personal Information in order to process such enquiry. 

12.4.3 Where payment has been processed in respect of Our services and transactional data linked to  a Data Subject’s Personal Information is required to be retained to satisfy legal, accounting, compliance,  tax, and/or other legislative requirements; or 

12.4.4 Where a Data Subject has opted-in, subscribed or followed Us via our Website or social media  handles indicating that the Data Subject wishes to receive specific notifications relating to Our services  which will require Savant People Development to retain information.


13.1 Your Personal Information may be stored by Third Parties, via cloud services, online transfer or other  technology, with whom Savant People Development has contracted in order to support Savant People Development ‘s business operations and ensure the provision of services for which Savant People Development  has been appointed to perform. 

13.2 Savant People Development‘s Third Party service providers, including data storage and processing  providers, may from time to time also have access to a Data Subject’s Personal Information in connection with  purposes for which the Personal Information was initially collected to be Processed. 

13.3 Third Party service providers based within the Republic of South Africa bear the onus of ensuring  compliance with POPI, and are therefore dually responsible for ensuring the proper Processing and Storage of a  Data Subject’s Personal Information. will process the Personal Information in accordance with the provisions of  this Policy, all other relevant internal policies and procedures and POPIA and, where relevant, the GDPR.  

13.4 These Third Parties do not use or have access to your Personal Information other than for purposes  specified by us, and Savant People Development requires such parties to employ at least the same level of  security that Savant People Development uses to protect your personal data.  

13.5 Your Personal Information may be Processed in South Africa or another country where Savant People Development, its affiliates and their Third Party service providers maintain servers and facilities and Savant  People Development will take steps, including by way of contracts, to ensure that it continues to be protected,  regardless of its location, in a manner consistent with the standards of protection required under applicable law.


14.1 To the extent that Savant People Development acts in its capacity as a Direct Marketer, it shall strive to  observe, and comply with its obligations under POPIA and, where relevant, the GDPR when implementing  principles and practices in relation to Direct Marketing.  

14.2 Savant People Development acknowledges that it may only use Personal Information to contact the Data  Subject for purposes of Direct Marketing from time to time where it is permissible to do so.  

14.3 It may use Personal Information to contact any Data Subject and/or market Savant People Development’s  services directly to the Data Subject(s) if the Data Subject is one of Savant People Development’s existing clients,  the Data Subject has requested to receive marketing material from Savant People Development or Savant People  Development has the Data Subject’s consent to market its services directly to the Data Subject. 

14.4 If the Data Subject is an existing client, Savant People Development will only use his/ her/its Personal  Information if it has obtained the Personal Information through the provision of a service to the Data Subject  and only in relation to similar services to the ones Savant People Development previously provided to the Data  Subject.  

14.5 Savant People Development will ensure that a reasonable opportunity is given to the Data Subject to object  to the use of their Personal Information for Savant People Development’s marketing purposes when collecting  the Personal Information and on the occasion of each communication to the Data Subject for purposes of Direct  Marketing.  

14.6 Savant People Development will not use your Personal Information to send you marketing materials if you  have requested not to receive them. If you request that we stop Processing your Personal Information for marketing purposes, Savant People Development shall do so. We encourage that such requests to opt-out of  marketing be made via forms and links provided for that purpose in the marketing materials sent to you.


15.1 Savant People Development may keep records of the Personal Information it has collected,  correspondence, or comments in an electronic or hardcopy file format.  

15.2 Savant People Development will not retain personal information for a period longer than is necessary to  achieve the purpose for which it was collected or processed and is required to delete, destroy (in such a way  that it cannot be reconstructed) or de-identify the information as soon as is reasonably practicable once the  purpose has been achieved.  

15.3 The aforementioned prohibition will not apply in the following circumstances – 

15.3.1 where the retention of the record is required or authorised by law;  

15.3.2 Savant People Development requires the record to fulfil its lawful functions or activities;  15.3.3 retention of the record is required by a contract between the parties thereto;  15.3.4 the data subject (or its agent, curator or otherwise) has consented to such longer retention; or  

15.3.5 the record is retained for historical, research or statistical purposes provided safeguards are put  in place to prevent use for any other purpose.  

15.4 Accordingly, Savant People Development will, subject to the exceptions noted herein, retain Personal  Information for as long as necessary to fulfil the purposes for which that Personal Information was collected  and/or as permitted or required by applicable law. 

15.5 Where Savant People Development retains Personal Information for longer periods for statistical, historical  or research purposes, Savant People Development will ensure that appropriate safeguards have been put in  place to ensure that all recorded Personal Information will continue to be Processed in accordance with this  Policy and the applicable laws.  

15.6 Once the purpose for which the Personal Information was initially collected and Processed no longer applies  or becomes obsolete, Savant People Development will ensure that the Personal Information is deleted,  destroyed or de-identified sufficiently so that a person cannot re-identify such Personal Information.  

15.7 In instances where we de-identify your Personal Information by redacting the Data Subject’s Personal  Information, Savant People Development may use such de-identified information indefinitely.


16.1 Should Savant People Development need to collect Personal Information by law or under the terms of a  contract that Savant People Development may have with you and you fail to provide the Personal Information  when requested, we may be unable to perform the contract we have or are attempting to enter into with you.  

16.2 In such a case, Savant People Development may have to decline to provide or receive the relevant services,  and you will be notified where this is the case.


17.1 Savant People Development shall preserve the security of Personal Information and, in particular, prevent  its alteration, loss and damage, or access by non-authorised third parties.  

17.2 Savant People Development will ensure the security and integrity of Personal Information in its possession  or under its control with appropriate, reasonable technical and organisational measures to prevent loss,  unlawful access and unauthorised destruction of Personal Information.  

17.3 Taking into account the state of the art, the costs of implementation and the nature, scope, context and  purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of Data  Subjects, Savant People Development implements appropriate technical and organisational measures to ensure  a level of security appropriate to the risk of Processing, including measures protecting any Personal Information  from loss or theft, and unauthorised access, disclosure, copying, use or modification, including – 

17.3.1 the pseudonymization and encryption of Personal Information;  

17.3.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing  systems and services; 

17.3.3 the ability to restore the availability and access to Personal Information in a timely manner in  the event of a physical or technical incident; and  

17.3.4 a process for regularly testing, assessing and evaluating the effectiveness of technical and  organisational measures for ensuring the security of Processing.  

17.4 Further, Savant People Development maintains and regularly verifies that the security measures are  effective and regularly updates same in response to new risks.


18.1 A Data Breach refers to any incident in terms of which reasonable grounds exist to believe that the Personal  Information of a Data Subject has been accessed or acquired by any unauthorised person.  

18.2 A Data Breach can happen for many reasons, which include:  

18.2.1 loss or theft of data or equipment on which Personal Information is stored;  

18.2.2 inappropriate access controls allowing unauthorised use;  

18.2.3 equipment failure;  

18.2.4 human error;  

18.2.5 unforeseen circumstances, such as a fire or flood;  

18.2.6 deliberate attacks on systems, such as hacking, viruses or phishing scams; and/or  

18.2.7 alteration of Personal Information without permission and loss of availability of Personal  Information.  

18.3 Savant People Development will address any Data Breach in accordance with the terms of POPIA.  

18.4 Savant People Development will notify the Regulator and the affected Data Subject (unless the applicable  law requires that we delay notification to the Data Subject) in writing in the event of a Data Breach (or a  reasonable belief of a Data Breach) in respect of that Data Subject’s Personal Information.  

18.5 Savant People Development will provide such notification as soon as reasonably possible and, where  feasible, not later than 72 (seventy-two) hours after having become aware of any Data Breach in respect of such  Data Subject’s Personal Information.  

18.6 Where Savant People Development acts as an ‘Operator’ and should any Data Breach affect the data of  Data Subjects whose information Savant People Development Processes as an Operator, Savant People  Development shall (in terms of POPIA and, where applicable, the GDPR) notify the relevant Responsible Party  immediately where there are reasonable grounds to believe that the Personal Information of relevant Data  Subjects has been accessed or acquired by any unauthorised person.



19.1 Savant People Development may disclose Personal Information to Third Parties and will enter into written  agreements with such Third Parties to ensure that they Process any Personal Information in accordance with the  provisions of this Policy, and POPIA, generally.

19.2 Savant People Development notes that such Third Parties may assist Savant People Development with the  purposes already listed herein above – for example, service providers may be used, inter alia:  

(i) to notify the Data Subjects of any pertinent information concerning Savant People Development,  (ii) for data storage and/or  

(iii) to assist Savant People Development with auditing processes (external auditors).  

19.3 Savant People Development will disclose Personal Information with the consent of the Data Subject or if  Savant People Development is permitted to do so without such consent in accordance with the applicable laws. 


20.1 Savant People Development has as its primary jurisdictions of operation Southern African Development  Community (‘SADC’) countries, including, but not limited to, South Africa, Botswana, Namibia, Zimbabwe and  Mozambique. 

20.2 Savant People Development may also make use of online data transfer controls such as Cloud services  either regulated within the Republic of South Africa, or duly registered as a company in a jurisdiction which have  adequate privacy and personal information protections in place.  

20.3 Alternatively, Savant People Development undertakes to enter into Operator agreements with  organisations which do not meet the POPI threshold of compliance to ensure an appropriate protection of  personal data where such organisation does not already have in place a Code of Conduct accounting for POPI  compliance when dealing with South African juristic persons or a certificate mechanism validated by the Information Regulator of South Africa. 

20.4 Savant People Development may also send Personal Information to a foreign jurisdiction outside of the  Republic of South Africa, including for Processing and storage by Third Parties.  

20.5 When Personal Information is transferred to a jurisdiction outside of the Republic of South Africa (including  to any Savant People Development Associated Entity), Savant People Development will obtain the necessary  consent to transfer the Personal Information to such foreign jurisdiction or may transfer the Personal  Information where Savant People Development is permitted to do so in accordance with the provisions  applicable to cross-border flows of Personal Information under POPIA and, where applicable, the GDPR.  

20.6 The Data Subject should also take note that the Processing of Personal Information in a foreign jurisdiction  may be subject to the laws of the country in which the Personal Information is held, and may be subject to  disclosure to the governments, courts of law, enforcement or regulatory agencies of such other country,  pursuant to the laws of such country.


21.1 Access to information is more fully dealt with in Savant People Development’s PAIA manual. 21.2 A Data Subject has certain rights under POPIA, including:  

21.2.1 a right of access: a Data Subject having provided adequate proof of identity has the right to:  

(i) request a Responsible Party to confirm whether any Personal Information is held about the  Data Subject; and/or  

(ii) request from a Responsible Party a description of the Personal Information held by the  Responsible Party including information about Third Parties who have or have had access to  the Personal Information.  

21.3 A Data Subject may request:  

21.3.1 Savant People Development to confirm, free of charge, whether it holds any Personal  Information about him/ her/it; and  

21.3.2 to obtain from Savant People Development the record or description of Personal Information  concerning him/her/it and any information regarding the recipients or categories of recipients who  have or had access to the Personal Information.  

Such record or description is to be provided: within a reasonable time; and in a reasonable manner and format and in a form that is generally understandable.  

21.3.3 correction or deletion of Personal Information, wherein a Data Subject may also request Savant  People Development to – correct or delete Personal Information about the Data Subject in its possession or  under its control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading  or obtained unlawfully; or destroy or delete a record of Personal Information about the Data Subject that Savant  People Development is no longer authorised to retain records in terms of POPIA’s and, where  applicable, the GDPR’s retention and restriction of records provisions. 

21.3.4 a right to withdraw consent and to object to processing: a Data Subject that has previously  consented to the Processing of his/her/its Personal Information has the right to withdraw such consent  and may do so by providing Savant People Development with notice to such effect at the address.  Furthermore, a Data Subject may object, on reasonable grounds, to the Processing of Personal  Information relating to him/her/it.

21.4 Where Savant People Development is requested to delete, destroy or otherwise correct Personal Information in its possession, Savant People Development is required, as soon as is practicably possible, to: 

21.4.1 Correct the information; 

21.4.2 Delete or destroy Personal Information so that it is impossible to reconstruct same; 

21.4.3 Provide the Data Subject with evidence in support of the Personal Information being  requested; or 

21.4.4 take reasonable steps to indicate that correction has been requested but not carried out and  the reasons therefore once a Data Subject requests same. 

21.5 Accordingly, Savant People Development may request the Data Subject to provide sufficient identification  to permit access to, or provide information regarding the existence, use or disclosure of the Data Subject’s  Personal Information.  

21.6 Any such identifying information shall only be used for the purpose of facilitating access to or information  regarding the Personal Information.  

21.7 The Data Subject can request in writing to review any Personal Information about the Data Subject that  Savant People Development holds including Personal Information that Savant People Development has  collected, utilised or disclosed, as well as the following information:  

(i) the purposes of Processing;  

(ii) the categories of Personal Information concerned;  

(iii) where possible, the envisaged period for which the Personal Information will be stored or, if not  possible, the criteria used to determine that period;  

(iv) the existence of the right to request from Savant People Development rectification or erasure of  Personal Information or restriction of Processing of Personal Information concerning the Data Subject  or to object to such processing;  

(v) the right to lodge a complaint with the Regulator;  

(vi) where the Personal Information is not collected from the Data Subject, any available information  as to their source; and  

(vii) the existence of automated Processing, including profiling and, at least in those cases, meaningful  information about the logic involved as well as the significance and the envisaged consequences of such  processing for the Data Subject. 

21.8 Savant People Development shall respond to these requests in accordance with POPIA and, where  applicable, the GDPR and will provide the Data Subject with any such Personal Information to the extent required 

by law and any of Savant People Development’s policies and procedures which apply in terms of the Promotion  of Access to Information Act 2 of 2000 (PAIA).  

21.9 The Data Subject can challenge the accuracy or completeness of his/her/its Personal Information in Savant People Development ‘s records at any time in accordance with the process set out in Savant People Development  ‘s manual developed in terms of PAIA for accessing information.  

21.10 If a Data Subject successfully demonstrates that their Personal Information in Savant People Development  ‘s records are inaccurate or incomplete, Savant People Development will ensure that such Personal Information  is amended or deleted as required (including by any Third Parties).


22.1 Savant People Development will respond to each written request of a Data Subject not later than 30 (thirty)  days after receipt of such requests. Under certain circumstances, the Savant People Development may, however,  extend the original period of 30 (thirty) days once for a further period of not more than 30 (thirty) days.  

22.2 A Data Subject has the right to make a complaint to the Savant People Development in respect of this time  limit by contacting Savant People Development using the contact details provided hereinunder.


23.1 The prescribed fees for copies of the Data Subject’s Personal Information is contained in the PAIA manual  ancillary hereto.


24.1 Our website uses cookies, which are small text files sent by a web server to store on a web browser. They  are used to ensure websites function properly, store user preferences when needed and collect anonymous  statistics on website usage.  

24.2 You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the  setting of cookies. However, if you select this setting, you may be unable to access certain parts of our website.  Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when  you log on to the website. If you accept a “cookie” or fail to deny the use of “cookies”, you agree that we may  use your personal information collected using “cookies” (subject to the provisions of this Policy). Where you  either reject or decline cookies, you are informed that you may not be able to fully experience the interactive  features of our Website.

24.3 When a Person accesses our website, such person is an initiator and thereby gives their consent to certain  Personal Information being captured therein. 

24.4 Savant People Development may capture certain Personal Information about visitors who access its  Website, including IP address, type of operating system, browsing software and device used, date and time of  visit, length of visits on certain pages and page interaction (“Browsing Data”).


25.1 Savant People Development reserves the right to make amendments to this Policy from time to time and  will use reasonable efforts to notify Data Subjects of such amendments.  

25.2 The current version of this Policy will govern the respective rights and obligations between you and Savant  People Development each time that you access and use our Website.


Physical address:  

54 Stone River Estate Riverbend Boulevard Beverley 2191 

Postal address

P.O. Box 314 Fourways North 2086 

Contact person:  

Divinia Fernandes Esch 

Contact details:  

082 331 3682


Divinia Fernandes-Esch serves as the Information Officer of Savant People Development and can be contacted  on the abovementioned details.


Should a Data Subject be dissatisfied with the manner in which Savant People Development addresses any  complaint with regard to Processing of Personal Information, the Data Subject can contact the office of the  relevant Regulator.