CIFAS Initial Notification

General

  1. We will check your details against the Cifas databases established for the purpose of allowing organisations to record and share data on their fraud cases, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct (“Relevant Conduct”) carried out by their staff and potential staff. “Staff” means an individual engaged as an employee, director, trainee, homeworker, consultant, contractor, temporary or agency worker, or self-employed individual, whether full or part time or for a fixed-term.
  2. The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and other relevant conduct and to verify your
  3. Details of the personal information that will be processed include: name, address, date of birth, any maiden or previous name, contact details, document references, National Insurance Number, and Where relevant, other data including employment details will also be processed.
  4. We and Cifas may also enable law enforcement agencies to access and use your personal data to detect, investigate, and prevent
  5. We process your personal data on the basis that we have a legitimate interest in preventing fraud and other Relevant Conduct, and to verify identity, in order to protect our business and customers and to comply with laws that apply to us. This processing of your personal data is also a requirement of your engagement with
  6. Cifas will hold your personal data for up to six years if you are considered to pose a fraud or Relevant Conduct risk.

Consequences of processing

  1. Should our investigations identify fraud or any other Relevant Conduct by you when applying for or during the course of your engagement with us, your new engagement may be refused or your existing engagement may be terminated or other disciplinary action taken (subject to your rights under your existing contract and under employment law generally).
  2. A record of any fraudulent or other Relevant Conduct by you will be retained by Cifas and may result in others refusing to employ you. If you have any questions about this, please contact us using the details provided.

Data transfers

  1. Should Cifas decide to transfer your personal data outside of the European Economic Area, they will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data

Your rights

  1. Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data, request that your personal data is erased or corrected, and request access to your personal data.
  2. For more information or to exercise your data protection rights please, please contact us using the contact details provided.
  3. You also have a right to complain to the Information Commissioner’s Office which regulates the processing of personal


Webhelp SA PAIA Manual

WEBHELP SA OUTSOURCING PROPRIETARY LIMITED | REGISTRATION NO. 2013/077689/07

MANUAL IN ACCORDANCE WITH SECTION 51 OF THE PROMOTION OF ACCESS TO INFORMATION ACT NO.2 OF 2000

Purpose of this Manual

We respect the right to and protection of privacy. Accordingly, this Manual sets out the rights, limitations and process for accessing information held by Webhelp SA Outsourcing Proprietary Limited, in accordance with the laws of South Africa. As a private business registered in South Africa, we subscribe to the Protection of Personal Information Act No. 4 of 2013 and the Promotion of Access to Information Act No. 2 of 2000 (as amended from time to time), including applicable data protection legislation relating to our business activities.

Changes to this Manual

We reserve the right to update this Manual from time to time without any notice. Changes to this manual may be prompted by changes to our business or changes to applicable laws. Please remember to visit this webpage from time to time for updates to this Manual. This Manual was last updated by the Legal Department of Webhelp SA Outsourcing Proprietary Limited on 01 April 2021.

Our Contact Details

If you have any queries or requests concerning this Manual, you can get in touch with us using the following details:

  • E-mail: Privacy@uk.webhelp.com
  • Registered Address: 33 Princess of Wales Terrace, Parktown, Johannesburg, Gauteng, 2193


Procedures

01 – List of Webhelp entities bound by the Privacy Policy : last edit 22/10/2019

02 – Definitions for privacy and security procedures : last edit 17/01/2019

03 – Data Protection Organisation and Governance : last edit 17/01/2019

04 – Privacy awareness and training program : last edit 17/01/2019

05 – Controller – Procedure for handling data subjects complaints : last edit 17/01/2019

06 – Processor – Procedure for handling data subjects complaints : last edit 17/01/2019

07 – Audit procedure : last edit 17/01/2019

08 – Personal Data Breach Notification : last edit 19/01/2019

09 – Data Protection Impact Assessment : last edit 17/01/2019


Privacy Policy – BCR

Download the full document here – Privacy Policy – BCR

At Webhelp, we believe that protecting Personal Data is not only a matter of security or compliance with a particular legal framework, but is a matter of individual and organisational commitment. Disclosing and sharing Webhelp standards through this Privacy Policy (hereinafter, the “Privacy Policy”) is of the utmost importance regarding the Data Subjects` legitimate expectations about how their Personal Data is Processed.

In the course of its activities, Webhelp processes both internal and Client Personal Data. In this respect, Webhelp protects the Personal Data it processes on its own behalf and on behalf of its Clients by the implementation of appropriate technical, physical and administrative measures and controls. Such controls shall ensure that the whole organisation is Processing Personal Data in a consistent manner, disregarding the nature and/or place of Processing.

This approach is particularly important due to the diversity of activities Webhelp covers on behalf of its Clients. As a consequence of the above and taking into consideration standards, regulations and laws applicable in the field of data protection, andthe requirements introduced by the European Regulation 2016/679 adopted on 27th April 2016 (hereinafter, the “EU Regulation”)

Webhelp will process data in accordance with the following principles:

  • Lawfulness–Personal Data shall be collected and Processed with the Data Subject having given consent to the Processing or when Processing is legitimate or necessary in accordance with Applicable Data Protection Legislation;
  • Fairness–Personal Data Processing shall take into account the specific circumstancesand context in which such Personal Data is Processed;
  • Transparency-Information and communication relating to the Processing of Personal Data shall be easily accessible, easy to understand, clear and in plain and simple language;
  • Purpose limitation–Personal Data shall be collected for specified, explicit and legitimate purposes and not further Processed in a manner that is incompatible with those purposes;
  • Data minimisation–Collected Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are Processed
  • Accuracy –Personal Data shall be accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that Personal Data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without undue delay;
  • Storage limitation –Personal Data shall be kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is Processed or any other lawful retention;
  • Integrity and confidentiality –Personal Data shall be Processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorised or unlawful Processing and against accidental loss, destruction or damage, using appropriate technical, physical and administrative measures;

Through this Privacy Policy Webhelp intends to share and specify the detail and the principles applicable to all Webhelp Entities and provide certain group-wide standards allowing the implementation of the Privacy Policy. Furthermore, Webhelp may make available specific, local or sectorial policies. Should there be a contradiction between this Privacy Policy and such specific, local or sectorial policies, the terms of the Privacy Policy shall prevail.

As the Privacy Policy aims at ensuring an adequate and consistent approach throughout the entire Webhelp organisation regarding Personal Data Processing, exceptions which could result from applicable legislations are not reflected in this Privacy Policy. As a consequence, local legislation shall be considered as an enforceable exception to this Privacy Policy and will be recorded accordingly.