POPIA provides for eight lawful processing conditions which a responsible party must comply with when processing personal information of data subjects, which conditions are:

1. Accountability:  The responsible party must implement measures to ensure compliance with the lawful processing conditions.
2. Processing Limitation:  The purpose of the processing of personal information must be justifiable and must take place in a lawful, reasonable and non-excessive manner.
3. Purpose Specification:  Personal information must be collected and processed for a specific and defined purpose.
4. Further Processing Limitation:  Personal information may not be processed for a further purpose where such purpose is not compatible with the original purpose of the collection or where so authorised by the Information Regulator.
5. Information Quality:  The responsible party must ensure the personal information being processed is complete, accurate, not misleading, and updated where necessary.
6. Openness:  The responsible party must notify the data subject of its processing activities.
7. Security Safeguards:  The responsible party must implement security safeguards to ensure the integrity and confidentiality of the personal information is protected.
8. Data Subject Participation:  Data subjects have certain rights in terms of their personal information held by a responsible party, which includes requesting access thereto and the correction or deletion thereof.

Under the robust POPIA compliance programme, we have:

1. reviewed our internal processes and created new processes to ensure compliance with the lawful processing conditions, including processes related to the collection, storage, and destruction of personal information;
2. updated our internal policies to allow for the monitoring of compliance with the provisions of POPIA;
3. created a privacy policy, which will apply to our schools, service providers, contractors, and any third parties processing personal information on behalf of Forest Edge Schools – requiring compliance with the provisions of data privacy legislation, including POPIA, when processing personal information;
4. reviewed and updated all our agreements to provide for data privacy and protection in accordance with the requirements of POPIA;
5. implemented new and updated current security safeguards to ensure the proper protection of personal information processed by us;
6. created a process which allows data subjects to request access to, or the correction or deletion of, their personal information held by us;
7. provided training to our various departments to ensure that they remain aware and up to date of their obligations under POPIA;
8. created a privacy statement to ensure data subjects are notified of all of our data processing activities in relation to their personal information;
9. improved our data security and data breach processes to meet the requirements of POPIA.

We are committed to protecting the personal information of our students and their families.

We will only process personal information in accordance with the provisions of POPIA and other applicable data privacy legislation.

In order to ensure compliance, we may contact you to request consent for specific processing activities, require a parent/guardian to sign a new agreement or addendum to provide for data privacy provisions, ask to complete an additional form or document, request to verify and/or update personal information or any other adhoc request which relates to complying with the provisions of POPIA.

This privacy notice informs you of the information we collect from students and their parents/guardians. In collecting this information, we are acting as a responsible party and, by law, we are required to provide you with information about us, why and how we use your data, and what rights you have over your data.

The information that you provided us, i.e. your personal information and your ID, will be used solely to submit you to our school, and will under no circumstances be used for any other reason, but to allow us to create a student profile and to use this info for academic communication and billing purposes.

We commit to protecting the privacy of our students and their families, and to ensuring that personal information is used appropriately, transparently, securely and in accordance with applicable laws.

All personal information we collect is used for the purpose for which it was collected. Information collected will not be used for any other purpose before obtaining the individual’s approval, unless the new purpose is required by law.

All data received by our company adheres to the strictest data security, and no data is provided to any third party whatsoever without the proper consent.

By law, you can ask us what information we hold about you, you can see it, and you can ask us to correct it if it is inaccurate. You can also ask for a copy of the information.

If you have a complaint about our use of your personal information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Regulator’s Office via their website at www.justice.gov.za/inforeg/contact.html or by email at inforeg@justice.gov.za. Alternatively, you can write to them at:

The Information Regulator (South Africa)
JD House
27 Stiemens Street
Braamfontein
Johannesburg
2001