Definition

a) Applicable Privacy Laws: Refers to all legal regulations regarding privacy, data security, and breach notifications, including specific laws like POPIA (Protection of Personal Information Act).

b) Information Security Program: A structured program adhering to Applicable Privacy Laws. It includes administrative, technical, and physical safeguards to protect Personal Data against various threats and unauthorized access.

c) Personal Data: Any information that identifies an individual or relates to them, provided in connection with PetWebly’s services. This includes details in various formats such as electronic or paper records.

d) POPIA: Stands for Protection of Personal Information Act, a specific legal framework governing the protection of personal data in South Africa.

e) Process/Processing: Encompasses all operations involving Personal Data, including collection, storage, modification, or any other form of handling.

f) Security Incident: Any unauthorized access, modification, or loss of Personal Data, requiring immediate action to mitigate potential harm.

g) Sensitive Personal Data: Highly confidential information such as social security numbers, medical records, or financial details that require additional protection measures.

Data Processing and Protection

a) Compliance: PetWebly ensures strict adherence to all relevant privacy laws and regulations governing data protection.

b) Limitation on Use: Personal Data is processed strictly as per PetWebly’s instructions and only for the purposes outlined in the agreements.

c) Information Security: PetWebly maintains a robust information security framework detailed in Appendix 1, including physical and logical controls.

d) Data Integrity: PetWebly ensures that all Personal Data is accurate, up-to-date, and rectified promptly when necessary.

e) Cross-Border Transfers: Personal Data is transferred internationally only with explicit consent or as per agreements, ensuring compliance with applicable laws.

f) Subcontracting: PetWebly discloses Personal Data to third parties only with explicit consent and ensures these parties adhere to stringent confidentiality standards.

g) Individual Requests: PetWebly assists in addressing requests or complaints from individuals, ensuring timely and appropriate responses.

h) Audit: Retains the right to audit PetWebly’s compliance with the data protection obligations outlined in this document.

i) Regulatory Investigations: PetWebly supports in the event of regulatory inquiries, cooperating fully and providing necessary assistance.

j) Security Incidents: PetWebly promptly informs of any security incidents, investigates thoroughly, and assists in mitigating potential damage.

k) Data Disposal: Upon agreement termination, PetWebly securely disposes of all Personal Data, ensuring it cannot be accessed, disclosed, or modified.

l) Assistance: PetWebly provides necessary information and support to help comply with privacy laws, including assistance in data protection impact assessments and related consultations with data protection authorities.

Amendment

In case the current data protection arrangements do not align with applicable privacy laws, both parties commit to negotiating in good faith to modify the agreement accordingly.

Indemnification: PetWebly agrees to defend and compensate against any claims arising from security incidents or breaches, ensuring financial protection in case of data breaches.

Survival: PetWebly’s data protection obligations continue as long as Personal Data is being processed, regardless of the status of the agreements between PetWebly and.

Personal Data Provided by PetWebly: PetWebly ensures that any Personal Data provided is collected legally, with proper notices and consents. PetWebly further guarantees that sharing this data complies with all applicable privacy laws and regulations.

Appendix 1: Security Standards:

  1. Physical Control Access/Physical Security: PetWebly employs industry-standard physical security controls to prevent unauthorized access to locations where Personal Data is processed.

  2. Logical/Data Access Control: PetWebly maintains strict access controls, limiting access to authorized personnel and implementing robust security measures for passwords and other access controls.

  3. Data Transfer Control/Network Security: PetWebly ensures encryption and secure data transmission to prevent unauthorized access, utilizing firewalls, intrusion detection systems, and routing protocols.

  4. Availability Control/Separation Control: PetWebly processes Personal Data as per instructions, maintains separation of data for different purposes, and implements measures to prevent accidental destruction or loss.

  5. Organizational Security: PetWebly maintains policies clarifying security responsibilities, conducts regular employee training, and manages Security Incidents according to established procedures.

  6. Business Continuity: PetWebly maintains backup and disaster recovery plans, ensuring data reconstruction in case of loss. They also correct any data loss caused by their actions.

  7. Security Manager: PetWebly designates an employee responsible for managing security obligations, ensuring a focused approach to data security.

  8. Risk Assessments: PetWebly conducts regular risk assessments, updating security programs while ensuring the confidentiality, availability, and integrity of Personal Data are not compromised.

 

Your Trusted Partner in Pet Services

0
Close

Your cart