Terms and Conditions
About Select Africa. This web site is owned, managed, and administered by Select Africa. Select Africa is situated at The Wedge, 43 Garsfontein Road, Waterkloof, Pretoria, 0045, and is a business that specializes in extending credit through virtual means such as the Internet. Select Africa is fully compliant with the credit legislative requirements of South Africa and promotes responsible lending. Select Africa also strives to provide superior administration and management of client accounts. Use of the site. License to use this web site. Select Africa grants each Visitor a limited, revocable license to use this web site subject to the Terms. Any person wishing to use this web site contrary to the Terms must obtain the prior written consent of Select Africa. The information offered on this web site is for the Visitor’s guidance only. The information offered is for quotation purposes only, and is subject to change on final submission of an application. Select Africa has taken every care to ensure that the information provided on this web site is reliable by using sources we believe to be accurate. However, the accuracy of the information (including rates, fees, and charges),cannot be guaranteed. Sufficient particulars. In order for Select Africa to provide a Visitor with appropriate advice and / or quotations on products, it is important that a Visitor provides Select Africa with sufficient particulars of their financial affairs. Failure to make a full disclosure could result in Select Africa’s advice being compromised and may result in a Visitor thus making a financial commitment to a product inappropriate to their needs and objectives. Framing. No person, business, or web site may frame this web site or any of the pages on this web site. Linking. Visitor(s) may link to the web site only by linking to the home page of this web site. Select Africa prohibits Visitor from “deep linking” to any other pages in a manner that would incorrectly suggest endorsement or support of Visitor by Select Africa or suggests a Visitor is the owner of any intellectual property belonging to Select Africa. Spiders and Crawlers. No person, business, or web site may use any technology (including spiders or crawlers) to search and gain any information from this web site.
Modify. Select Africa may modify, suspend, or discontinue the provisioning of this web site to the public (with or without notice) and will not be liable for any claims. Furthermore Select Africa also reserves the right to modify the terms and conditions that govern the relationship with users (with or without notice) and will not be liable for any claims that result in terms of such a change. Capacity of Customer. Each Visitor represents and warrants that Visitor : 1. is old enough under applicable law to enter into the Terms; 2. possesses the legal right, full power, and authority to enter into the Terms; 3. will submit true, accurate and correct information to Select Africa and this web site. If Visitor is younger than 18 years of age, the visitor warrants that the Visitor has the consent of its legal guardian to enter into the Terms or that the Visitor has obtained legal status in another manner.
Capacity of Customer. Each Visitor represents and warrants that Visitor : 1. is old enough under applicable law to enter into the Terms; 2. possesses the legal right, full power, and authority to enter into the Terms; 3. will submit true, accurate and correct information to Select Africa and this web site. If Visitor is younger than 18 years of age, the visitor warrants that the Visitor has the consent of its legal guardian to enter into the Terms or that the Visitor has obtained legal status in another manner.
In this Privacy Notice, any reference to “Select Africa”, “the Select Africa Group” or “we” or “us” refers to one or more of the entities, affiliates or subsidiaries of the Select Africa Group.
In order for any company within the Select Africa Group to process your instructions or requests, we may require that you provide us with your personal information. We respect your privacy and your personal information and for this reason, we take all reasonable measures to protect personal information provided to us by you and to keep it confidential and as such we undertake that:
- We will only disclose, collate and process (“use“) your personal information with your express permission unless we are legally required to disclose your personal information despite you not consenting to such disclosure;
- We will only use your personal information for the lawful purpose for which it was acquired;
- We will also keep a record of your personal information and the specific purpose for which we collect it;
- We will not use your personal information for any purpose, other than that for which the personal information was obtained from you, unless you give us your express written permission to do so, or unless we are permitted to or compelled to do so by law.
Like many web sites, this web site may use and set cookies to enhance your user experience – to remember your personal settings, for instance.
Select Africa is committed to protecting your personal data and to informing you of your rights with respect to your personal data.
In providing services to its clients, Select Africa may control and/or process personal information that clients provide to any of the group’s affiliates in the conduct of its business.
For the purposes of EU General Data Protection Regulation, this policy applies when we act as the controller and/or processor of personal data of EU residents and it improves the way we handle private information, for the benefit of all our clients.
In South Africa, the Protection of Personal Information Act No 4 of 2013, as amended, governs the collection, use, disclosure and retention of personal information.
The reference to ‘personal data’ in this Notice and Policy includes ‘personal information’ as contemplated under the Protection of Personal Information Act No 4 of 2013, as amended.
In general, the majority of the personal data collected on our clients is provided by you directly (or by your intermediary), and typical data provided by third parties may include the results of checks on your identity or address.
Your personal data is collected, stored and processed for purposes of giving effect to the agreements entered into between you and Select Africa.
As a result of the services which any member of the Select Africa Group (“Select Africa”) provides, or has provided, to you, we may need or have needed, to share information containing personal data on you with various third parties, including banks, custodians, lawyers, accountants, auditors, third party entities engaged by yourself or any other Select Africa company for giving effect to services you engaged Select Africa to perform. All data shared within the Select Africa Group is purely to facilitate any dealings you may have with the other entities within the Group.
- European General Data Protection Regulation
The European General Data Protection Regulation 2016/679 (the “GDPR”), effective 25 May 2018 applies across the European Union and is also applicable to controllers and/or processors outside the European Union where goods or services are offered to data subjects in the European Union.
- Protection of Personal Information Act
The Protection of Personal Information Act No 4 of 2013, as amended (“POPIA”), effective 1 July 2021 applies to any person, business or entity processing personal information in South Africa.
What is personal data?
Personal data under GDPR is defined as information relating to a natural individual or juristic person who can be identified or identifiable from that data.
Personal data includes, among other data, your name(s), address(es), email address(es), telephone number(s), bank account number(s), and passport number(s).
Personal information under POPIA is defined as information which relates to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person. This includes, but is not limited to, your name, sex, gender, address, contact details, identity number and medical or health information, as may be applicable.
What is processing?
Data controllers are those companies within Select Africa which, alone or jointly with others, determine the purposes and means of the processing of personal data. Data controllers are responsible for ensuring that your personal data is processed in compliance with data protection laws and to provide you with our privacy notice and policy.
When we collect, store, transfer or use in any way for any purpose or delete your personal data, we are processing it.
As a result of administration services provided by Pivot Limited (Pivot), an Select Africa Group subsidiary, to various Select Africa companies and funds under their management, Pivot is a data controller and processor registered with the Data Protection Office of Mauritius, and is subject to the rules as set out in the Data Protection Act 2017 in the collection, storage or processing of personal data in Mauritius.
What personal data do we collect?
In order for Select Africa to provide services to its clients, run its business and discharge regulatory and legal obligations it needs to process client personal data. Without processing this personal data we may not be in a position to provide our services and administer the business.
In general Select Africa commonly collects:
- Photographic ID & documents to verify both your identity and residential address in order to satisfy applicable anti-money laundering regulations, including but not limited to that of shareholders and persons authorised to represent you (where applicable);
- Your contact details, including but not limited to, telephone numbers, address and email address in order to communicate with you;
- Where, as part of our services to you, we are remitting funds we will request that you provide us with your bank details;
- Details of beneficiaries of investments held with us,
We usually collect personal information about you from you directly but in certain circumstances we may collect personal data on you from other sources such as third parties, your advisors, or from publicly or privately available records. In particular, we may use third party risk assessment vetting as part of our anti-money laundering screening process to comply with anti-money laundering legislation at or around the time we take on a client and periodically thereafter.
Where we collect any additional personal data pertaining to you from any third parties you will be informed of that at the time we collect it, together with the reasons why.
Where we process your personal data for reasons not already communicated to you or as set out herein, we will notify you of same in advance and to the extent we are obliged to obtain your consent for such processing, we will request your consent accordingly.
We limit the circumstances under which we may collect special categories of personal data, such as the data subject’s physical or mental health condition, to the extent applicable or required to provide services to the data subject. In the event that such data needs to be collected or and/or processed, we will provide such additional protection as is prescribed under the applicable laws.
In the event that personal data relating to a child under the age of 16 (under GDPR) and 18 (under POPIA) is provided to us, especially in cases where the data being provided does not enable us to readily ascertain that it relates to a child, you should ensure that verifiable consent is given by the child’s parent or guardian.
Why do we process your personal data?
We will collect and use your personal data where:
- The use is necessary for the performance of a mandate or contract with you;
- The use is necessary for us to comply with a relevant legal obligation;
- The use is in our legitimate interests such as managing our relationships with clients, monitoring data security with clients, and managing our compliance and legal obligations; and/or
- You have consented to us using your personal data.
How do we use personal data?
We process personal data primarily for the purpose of providing a contracted service(s) to you or an entity to which you are connected and depending on the services you require of us we process your personal data, which use may include:
- To perform due diligence and comply with legal and/or regulatory obligations (including anti money laundering legislation);
- To perform our client take on process and client reviews;
- For keeping documents in safe custody;
- To instruct or give effect to payments, trades and investments;
- At termination of any relationship involving a data subject;
- To conduct internal reviews and compile internal reports;
- For record keeping purposes;
- To generate reports for you or in compliance with any request from an auditor, or a regulatory or supervisory body;
- In the establishment of bank accounts and interaction with banks;
- To communicate with you regarding the services we provide to you (for example any changes);
- To otherwise fulfil your instructions, provide the service that we are engaged to provide, or comply with our obligations.
In the event you refuse to provide us with your personal data, we would likely not be able to provide you with our services.
Where you provide a service to Select Africa we will process contact details of your representatives, agents or employees in order to communicate with you/them.
Storing and deleting your personal data
Your personal data will be kept securely by Select Africa. This information will be held for the period stated in applicable law and/or for as long as is required to perform our contract with you, after which it will be securely destroyed. We may keep it longer where:
- There is litigation or an investigation or has been requested by a supervisory body or other law enforcement agency;
- It may be required to assist with the mitigation of any future tax or regulatory query into the transactions or other affairs undertaken by an entity or trust to which we provide services, (ensuring that rights and freedoms of our clients, our staff as well as Select Africa are safeguarded);
Further retention is at your request (in which case there may be a charge).
We may be required by applicable Anti Money Laundering legislation to retain personal data processed for our due diligence on you and your financial transactions history for a period of five years after our business relationship ends. Where regulatory requirements require us to keep data on you for a longer period we will do so.
Using your personal data for marketing
Where we market our services and/or products, we strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You may receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.
We may contact you by email, telephone, or post with regard to your activities with us.
Your right to access and correct your personal data
You have a right to access the personal data that we hold on you, as provided in applicable legislation or in terms of our Promotion of Access to Information Policy. If you would like a copy of the personal information that we hold on you please email us your request or write to us at the address below. You also have a right to require that any inaccurate personal data that we hold on you is corrected. If you find that any of your personal data is incorrect please email us or write to us at the address below and we will correct it without delay.
Your right for your personal data ‘to be forgotten’
Under GDPR, you have the right to obtain the erasure of personal data without undue delay and we shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- you withdraw consent on which the processing is based, and where there is no other legal ground for the processing;
- you object to the processing and there are no overriding legitimate grounds for the processing;
- your personal data has been unlawfully processed;
- your personal data has to be erased for compliance with a legal obligation to which the controller is subject.
Where we have made the personal data public and are obliged pursuant to the above to erase the personal data, we shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, that personal data.
The above shall not apply to the extent that use is necessary, amongst others:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
- for the establishment, exercise or defence of legal claim;
For further information on your rights including the “right to be forgotten” or if you wish to exercise your right to make a complaint to the regulatory authorities, please refer to the linkbelow.
Under POPIA you have a right to object to the processing of your personal data where that processing is carried out for our legitimate interests by contacting us below.
How long is personal data retained
We are required to ensure that your personal data is accurate and maintained in a secure environment for a period of time no longer than necessary for the purposes for which we are processing your personal data. We generally keep personal data collected via the website in accordance with the timeframes set out in any relevant legislation which applies to the personal data provided to us. However, in some cases we may need to keep personal data for longer (e.g., where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or dealing with complaints, legal challenges or prospective litigation).
Sharing and transferring your personal data
We will never sell your personal data.
We may share your personal data within the Select Africa Group, or with various third parties, including banks, custodians, lawyers, accountants, auditors, outsourced IT service providers, third party entities engaged by yourself or any other Select Africa Group company, and regulatory or legal authorities for the purpose of providing our contracted services to you or as required by regulations or law.
We take all reasonable steps to ensure that personal data transfers are kept confidential and secure as required by data protection laws.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will diligently comply with your reasonable requests to transfer your personal data to other service provider(s).
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.Data Breach Response Plan
In the case of a personal data breach, the data controller shall without undue delay and, where feasible, not later than 72 (seventy-two) hours after having become aware of it, notify the personal data breach to the applicable regulator, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
Where the notification to the regulator is not made within 72 (seventy-two) hours, it shall be accompanied by reasons for the delay.
The notification referred to above shall at least:
- describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
- communicate the name and contact details of the Data Protection / Information Officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken by the data controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
Any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken shall be documented in a data breach register.
The relevant data subject will also be notified in writing of the data breach. This notification will be sent via electronic communication to the data subjects last known email address. The notification will contain sufficient information to allow the data subject to take protective measures against further compromise, including:
- communicate the name and contact details of the Data Protection / Information Officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects;
- describe any other measure the data subject can take to prevent further consequences of the breach.
In the provision of our services, we may have to transfer your personal data to external third parties in other countries.
Whenever we transfer your personal data to other countries, we ensure that the required degree of protection is afforded to it under the laws of that country. We ensure that any of our third party service providers to whom a data transfer is made has appropriate safeguards in place to protection your personal information.
We have taken appropriate safeguards to require that your personal information will constantly remain protected in accordance with this policy.
Data Protection / Information Officer and how to contact us
Data Protection Officer
Pivot Limited (Mauritius)
Address: 1st Floor, 32 Ebène Heights, Cybercity, Ebène, Mauritius
Select Africa (South Africa)
Laurinda da Camara (Information Officer)
Jonine Meadon (Deputy Information Officer)
Address: Building 4 Illovo Edge Office Block, 9 Harries Road, Illovo, Sandton, 2196 South Africa
Alternatively, please feel free to discuss with your key account manager.
Complaints – Information Regulator
Whereas we would appreciate the opportunity to first address any complaints regarding our processing of your personal data, you have the right to complain to the Information Regulator, whose contact details are:
The Information Regulator (South Africa)
JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
P.O. Box 31533, Braamfontein, Johannesburg, 2017
Complaints email: complaints.IR@justice.gov.za
General enquiries email: firstname.lastname@example.org
GDPR Supervisory Authority