Greenside Design Center | Higher Education Institute
Processing...
Our Qualifications
Enrol
Contact us

Home > Privacy Policy

Privacy Policy  


Privacy Policy

The Greenside Design Center is committed to protecting the individual’s right to privacy in relation to the collection, management, storage, use and disclosure of personal information and ensuring the accuracy and security of any personal information it holds in relation to individuals. Regardless of whether the personal information relates to staff, students, contractors or visitors.  

GDC is committed to ensuring best practice in all aspects, including privacy.  

  1. Applies To  

This policy applies to the entire institution. It is a general policy which contains the broad privacy framework in which the institution operates. This policy may be amended by the institution from time to time and without notice when the institution’s information handling practices change. Any such changes will not necessarily be publicised and it will be required that users review this policy on a regular basis.  

This policy must be read in conjunction with any supplementary privacy policies which the institution may introduce or vary from time to time. This policy must also be read in conjunction with any procedures that the institution may introduce from time to time relating to privacy. Privacy procedures contain the administrative steps necessary for the practical implementation of this policy. 

  1. Definitions 

Detail 

DescrptionDescription 

Institution 

Greenside Design Center

Information or Record 

"Information" and "records" are information in electronic or hard copy form. It includes pictures and databases. Importantly, this policy will not extend to information or records that are publicly available, or would constitute an "employee record" 

Personal Information 

Personal information is information that identifies a particular individual. A person does not have to be mentioned by name for information to be "personal information". A record or information will contain personal information if an individual can be "reasonably identified" from the record or information. Personal information can include information and opinions, regardless of whether the information is true or not. Personal information may also be referred to in this policy as personal data. 

Sensitive Information 

Sensitive information is an important type of personal information. Sensitive information is personal information relating to an individual's: racial or ethnic origin, including country of birth; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; membership of a trade union; sexual orientation or practices; criminal record; and child related employment screening reports. Sensitive information also includes information relating to:  

health; genetics; and biometrics. 

  1. Collection of Personal and Sensitive Information 

  1. General 

  1. The institution will only collect and hold personal information if: 

  1. it is reasonably necessary for the institution to conduct its functions and activities; 

  1. it is able to do so in a lawful, transparent and non-intrusive way; or 

  1. it is required to do so by law. 

  1. It is necessary for the institution to collect personal and sensitive information in both physical records and electronic files. The institution collects personal information in a number of ways, including: 

  1. directly from the individual for example through email, telephone or by the individual completing forms; 

  1. from third parties such as other educational institutions or government departments; 

  1. from the institution’s own records; and 

  1. through business development and marketing events. 

  1. When it is not practicable or reasonable to obtain personal information from the individual to whom the information relates, personal information may be obtained from someone other than that individual to whom the information relates. If this occurs, the institution will, subject to any relevant laws, take reasonable steps to ensure that the individual is made aware that the personal information was obtained from a third-party, and why this was necessary and reasonable in the circumstances. 

  1. The institution will deal with unsolicited personal or sensitive information. This will ordinarily include destroying the information or ensuring it is de-identified where it is reasonable to do so. 

  1. Personal information that will be collected by the institution:  

  1. The institution collects a significant amount of personal information. Personal information collected by the institution may include: 

  1. name, gender and date of birth; 

  1. next of kin 

  1. photographs (ie physical likeness) 

  1. emergency contact details; 

  1. email address; 

  1. residential and postal address and telephone numbers; 

  1. Business, position and contact details 

  1. Parent or sponsor contact details 

  1. student application forms and supporting documentation, including information in respect of your parents' education and study; 

  1. bank account or financial details; 

  1. information regarding the use of institutions websites and webpages, services and social media platforms/pages; 

  1. academic records, transcripts, enrolment and assessment details; and 

  1. ID, passport and visa details. 

  1. An individual has the right to refuse to provide personal information to the institution. However, if an individual exercises this right of refusal, it may affect the institution’s ability to meet its obligations to that individual or to a third-party, such as a government or department of higher education. 

  1. Sensitive Information 

  1. The institution will only solicit and collect sensitive information if: 

  1. it is required to do so by law; or 

  1. it has the consent of the individual to whom the information relates, and it is reasonably necessary for the institution to collect the sensitive information to enable it to carry out a relevant function or activity. 

  1. The institution will collect sensitive information where the information is necessary for a relevant function or activity. Examples of a relevant function or activity include (are but not limited to): 

  1. to provide a health service to the individual, including psychological and counselling services; or 

  1. qualification for bursaries, financial or other assistance which may be allocated by reference to matters which constitute sensitive information, such as cultural background. 

  1. Notification of the Collection of Personal Information 

  1. At or before the time the institution collects personal information, the institution will take all reasonable steps to: 

  1. notify the individual of the matters referred to below: or 

  1. otherwise ensure that the individual is aware of the matters below. 

  1. The matters which the institution must notify to the individual are, for the most part, addressed elsewhere in this policy. For completeness, these matters include, subject to any relevant legislation: 

  1. the identity and contact details of the institution; 

  1. if the institution will collect personal information from someone other than the individual; 

  1. the fact that the institution collects, or has collected, the information and the circumstances of that collection; 

  1. if the collection of personal information is required or authorised by law; 

  1. the purpose or reason why the institution needs to collect the personal information; 

  1. the main consequences, if any, for the individual if all or some of the personal information is not collected by the institution; and 

  1. any other third-party to which the institution usually discloses personal information of the kind collected by the institution. 

  1. Use and Disclosure of Personal Information 

  1. Use of Personal Information 

  1. The institution collects the personal information on the lawful basis that it: 

  1. is necessary to perform its obligations under a contract with you; 

  1. is performing a public task carried out in the public interest. This includes: 

  1. to administer and manage processes which are key to the operations of the institution, including admission, teaching, enrolment, bursaries and examinations; 

  1. to provide information in relation to the institution’s courses and facilities to students or prospective students; 

  1. to facilitate public health, scientific and historical research. 

  1. is complying with the institution’s legal obligations. This includes: 

  1. its obligations under the Department of Higher Education; 

  1. is pursuing the institution’s legitimate interests. This includes: 

  1. communicating with you in respect of your enrolment or employment, as well as other courses, events, and services offered by the institution that may be of interest to you; 

  1. to assist in the collection of fees, charges and general financial management of the institution; 

  1. to conduct market research in relation to the institution; 

  1. to collate the information necessary for the institution to review its existing programs, courses, facilities and resources that it provides to staff and students; 

  1. to collate contact details for all institution employees, adjuncts, students, visitors, alumni, graduates, donors and corporate stakeholders; 

  1. to obtain legal or financial advice in respect of its operations; 

  1. to facilitate graduations; 

  1. to facilitate student elections; 

  1. to facilitate  fundraising efforts; 

  1. to conduct market research in relation to the institution; 

  1. to operate and maintain its information technology systems; and 

  1. to facilitate public health, scientific and historical research. 

  1. is necessary to protect your vital interests. This includes: 

  1. Releasing sensitive personal information where the institution considers that there is an imminent threat to your health, safety or life generally. 

  1. Disclosure of Personal Information 

  1. The primary purpose for using or disclosing an individual's personal information will include: 

  1. to identify an individual and verify their identity; 

  1. to provide institution services to an individual; 

  1. to do any of the things listed in the section of this Privacy Statement entitled "Use of Personal Information"; and 

  1. to communicate with an individual. 

  1. The institution will take reasonable steps to ensure that personal information is not disclosed to a third-party, except in certain permitted situations. These include: 

  1. where the institution obtains the individual's consent; 

  1. where it is necessary to provide that information to a third-party who provides services to the institution. This addressed in further detail below; 

  1. where the disclosure is required or authorised by law or regulatory obligations.  

  1. Where the institution does provide personal information to a third-party within South Africa in accordance with this policy, the institution will take all reasonable steps to ensure that the third-party is fully compliant. 

  1. To avoid doubt, third-parties in South Africa may include: 

  1. government departments and agencies, including any relevant professional registration bodies/boards; and 

  1. in relation to employment applications, external selection panel members; 

  1. contracted service providers including: 

  1. contracted teaching staff; 

  1. information technology service providers, including cloud service providers; 

  1. counsellors and other health practitioners; and 

  1. external business advisors, including auditors and lawyers. 

  1. Third parties outside of South Africa to whom the institution may disclose your personal information include: 

  1. information technology service providers, including cloud service providers;  and 

  1. third party marketing providers 

  1. There are also a limited number of exceptions in which the POPI Act permits the use or disclosure of information without an individual's consent. An example of this is where the use or disclosure is necessary to prevent a serious and imminent threat to any person's life, health or safety or a serious threat to public health or safety, which need not be imminent. 

  1. Access to Personal Information 

  1. The institution will deal with requests for access or correction, by an individual, of their personal information held by institution, in accordance with this policy. 

  1. All requests must be made in writing, and in the appropriate form specified by the institution from time to time. 

  1. On receipt of an application, and within a reasonable timeframe, the institution will take reasonable steps to inform the individual who made the request: 

  1. what personal information the institution holds in relation to that individual; 

  1. why the personal information is held; 

  1. how the institution collects (or collected), holds (or held), uses (or used) and discloses (or disclosed) the personal information. 

  1. The institution will confirm with the individual whether they wish to have access to the personal information in question. 

  1. The institution will ordinarily give an individual access to their personal information unless an exception applies. Exceptions include where: 

  1. giving access would have an unreasonable impact on the privacy of other individuals; 

  1. the request for access is frivolous or vexatious; 

  1. the request is manifestly unfounded or excessive (taking into account whether the request is repetitive in nature); or 

  1. the access would be unlawful. 

  1. The institution will not impose a fee for making an access or correction request in the first instance. 

  1. The institution reserves the right to charge a reasonable fee for the administrative costs it incurs as a result of providing access to the personal information. Administrative costs that may be charged by the institution include: 

  1. staff costs in searching for, locating and retrieving the requested personal information, and deciding which personal information to provide to the individual; 

  1. staff costs in reproducing and sending the personal information; 

  1. costs of postage or materials involved in giving access; and 

  1. costs associated with using an intermediary. 

  1. The institution may withhold access to the personal information until the fee is paid. 

  1. If a request for access or correction is denied by the institution it will, within a reasonable time period, provide the individual who made the request with a general, written explanation as to why the request was refused. The institution must also take such steps, if any, as are reasonable in the circumstances to give access in a way that meets the needs of the institution and the individual. 

  1. Policy Details 

8.1.       Related Policies 

  • Conditions of Service 

  • Company Code of Conduct 

  • Company Equipment Use and Return Policy 

  • Communication Policy 

  1. Policy Administration 

  1. Policy Copyright Notice 

The contents of this document are confidential and proprietary in nature and are not to be distributed in any form (electronic or printed) without the prior written consent of The Academic Institute of Excellence - © 2015 AIE. 

  1. Version Control 

Revision notice on cover page. 

  1. Access & Security 

This policy is uncontrolled unless it is the same colour as the master copy, with the CEO’s signature next to this sentence in red font on the copy. 

  1. Abuse of Policy 

Any member of staff who does not adhere to this policy is subject to a disciplinary procedure. 

 

END OF DOCUMENT 

 

  

Get in Touch

Delivery Method: