Privacy Policy
Purpose
Peaks of Africa Holidays and Convention (the company/organization) is committed to safeguarding the privacy and confidentiality of personal information entrusted to us by our clients, employees, and other stakeholders. This Privacy and Compliance Policy outlines the principles, procedures, and practices we follow to ensure compliance with privacy laws and regulations. This policy applies to all employees, contractors, and third-party service providers working on behalf of the company.
Scope
This policy covers the collection, use, disclosure, retention, and disposal of personal information in any format, including electronic, paper, and verbal. Compliance with applicable laws The company adheres to all relevant privacy laws and regulations (such as POPIA and to some extend the EU-GDPR) applicable to our operations. We regularly review and update our practices to ensure ongoing compliance.
Data collection and usage
We only collect personal information that is necessary for the purposes identified at the time of collection. Personal information will be used for the purposes for which it was collected and will not be disclosed to third parties without consent, except as required by law.
Consent
We obtain explicit consent from individuals before collecting, using, or disclosing their personal information unless otherwise permitted by law. Consent may be withdrawn at any time, subject to legal or contractual restrictions.
Data security
We implement and maintain reasonable security measures to protect personal information against unauthorized access, disclosure, alteration, and destruction. Access to personal information is restricted to employees and authorized third parties on a need-to-know basis.
Data retention
Personal information will be retained only as long as necessary to fulfill the purposes for which it was collected, or as required by law. Disposal of personal information will be conducted securely, ensuring complete destruction of all copies.
Employee training and awareness
Employees shall receive training on privacy and compliance practices upon joining and periodically thereafter. Regular communication and awareness programs are conducted to keep employees informed about the importance of privacy and compliance.
Third-Party relationships
When engaging third-party service providers, the company ensures adherence to privacy and security standards consistent with our policies. Contracts with third parties include provisions requiring compliance with privacy laws and regulations.
Accountability
The company designates a consulting Privacy Officer responsible for overseeing privacy and compliance matters. Individuals may contact the Privacy Officer with questions or concerns regarding the handling of their personal information.
Policy review and updates
This policy will be reviewed annually or more frequently as required, and updates will be communicated to employees and stakeholders as necessary