Privacy Policy

Purpose

Peaks of Africa Holidays and Convention (the company/organization) is committed to safeguarding the privacy and confidentiality of personal information entrusted to us by our clients, employees, and other stakeholders. This Privacy and Compliance Policy outlines the principles, procedures, and practices we follow to ensure compliance with privacy laws and regulations. This policy applies to all employees, contractors, and third-party service providers working on behalf of the company.

Scope

This policy covers the collection, use, disclosure, retention, and disposal of personal information in any format, including electronic, paper, and verbal. Compliance with applicable laws The company adheres to all relevant privacy laws and regulations (such as POPIA and to some extend the EU-GDPR) applicable to our operations. We regularly review and update our practices to ensure ongoing compliance.

Data collection and usage

We only collect personal information that is necessary for the purposes identified at the time of collection. Personal information will be used for the purposes for which it was collected and will not be disclosed to third parties without consent, except as required by law.

Consent

We obtain explicit consent from individuals before collecting, using, or disclosing their personal information unless otherwise permitted by law. Consent may be withdrawn at any time, subject to legal or contractual restrictions.

Data security

We implement and maintain reasonable security measures to protect personal information against unauthorized access, disclosure, alteration, and destruction. Access to personal information is restricted to employees and authorized third parties on a need-to-know basis.

Data retention

Personal information will be retained only as long as necessary to fulfill the purposes for which it was collected, or as required by law. Disposal of personal information will be conducted securely, ensuring complete destruction of all copies.

Employee training and awareness

Employees shall receive training on privacy and compliance practices upon joining and periodically thereafter. Regular communication and awareness programs are conducted to keep employees informed about the importance of privacy and compliance.

Third-Party relationships

When engaging third-party service providers, the company ensures adherence to privacy and security standards consistent with our policies. Contracts with third parties include provisions requiring compliance with privacy laws and regulations.

Accountability

The company designates a consulting Privacy Officer responsible for overseeing privacy and compliance matters. Individuals may contact the Privacy Officer with questions or concerns regarding the handling of their personal information.

Policy review and updates

This policy will be reviewed annually or more frequently as required, and updates will be communicated to employees and stakeholders as necessary