Privacy


Context

Introduction

The purpose of the privacy policy is to explicitly define the purpose for which personal information is collected by 4D Innovations Group (Pty) Ltd (registration no. 2003/018050/07) trading as ESET Southern Africa in accordance with section 13 (1) of the Protection of Personal Information Act: “Personal information must be collected for a specific, explicitly defined and lawful purpose related to a function or activity of the responsible party.”

Organisational scope

This document covers the privacy policy at ESET Southern Africa which includes juristic representatives acting on behalf of ESET Southern Africa.

Scope of systems and services

Emphasis is on the privacy of personal information as defined in the Protection of Personal Information Act and to the extent that it affects external customers. The systems that deal with such personal information include:

  • Distributor Management System (DMS) 
  • ESET Licensing System (Dexter)
  • MailChimp (Newsletter subscriptions)
  • Insightly (Customer Relations Management)

Scope exclusions

As of August 2016, ESET Southern Africa has limited interaction with license holders via the partner or reseller network, their web sites or via social media. Therefore, this policy places no emphasis on these aspects (at least for the time being). The payroll and HR systems also deal with personal information (i.e. employees of ESET Southern Africa) but are not considered in this policy document although many of the statements apply generically.

Policy Statement

ESET Southern Africa Policy Assurance

ESET Southern Africa is committed to protecting the privacy of the individuals encountered in conducting business. This privacy policy describes the handling of personal information that  is collect through:

  • Computer systems; 
  • Website;
  • Emails;
  • Support Calls;
  • Any other means.

Types of Information Collected

Depending on the relationship with ESET Southern Africa (e.g. a license end-user, a partner, etc), personal information collected about data subjects and other third parties may include:

  • General identification and contact information such as name, physical address, postal address, email address, telephone numbers;
  • Financial information and account details, such as bank account numbers or credit card numbers;
  • Email addresses;
  • Information related to the product that a data subject may have purchased.

How Information is Collected and Stored

The large majority of transactions between ESET Southern Africa and license end-users occur through a partner network and hence ESET Southern Africa does not ordinarily deal directly with license end-users. In order to fulfill a license transaction, whether via a partner or directly with the end-user, it is necessary for ESET Southern Africa to collect some basic personal information through the following channels:

  • Online Store
  • Online Partner Portal
  • Newsletter subscriptions

Purposes for collecting, holding, using and disclosing personal information

ESET Southern Africa only collects personal information where it is reasonably necessary for ESET’s activities, including:

  • Issuing and administering licenses for ESET software;
  • Dealing with technical support requests from license end-users;
  • Assisting with technical support requests from the partner network if necessary;
  • Performing statistical analysis on products and services; 
  • Resolving complaints;
  • Complying with applicable laws and regulations such as the Protection of Personal Information Act.

International transfer of personal information

The only personal information that ESET Southern Africa transfers internationally is the customer name and customer email address which is then stored in a region that complies with the General Data Protection Regulation (GDPR) of the European Union. This is a vendor-specified requirement as the End-User License Agreement (EULA) of an ESET license is between the license end-user and ESET, spol. s.r.o. 

Marketing

ESET Southern Africa may perform marketing to license holders, however this is only done to data subjects who have opted in to receive marketing materials through an agreement with ESET Southern Africa.

Sharing of Information

ESET Southern Africa  does not and will not sell personal information to any third party. ESET Southern Africa follows common practice in the South African software distribution industry by sharing personal information only if and when it becomes a requirement under law.  ESET Southern Africa does not share personal information with third parties whose sole purpose is to perform marketing. This is done to achieve the above-mentioned purpose.

Security

ESET Southern Africa takes all appropriate technical and organisational measures to safeguard personal information.

Retention

Personal information is retained for as long as is necessary for ESET Southern Africa to provide services to its customers.

Access and Correction Requests, Questions and Concerns

ESET Southern Africa aims to always have accurate, complete, up-to-date and relevant personal information. Requests for access to and possible correction of personal information as envisaged by the Protection of Personal Information Act should be addressed to the Data Protection Officer at ESET Southern Africa. Complaints should be handled according to the contact information that is shown on the license correspondence.