- About Us
Version 1.3 - June, 2021
Your right to privacy is very important to us and we are committed to protect your personal data and to comply to the fullest extent with the applicable data privacy protection laws.
The relevant data protection laws distinguish between persons and institutions doing the collection of personal data (“controllers” or “responsible parties”), and those persons or institutions who do the processing of personal data (“processors” or “operators”).
Due to the nature of the services we provide, it is important to note that where we enter into a contract with an employer of data subjects (persons under the direct authority of the employer such as employees, consultants, advisers and contractors), to act as the employer’s data processor / operator to process personal data collected by such employer:
In our typical operations we collect and process data from survey participants, administrative users acting on behalf of their employer (which is a client of Mindset), end-users using our applications (example dashboards) and trial users for potential new clients.
The personal data we collect, and how that data is used, depends on how you use our online services and applications. We collect personal data directly from you when you provide us with information such as:
We collect personal data indirectly and through an automated process from you when:
Where you provide personal data to us and / or use personal data in our applications that you have collected from third parties, such as your customers, employees, other private individuals and juristic persons while using our online services or applications, you will be regarded by law as the “controller” / “responsible party” and you will by law be responsible to ensure that any personal data that you collect and use is protected and transferred to us in compliance with applicable data protection laws.
We process your personal data on the legal basis that it is necessary to pursue our legitimate interests, or to pursue your employer’s legitimate interests, including performing our contractual obligations in terms of the contract. We use your personal data for the following purposes:
We will only collect and process your personal data where there is a lawful basis. Lawful bases include:
We do not collect and share data or create individual profiles for the purposes of advertising, marketing, or any other commercial purpose not associated with our online services or the services supplied by using our applications.
We only send newsletters to designated key client contacts and partners.
We may share your personal data with approved third parties, who comply with applicable laws that protect your personal data, such as our hosting service provider and bulk email distributor.
We may need to share your personal data in exceptional circumstances when we believe it is required by law or to help protect the rights and safety of you, us or others.
The processing of the data will always be subject to prescriptive (unalterable) provisions of cross-border law(s) that apply at the relevant time if such laws supersede the GDPR. In the event where a particular country or jurisdiction has no data protection laws or data protection laws that do not afford at least similar data privacy protection as the GDPR, the most recent version of the GDPR shall apply by default.
We do not collect, store or process data from any person under the age of 18 years. In the event where a person under the age of 18 years visits or accesses our website and intend to submit any personal data to us, such person must be assisted by a person who is legally competent to consent to any action or decision being taken in respect of any matter concerning such person under the age of 18 years.
Our website and our online services and applications are not intended to solicit, collect or process data from any person under the age of 18 years.
You have the right to:
You may exercise any of your rights in relation to personal data by sending us an email, using the contact details set out below. Where we have entered into a contract with your employer in relation to the processing of your personal data, you must contact your employer directly should you wish to exercise any of your rights in relation to your personal data.
You have the right to request that we delete personal data that we process about you, unless we are required to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
You have the right to lodge a complaint with the appropriate data protection authority that regulates the processing of personal data at the relevant time, if you believe that we have not complied with applicable data protection laws.
We have sufficient technical and organizational measures in place to safeguard personal data in our custody and under our control. We have due regard to generally accepted information security practices and procedures that apply to us generally or be required in terms of specific industry or professional rules and regulations, to an appropriate level in relation to the risks and the nature of the personal data that we protect.
It is common knowledge that the internet is a global communications system of interconnected computer networks and as such personal data that you submit online to our website and applications may be intercepted. We cannot guarantee that any personal data, during transmission, will be absolutely safe from intrusion by others.
Where there are reasonable grounds to believe that the personal information of a data subject has been accessed by unauthorised persons, we will notify the controller / responsible party affected by the compromised data and the relevant authorities as required by law.
A cookie is a small text file stored by your browser on your device to collect standard internet log information and visitor behaviour information (“Cookies”). Cookie information can be cleared in your browser settings.
When you visit our websites, we may collect information from you automatically through tracking technologies such as Google Analytics. We store information in an essential cookie on your browser when you complete a survey questionnaire (example storing the last page marker in your local cookie, obtaining user credentials and timestamp when you log into our applications).
You can access our Cookies Policy by following this link https://www.mindsetmanage.com/cookies.
Please note that the personal data that you supply to us or that we collect from you or that we receive from your employer is or could be protected under the data privacy laws of more than one country or economic union.
The data privacy laws of different countries and economic unions generally contain many similarities in regard to their material scope, key definitions, providing for data subject rights, and in their general approaches to personal data protection.
Unless otherwise stated or communicated to you, our principal place of business is domiciled in the Republic of South Africa and as such the provisions of the “POPIA” (South Africa's Protection of Personal Information Act, 2013) apply by default. The provisions of the POPIA will have precedence and override the provisions of the GDPR only to the extent where:
Our principal place of business is domiciled in the Republic of South Africa.
Please use the following contact details if you have questions or comments regarding this Privacy Notice or our privacy practices, or wish to communicate with us about your rights set out in this Privacy Notice:
Mindset Management Programs (Pty) Ltd
Attention: The Data Protection Officer / Information Officer
Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the relevant data protection authority by following the appropriate links:
Information Regulator – South Africa:
Information Commissioner – European Union: