|
1.
|
Content of member Information
|
|
SADA shall ensure that:
|
|
1.1
|
member information shall be
obtained only for the purpose of delivering and improving the Services and will
not be processed in any manner incompatible with this purpose;
|
|
1.2
|
member information shall be
adequate, relevant and not excessive in relation to the abovementioned
purpose for which it is collated and/or processed;
|
|
1.3
|
member information shall be
accurate, and where necessary, kept up to date and reasonable steps shall
be taken to ensure that information which is inaccurate and/or incomplete,
having regard to the purpose for which it was collected, is erased or
rectified;
|
|
1.4
|
member information shall be kept in a format which permits
identification for no longer than is necessary for the purpose for which
the information was collected or processed.
|
|
|
|
2
|
member Consent
|
|
member information may only be processed
if:
|
|
2.1
|
the member has unambiguously
given his consent; or
|
|
2.2
|
processing is necessary for:
|
|
|
2.2.1
|
the performance of a contract to
which the member is a party; or
|
|
|
2.2.2
|
in order to take steps at the request
of the member prior to entering into a contract; or
|
|
|
2.2.3
|
for compliance with a legal
obligation to which SADA is subject; or
|
|
|
2.2.4
|
the performance of a task
carried out in the public interest or in the exercise of official authority
vested in the recipient; or
|
|
|
2.2.5
|
for purposes of the legitimate interest pursued by SADA,
except where such interest is overridden by the interest for fundamental
rights as reflected in the constitution.
|
|
|
|
3.
|
Access to member Information
|
|
SADA shall ensure that:
|
|
3.1
|
access to, or disclosure of
member information will not be authorized without the documented commitment
of the intended recipient so as to maintain confidentiality and the
rightful use of such information;
|
|
3.2
|
access to member information by SADA personnel, contract
workers, consultants, service providers or suppliers will be restricted to
the level of access needed to effectively perform delegated or contracted
duties and/or the level of service needed to render a reliable and
effective service to SADA members.
|
|
|
|
4.
|
Preventative Measures
|
|
SADA shall ensure that
appropriate technical and organizational measures shall be taken against
the unauthorized access, processing or disclosure of member information
|
|
|