Europa Organisation Africa
Policy in terms of the Protection of Personal Information Act 4 of 2013 (POPI Act)
Approved: 18 June 2019
- Europa Organisation Africa (EOA) is a professional conference organiser (PCO) specialising in medical and healthcare congresses and events.
- Personal information is collected for the purpose of facilitating delegate attendance at congresses managed by EOA.
- EOA is:
- – obliged to comply with the POPI Act;
- – required to advise clients as to how their personal data is used, disclosed and destroyed; and
- – committed to protecting its clients’ privacy and ensuring that their personal data is used appropriately, transparently, securely and in accordance with applicable laws.
- This policy is made available on the EOA website: eoafrica.co.za and is available on request from the EOA Information Officer.
- EOA reserves the right to make changes to this policy or to update it.
- This policy applies to:
- – the business of EOA wherever it is conducted; and
- – information relating to identifiable individuals in terms of the POPI Act.
EOA will comply with the POPI Act and good practice to avoid causing harm to individuals through inappropriate handling of their information.
Purpose and nature of personal data collected
- Personal information is collected for the purpose of facilitating delegate attendance at congresses managed by EOA and is used for:
- – registering congress delegates;
- – arranging their accommodation and travel;
- – arranging visas;
- – managing applications for grant support for attendance at congresses; and
- – drawing up contracts with associations.
- Type of information collected:
- – Identity number;
- – Passport number;
- – Name and surname;
- – Demographic data;
- – Professional qualifications;
- – Curriculum Vitae;
- – Area of professional speciality;
- – Institutional affiliation;
- – Postal address;
- – Residential address;
- – Place of work;
- – Postal codes; and
- – Dietary requirements.
How personal information is used
- Personal information will only be used for the purpose for which it is collected and intended. The client will be made aware of the purpose for which the information is collected.
- The purpose for which information is collected includes:
- – registration for congress attendance;
- – travel and accommodation arrangements;
- – application for a visa;
- – registration as faculty at congresses;
- – registration as a presenter of an abstract or paper;
- – application and registration as a grant recipient;
- – provision of information to comply with B-BBEE requirements;
- – solicitation of feedback related to the EOA services;
- – advice concerning forthcoming conferences of relevance; and
- – compliance with legal proceedings, regulatory requirements, or when it is otherwise allowed by law or when it is necessary to protect the rights of EOA.
- EOA undertakes not to sell or otherwise supply personal information to third parties for commercial or marketing purposes.
Measures to meet conditions for processing
- The POPI Act requires the adequate protection of personal data:
- – Those providing data should consent to the processing of the data. Consent is obtained when the data is collected.
- – Consent to process the information is obtained from the client or a person authorised by the client to provide the information.
- – The client should be notified if information is being used for a purpose other than that for which consent was given.
- – Personal information will be used when processing is necessary to provide the services to the client.
- – EOA will continually review its security controls and processes to ensure that personal information is adequately protected.
- – Personal data of clients may be retained in order to contact them regarding future and relevant events and sometimes to solicit feedback. However, at the time of initial collection, EOA will provide every client with the option to opt out of receiving any future communications of this nature.
- – Staff contracts and training on this policy will ensure knowledge and compliance.
- – Third-party suppliers will be required to sign a service level agreement giving their commitment to the protection of personal information.
- – Anyone processing personal information on behalf of EOA must treat the information as confidential and not disclose it unless required by law.
- – Any third party must apply the same security measures as the responsible party i.e. EOA.
Access and correction of personal data
- Clients have the right to access their personal information that EOA holds.
- Clients may also request EOA to update, correct or delete their personal information, on reasonable grounds.
- Once a client objects to the processing of their personal data, EOA may no longer process their information.
- EOA is committed to ensuring that clients are aware that their data is being processed and:
- – for what purpose;
- – what types of disclosures are likely; and
- – how to exercise their rights in relation to the data.
Responsibilities of the Information Officer
- The Information Officer holds a key role in the development, maintenance and implementation of this policy, including:
- – the development, maintenance, updating, publication and implementation of the policy;
- – management of any breach;
- – the receipt and handling of enquiries and complaints;
- – the contracting and training of all staff on this policy; and
- – the contracting and training of all third party-suppliers on this policy.
Tel: +27 (0) 11 325 0020
Cell: +27 (0) 82 774 8510