Privacy Policy

As part of our ongoing commitment to protect your personal information and ensure that you have access to trusted, professional Real Estate marketing services, we would like to assure you that data privacy is our top priority.

Please note that we may share your personal information within Residential Network Systems (PTY) Ltd Group from time to time, as well as with third parties that act on our behalf.

We at Residential Network Systems (PTY) Ltd Group recognize the importance of protecting the privacy of certain information or data collected about our users, Estate Agents and clients / customers.

This Privacy Policy discloses what information we gather, how we use it and how to correct or change it.

Collection of Information

Residential Network Systems (PTY) Ltd Group only collects personal information that is necessary for business purposes. We collect personal information by requesting it from you. Generally this occurs when you register on one of our websites, request information from us or participate in activities on our websites. At these times, you give contact information which may include name, address and e-mail address. When you purchase or utilise products and/or services from us, we will note, for example, your contact information, the type of services or products purchased, and the date of purchase. When other information such as, gender, date of birth, number of children, and product and/or service preferences, is associated with personal information, this also becomes personal information for the purposes of this Privacy Policy.

Use of Internet Protocol ("IP") Addresses

An IP address is a unique number that allows your computer to be identified by web servers. This in turn allows us to identify and gather general information and data about you, such as the web pages you view. Residential Network Systems (PTY) Ltd Group collects IP addresses for the purposes of system administration, to report information to our business partners, and in order to track and audit the use of our own websites. When users request pages from Residential Network Systems (PTY) Ltd Group's websites, our servers log the user's IP addresses.

Uses of Personal Information

As a general rule, Residential Network Systems (PTY) Ltd Group does not, and will not, sell or rent your personal information. We will use and disclose your personal information to others as stated in this Privacy Policy. We may use Personal Information in many ways, including sending you information on products and/or services and promotions. We may share your Personal Information with third parties so that these third parties can send you offers and or promotional materials. We will always seek the consent of Members, additional users or their guests before disclosing data relating to them for the making of offers by third parties, by informing Members, additional users or their guests of an intention to process their data for such purposes and offering them a possibility to opt out of such use of their data, in a form or document returned to each of them or alternatively by notifying each of them, by telephone, fax or e-mail.

We may use Personal Information to complete transactions requested by you on our web sites for example, or to send you communications either about your membership with us or about features of our websites, including future changes to this Privacy Policy. We may use Personal Information to monitor site traffic, to personalise the site and to send emails. We also use Your Personal Information for internal quality assurance purposes.

Usually, Residential Network Systems (PTY) Ltd Group and its business partners use your information to operate the websites and to deliver services. Residential Network Systems (PTY) Ltd Group also uses your information to inform you about other products and/or services available from Residential Network Systems (PTY) Ltd Group from time to time.

Sharing and disclosing information

The following describes some of the ways that your Personal Information may be disclosed. This is not an exhaustive list but serves by way of illustration only.

Business Partners: Residential Network Systems (PTY) Ltd Group provides Personal Information in order to facilitate a booking request or to generate leads to destination operators in connection with their offers. Many promotions also offer opportunities to request additional information from business partners. By requesting such information, you give Residential Network Systems (PTY) Ltd Group permission to transfer your Personal Information to the business partner for related use.

Third Party and Aggregate Data: From time to time, you may be offered the opportunity to receive materials or special offers from third parties. If you receive information from these third parties, Residential Network Systems (PTY) Ltd Group will share your name, e-mail address and other Personal Information with such third parties.

Other: Residential Network Systems (PTY) Ltd Group may disclose Personal Information if required to do so by law, court order or as requested by a governmental or law enforcement authority or in special cases when we have reason to believe that disclosing this Personal Information is otherwise necessary or advisable.

Controlling the use of your personal information: If a user wishes to update, correct or otherwise change Personal Information or objects to any usage provided herein for any reason, he/she may e-mail us at: clientcare@clubleisure.co.za

Linking to a third party web site

You should be aware that when you are on Residential Network Systems (PTY) Ltd Group websites you could hyperlink or be directed to other websites that are beyond our control and/or outside our service. For example, if you "click" on a banner advertisement or a Residential Network Systems (PTY) Ltd Group search result, the "click" may transfer you off the Residential Network Systems (PTY) Ltd Group website. Once you link to a third party web site and leave our website, your interaction with these third party web sites will no longer be governed by our Terms and Conditions or Privacy Policy. Accordingly, your use of these third party sites is at your own risk and is subject to the terms of use and policies set forth at such sites. Residential Network Systems (PTY) Ltd Group's inclusion of hyperlinks to these third party web sites do not imply any endorsement of, or responsibility or liability for, the material on such web sites or any association with their owners or operators.

Securing your Personal Information

The security of all information associated with our users is an important concern to us. We exercise reasonable care in providing secure transmission of your information from your computer to our servers. Unfortunately, given that we do not control transmissions or traffic over the Internet or through third party communication service providers, we cannot guarantee or warrant the security of such transmission of your Personal Information. Your use of the Internet and our website, including your transmission of Information to us, is at your own risk.

Your acceptance of these terms

By using Our websites, you signify your agreement with Residential Network Systems (PTY) Ltd Group's Privacy Policy. IF YOU DO NOT AGREE WITH THIS POLICY, PLEASE DO NOT USE OUR WEB SITES. Residential Network Systems (PTY) Ltd Group reserves the right, in its sole discretion, to modify, alter or otherwise update this Privacy Policy at any time without prior notice. Such revised policy shall be effective immediately upon posting, and shall govern your rights and our obligations with respect to the use, disclosure and protection of your Personal Information. You should check this Privacy Policy periodically for, and read carefully, any such revised policy if you are concerned about how your Personal Information will be used and before continuing your use of this website. Your continued use of Residential Network Systems (PTY) Ltd Group website following the posting of changes to these terms will mean you accept those changes.

POPI POLICY

Introduction

The Protection of Personal Information Act, (POPIA), has been circulated to regulate, together with international standards, the processing of personal information by public and private bodies in a responsible manner when collecting, processing, storing and sharing another entity’s personal information by holding them accountable should they abuse or compromise personal information in any way.

Purpose

RNS (PTY) Ltd Group is very committed to compliance and adherence to the POPI Act and safeguarding of the personal information that we are responsible for. This policy describes the manner in which the RNS (PTY) Ltd Group, will fulfil the legal requirements with the Protection of Personal Information Act, No 4 of 2013 and how and why we collect, store, use, and share or otherwise process your personal information. It also explains your rights in relation to your personal information and how to contact us if you have a question or complaint.

Examples of Personal Identifiable Information

Definition of Personal Information as stated in the POPI Act:
“personal information means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:

  1. information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
  2. information relating to the education or the medical, financial, criminal or employment history of the person;
  3. any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
  4. the biometric information of the person;
  5. the personal opinions, views or preferences of the person;
  6. correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
  7. the views or opinions of another individual about the person; and
  8. the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person;”

Further to this, Section 26 defines Special Personal Information as:
1. Religious or philosophical beliefs;
2. race or ethnic origin;
3. trade union membership;
4. political persuasion;
5. Criminal and disciplinary proceedings that the individual may be involved in;
6. health or sex life; and /or
7. Biometric information.

Key Definitions

POPIA - means the Protection of Personal Information Act 4 of 2013, as amended from time to time
Data subject - a person to whom personal information relates.
Direct marketing - sending a data subject an electronic communication about goods and services that you are promoting or offering to supply in the ordinary course of business,
Processing - any operation or activity concerning personal information, whether or not by automatic means, concerning personal information, including:

  • the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
  • dissemination by means of transmission, distribution or making available in any other form; or
  • merging, linking, as well as restriction, degradation, erasure, or destruction of information.

Record - any recorded information, regardless of when it came into existence:

  • Writing on any material;
  • Information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software or both, or other device, and any material subsequently derived from information so produced, recorded or stored;
  • Label, marking or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means;
  • Book, map, plan, graph or drawing;
  • Photograph, film, negative, tape or other device in which one or more visual images are embodied so as to be capable, with or without the aid of some other equipment, of being reproduced.

Responsible party - a public or private body or any other person which determines the purpose of and means for processing personal information.
Operator - is someone who processes the Personal information on behalf of the responsible party

Consent - any voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information.

SCOPE OF THE POLICY
This policy applies to all RNS (PTY) Ltd Group employees, Directors, Contractors, sub-contractors, agents, guests and customers. The provisions of the Policy are applicable to both on and off-site processing of personal information.

COLLECTION and PROCESSING OF PERSONAL INFORMATION
Personal Information must be collected directly from the Data Subject, unless:

  • Personal Information is contained in a public record;
  • Personal Information has been deliberately made public by the Data Subject;
  • Personal Information is collected from another source with the Data Subject’s consent;
  • Collection of Personal Information from another source would not prejudice the Data Subject;
  • Collection of Personal Information from another source is necessary to maintain, comply with or exercise any law or legal right;
  • Collection from the Data Subject would prejudice the lawful purpose of collection;
  • Collection from the Data Subject is not reasonably practicable.

RNS (PTY) Ltd Group only collects information required for a specific purpose and applies the strictest security measures to protect your information. RNS (PTY) Ltd Group does not process the personal information of a child (under 18) unless the processing:

  • Is carried out with the consent of the legal guardian
  • Is necessary to establish, exercise or defence of a right or obligation in law
  • Is necessary for historical, statistical or research purposes
  • Is information that is deliberately been made public by the child with the consent of the guardian

In accordance with section 10 of the POPI Act, RNS (PTY) Ltd Group will process personal information may only for the purpose for which it is processed, it is adequate, relevant and not excessive.
Section 11 of the POPI Act states that personal information can only be processed under the following conditions:

  • with the consent of the “data subject”; or
  • if it is necessary for the conclusion or performance of a contract to which the “data subject” is a party; or
  • it is required by law; or
  • it protects a legitimate interest of the “data subject”; or
  • it is necessary to pursue your legitimate interests or the interest of a third party to whom the information is supplied.

USE OF PERSONAL INFORMATION

  • Confirming and verifying an individual’s identity
  • Making a reservation or exchange with RNS (PTY) Ltd Group and/or its affiliates and associated companies
  • Checking into RNS (PTY) Ltd Group and affiliate resorts and companies
  • RNS (PTY) Ltd Group and affiliates and associated companies agreements including Shareblocks, Sectional Titles,
  • For credit checks, assessment and credit management
  • For purposes of claims history
  • For the detection and prevention of fraud, crime, money laundering or other malpractice
  • Conducting market or customer satisfaction research
  • For audit and record keeping purposes
  • In connection with legal proceedings
  • Inform an individual of services.
  • Staff administration, assessing, processing and entering into employee agreements.
  • Training and Assessments
  • Keeping of accounts and records
  • Complying with legal and regulatory requirements
  • Providing advertising, marketing and media services to clients including customer relationship management, content creation, web development, production services, animation, competitions, direct marketing, lead generation, digital media
  • Covid results

In the event that RNS (PTY) Ltd Group, its affiliates and associated companies, seeks to use the information for another purpose which is different to the purpose for which the information was collected initially, then RNS (PTY) Ltd Group, its affiliates and associated companies, will contact the data subject to obtain their consent for further processing.

8 CONDITIONS OF LAWFUL PROCESSING - POPIA sets out eight conditions that businesses must comply with when processing the personal information of data subjects. These 8 conditions are the foundational principles of POPIA that, when complied with, ensure that a data subject’s personal information is being processed lawfully.

ACCOUNTABILITY
RNS (PTY) Ltd Group, its affiliates and associated companies are responsible for administering and overseeing the implementation of this Policy and any applicable supporting guidelines and procedures. This includes all and any information collected directly from a data subject and from any other source or authorised third parties.

PROCESSING LIMITATION
Contact information is adequate, relevant and not excessive.
RNS (PTY) Ltd Group, its affiliates and associated companies, may only process Personal Information if one of the following grounds of lawful processing exists:

  • The Data Subject consents to the processing;
  • Processing is necessary for the conclusion or performance of a contract with the Data Subject;
  • Processing complies with a legal responsibility imposed on RNS (PTY) Ltd Group, its affiliates and companies;
  • Processing protects a legitimate interest of the Data Subject;
  • Processing is necessary for pursuance of a legitimate interest of RNS (PTY) Ltd Group, its affiliates and associated companies, or a third party to whom the information is supplied;

Special Personal Information includes:

  • Religious, philosophical, or political beliefs;
  • Race or ethnic origin;
  • Trade union membership;
  • Health or sex life;
  • Biometric information (including blood type, fingerprints, DNA, retinal scanning, voice recognition, photographs);
  • Criminal behaviour;
  • Information concerning a child.

RNS (PTY) Ltd Group, its affiliates and associated companies may only process Special Personal Information under the following circumstances:

  • The Data Subject has consented to such processing;
  • The Special Personal Information was deliberately made public by the Data Subject;
  • Processing is necessary for the establishment of a right or defence in law;
  • Processing is for historical, statistical, or research reasons
  • If processing of race or ethnic origin is in order to comply with affirmative action laws

PURPOSE SPECIFICATION
RNS (PTY) Ltd Group, its affiliates and associated companies will process personal information only for specific, explicitly defined, and legitimate reasons. We ensure that information that is no longer needed is destroyed within requirements of SAICA document retention guidelines.
RNS (PTY) Ltd Group, its affiliates and associated companies will inform data subjects of these reasons prior to collecting or recording the data subject’s personal information. Refer to Use of Personal Information above.

FURTHER PROCESS LIMITATION
New processing activity must be compatible with original purpose of processing. Where this secondary purpose is not compatible with the original purpose, RNS (PTY) Ltd Group, its affiliates and associated companies will first obtain additional consent from the data subject.

INFORMATION QUALITY
RNS (PTY) Ltd Group, its affiliates and associated companies will take reasonable steps to ensure that all personal information collected is complete, accurate and not misleading.
Where personal information is collected or received from third parties, RNS (PTY) Ltd Group, its affiliates and associated companies will take reasonable steps to confirm that the information is correct by verifying the accuracy of the information directly with the data subject or by way of independent sources. RNS (PTY) Ltd Group, its affiliates and associated companies periodically review and verify Data Subject records to ensure that the Personal Information is still valid and correct.

OPENNESS
RNS (PTY) Ltd Group, its affiliates and associated companies values transparency and will only process information in a fair and transparent manner. We maintain the documentation of all processing operations under our responsibility and takes reasonably practical steps to ensure that the data subject is aware of, amongst others:

  1. the information being collected and the purpose for the collection;
  2. the identity of the responsible party; and
  3. any consequences of not supplying the information.

RNS (PTY) Ltd Group, its affiliates and associated companies aims to have agreements in place with all contractors, suppliers and third party service providers to ensure a mutual understanding with regard to the protection of the client’s personal information and compliance to POPIA.
For the purpose of continuous improvement all contractors, suppliers, and other third-party service providers will be required to sign a service level agreement guaranteeing their commitment to the Protection of Personal Information
Employee contracts have been updated to include relevant consent clauses for the use and storage of employee information. Addendums have been updated for existing employees.

SECURITY SAFEGUARDS
Security controls have been implemented in order to minimise the risk of loss, unauthorised access, disclosure, interference, modification or destruction. We are committed to ensuring that information is only used for legitimate purposes with consent and only by authorised employees.
RNS (PTY) Ltd Group, its affiliates and associated companies will ensure the integrity and confidentiality of all Personal Information in its possession, by taking reasonable steps to identify all reasonably foreseeable risks to information security and establish and maintain appropriate safeguards against such risks. We continuously monitor risks and threats and update procedures to mitigate existing and new threats.
Written records - Personal Information records are stored in waterproof and fireproof safes or in locked cabinets under access control. When in use Personal Information records should not be left unattended in areas where non-staff members may access them. Personal Information which is no longer required is disposed of by shredding. Any loss or theft of, or unauthorised access to, Personal Information must be immediately reported to the Information Officer.
Electronic Records - All electronically held Personal Information is saved in a secure database.
As far possible we endeavour to limit saving of Personal Information on individual computers, laptops or hand-held devices. All computers, laptops and hand-held devices is access protected with a password, fingerprint or with the password being of reasonable complexity and changed frequently.
Employees are required to lock their computers or laptops when leaving their workspace for any length of time and to log off at the end of the day.
Electronical Personal Information which is no longer required must be deleted from the individual laptop or computer and the relevant database. The employee must ensure that the information has been completely deleted and is not recoverable.
Any loss or theft of computers, laptops or other devices which may contain Personal Information must be immediately reported to their Line Manager, who shall notify the IT department, who shall take all necessary steps to remotely delete the information, if possible.

DATA SUBJECT PARTICIPATION
The data subject is entitled to

  • ask what personal information we hold about you;
  • request access to the personal information that we hold about you;
  • how that information was collected and to whom their personal information has been disclosed;
  • ask us to update, correct or delete any out-of-date or incorrect personal information we hold about you;
  • unsubscribe from any direct marketing communications we may send you; or
  • object to the processing of your personal information.

To do this, simply contact us at the numbers/addresses as provided below and specify what information you require. We will need a copy of your ID document to confirm your identity before providing details of your personal information.
Please note that any such access request may be subject to a payment of a legally allowable fee. All such requests must be submitted in writing to the Information Officer at info@rnsonline.co.za

DISCLOSURE OF PERSONAL INFORMATION
We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We take reasonable steps to protect the confidentiality and security of your personal information when it is disclosed to a third party and seek to ensure the third-party deals with your information in accordance with our instructions, applicable privacy laws, and only for the purpose for which it is disclosed. We may also disclose your information where we have a duty or a right to disclose in terms of law and where we believe it is necessary to protect our rights.

Transfer of Personal Information out of South Africa
The Act controls the transfer of personal information from South Africa to foreign countries and prohibits this unless: (section 71)

  • the person receiving the information is subject to similar laws;
  • the subject has agreed to the transfer of information;
  • such transfer is part of the performance of a contract which the subject is a party; or
  • transfer is for the benefit of the subject and it is not reasonably practicable to obtain their consent and that such consent would be likely to be given. (section 72)

All employees have a duty of confidentiality in relation to RNS (PTY) Ltd Group, its affiliates and associated companies and clients.
Employees and other persons acting on behalf of RNS (PTY) Ltd Group, its affiliates and associated companies and clients are required to treat personal information as a confidential business asset and to respect the privacy of data subjects.
Our clients’ right to confidentiality is protected in the Constitution and in terms of the Law. Information may be given to a 3rd party if the client has consented in writing to that person receiving the information.
RNS (PTY) Ltd Group, its affiliates and associated companies views any contravention of this policy very seriously and employees who are guilty of contravening the policy will be subject to disciplinary procedures, which may lead to the dismissal of any guilty party

DIRECT MARKETING
All Direct Marketing communications shall contain the Group’s, and/or the Company’s details, and an address or method for the customer to opt-out of receiving further marketing communication.
Existing Customers - Direct Marketing by electronic means to existing customers is only permitted:

  • If the customer’s details were obtained in the context of a sale or service; and
  • For the purpose of marketing the same or similar products;

The customer is given the opportunity to opt-out of receiving direct marketing on each occasion of direct marketing.
Consent - RNS (PTY) Ltd Group, its affiliates and associated companies may send electronic Direct Marketing communication to Data Subjects who have consented to receiving it. RNS (PTY) Ltd Group, its affiliates and associated companies may approach a Data Subject for consent only once.

RETENTION AND RESTRICTION OF RECORDS
POPI requires that records of personal information must not be kept any longer than is necessary for achieving the purpose for which the information was collected. There are some exceptions to this rule, where the information may be kept for longer:

  • When required by law- Records may be retained for longer when the retention “is required or authorised by law” Section 14(1)(a)
  • Reasonably required- Records may be retained for longer when the organisation “reasonably requires the record for lawful purposes related to its activities and functions” Section 14(1)(b)
  • Required by contract- As an example, your service contract with a customer might state that you are required to provide your customer with important safety updates regarding your product. In order to perform under the contract you would therefore need their contact information.
  • Consent- Consent under POPI has to be specific, voluntary and informed.

Section 14(2) – (7) have further exceptions relating to retention for research / statistical purposes, where the personal information was used in a decision about the data subject, restriction of records etc.

POPI COMPLAINTS PROCEDURE
Data subjects have the right to complain in instances where any of their rights under POPIA have been infringed upon. The organisation takes all complaints very seriously and will address all POPI related complaints in accordance with the following procedure:
POPI complaints must be submitted to RNS (PTY) Ltd Group, its affiliates and associated companies in writing. Where so required, the Information Officer will provide the data subject with a “POPI Complaint Form”.
Where the complaint has been received by any person other than the Information Officer, that person will ensure that the full details of the complaint reach the Information Officer within 1 working day.
The Information Officer will provide the complainant with a written acknowledgement of receipt of the complaint within 2 working days. (SLA)
The Information Officer will carefully consider the complaint and address the complainant’s concerns in an amicable manner. In considering the complaint, the Information Officer will endeavour to resolve the complaint in a fair manner and in accordance with the principles outlined in POPIA.
The Information Officer must also determine whether the complaint relates to an error or breach of confidentiality that has occurred and which may have a wider impact on RNS (PTY) Ltd Group, its affiliates and associated companies data subjects.
Where the Information Officer has reason to believe that the personal information of data subjects has been accessed or acquired by an unauthorised person, the Information Officer will consult with the respective Board of Directors, where after the affected data subjects and the Information Regulator will be informed of this breach.
The Information Officer will revert to the complainant with a proposed solution with the option of escalating the complaint to the organisation’s governing body within 7 working days of receipt of the complaint. In all instances, RNS (PTY) Ltd Group, its affiliates and associated companies will provide reasons for any decisions taken and communicate any anticipated deviation from the specified timelines.
The Information Officer’s response to the data subject may comprise any of the following:
A suggested remedy for the complaint,
A dismissal of the complaint and the reasons as to why it was dismissed,
An apology (if applicable) and any disciplinary action that has been taken against any employees involved.
Where the data subject is not satisfied with the Information Officer’s suggested remedies, the data subject has the right to complain to the Information Regulator.

Information Regulator
Tel: 012 406 4818 or +27 (0) 10 023 5207
Email: inforeg@justice.gov.za

The Information Officer will review the complaints process to assess the effectiveness of the procedure on a periodic basis and to improve the procedure where necessary.

GENERAL DESCRIPTION OF INFORMATION SECURITY MEASURES
RNS (PTY) Ltd Group, its affiliates and associated companies employs up to date technology to ensure the confidentiality, integrity and availability of the Personal Information under its care.
Measures include:
Active Directory, Firewalls and No-IP DDNS Firewalls
Virus protection
Software and update protocols
Logical and physical access control
Role based access control, network segmentation and physical access
Secure setup of hardware and software making up the IT infrastructure
Backups are maintained by the server administrators and internal server support. The servers are also covered by disaster recovery To Cloud
Access control system for workstation access, client VPN access, internet access levels, Mimecast access, Office 365 access (Email, documents and Microsoft online services)
All data transfers are encrypted at all points when data enters and leaves systems for processing.

POLICY AMENDMENTS
Amendments to this Policy will take place on an ad hoc basis as and when required and will be updated on RNS (PTY) Ltd Group websites.

CONTACT INFORMATION
Any questions relating to the POPI policy or the treatment of an individual’s personal data may be addressed to the contact details below:
Information officer: Mrs Maureen Stow
Telephone number: 011 894 6920
Postal address: PO Box 1469, Benoni, 1500
Physical address: 51 Lakefield Ave. Benoni 1501
Email address: info@rnsonline.co.za
Website: www.rnsonline.co.za