Policies
AML Policy
GLOBAL ANTI-MONEY LAUNDERING POLICY
1. Introduction
1.1 As a company, we are committed to carrying on business in accordance with the highest ethical standards. This includes complying with all applicable laws and regulations aimed at combating money laundering and terrorist financing. This Policy has been developed by SERRN to reduce the risk of money laundering and terrorist financing associated with its business and the sale of its products. This Policy explains our individual responsibility in complying with anti-money laundering and counter-terrorist financing laws ("AML Laws") around the world and ensuring that any third parties that we engage to act on our behalf, do the same.
1.2 The management of SERRN is committed to complying with all laws. Any employee who violates the rules in this Policy or who permits anyone to violate those rules may be subject to appropriate disciplinary action, up to and including dismissal, and may be subject to personal civil or criminal fines.
1.3 If you have any questions about this Policy, you should contact us on info@serrn.com
2. Policy Statement on AML
2.1 It is SERRN 's policy to comply with all applicable AML Laws in our operations worldwide. To this end, SERRN will only conduct business with customers who are involved in legitimate business activity and whose funds are derived from legitimate sources.
2.2 This Policy is intended to help employees, contractors, and other third parties acting on the company’s behalf to understand where breaches of AML Laws might arise and to support them in making the right decisions in line with our corporate position as stated in this Policy.
3. Board Endorsement
3.1 The Board of SERRN will not criticise management for any loss of business resulting from adherence to this Policy. No employee or contractor will suffer as a consequence of bringing to the attention of the Board or senior management, in good faith, a known or suspected breach of this Policy nor will any employee or contractors suffer any adverse employment or contract decision for abiding by this Policy.
4. Who is subject to this Policy?
4.1 This Policy applies to SERRN 's operations globally, including all legal entities worldwide owned or controlled by SERRN (including all group companies), and to all directors, officers, employees, contractors, and other third parties acting on behalf of the foregoing.
5. What's the risk?
5.1 Violations of AML Laws may lead to severe civil and/or criminal penalties against companies and individuals, including significant monetary fines, imprisonment, extradition, blacklisting, revocation of licences, and disqualification of directors.
5.2 In addition, violations of AML Laws can lead to damaging practical consequences, including harm to reputation and commercial relationships, restrictions in the way we can do business, and extensive time and cost in conducting internal investigations and/or defending against government investigations and enforcement actions.
6. What do we mean by Money Laundering and Terrorist Financing?
6.1 Money laundering means exchanging money or assets that were obtained criminally for money or other assets that are ‘clean’. The clean money or assets don’t have an obvious link with any criminal
activity. Money laundering also includes money that’s used to fund terrorism, however it’s obtained.
6.2 The following types of activities are “money laundering” and are prohibited under this Policy:
a) the conversion or transfer of property (including money), knowing or suspecting that such property is derived from criminal or certain specified unlawful activity ("criminal property"), for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such activity to evade the legal consequences of his action.
b) conducting a financial transaction which involves criminal property;
c) the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, ownership or control of criminal property;
d) the acquisition, possession or use of criminal property;
e) promoting the carrying on of unlawful activity; and
f) participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions mentioned in the foregoing points.
6.3 The broad definition of money laundering means that anybody (including any SERRN employee) could be in violation of the law if he/she becomes aware of, or suspects, the existence of criminal property within the business and becomes involved in or continues to be involved in a matter which relates to that property being linked to the business without reporting his/her concerns.
6.4 Property can be criminal property where it derives from any criminal conduct, whether the underlying criminal conduct has taken place in the country where you are situated or overseas.
6.5 Terrorist financing may not involve the proceeds of criminal conduct, but rather an attempt to conceal the origin or intended use of the funds, which will later be used for criminal purposes
7. Red Flags
7.1 Where any suspicions arise that criminal conduct may have taken place involving a customer, colleague or third party, you should consider whether there is a risk that money laundering or terrorist financing has occurred or may occur.
7.2 Some examples of red flags to be reported include:
A customer provides insufficient, false or suspicious information or is reluctant to provide complete information
Methods or volumes of payment that are not consistent with the payment policy or that are not customarily used in the course of business, e.g., payments with money orders, traveller’s checks, and/or multiple instruments, and payments from unrelated third parties
Receipts of multiple negotiable instruments to pay a single invoice
Requests by a customer or partner to pay in cash
Early repayments of a loan, especially if payment is from an unrelated third party or involves another unacceptable form of payment
Orders or purchases that are inconsistent with the customer’s trade or business
Payments to or from third parties that have no apparent or logical connection with the customer or transaction
Payment to or from countries considered high risk for money laundering or terrorist financing
Payments to or from countries considered to be tax havens or offshore jurisdictions
Payments from countries unrelated to the transaction or not logical for the customer
A customer’s business formation documents are from a tax haven, or a country that poses a high risk for money laundering, terrorism or terrorist financing, or a country that is not logical for the customer
Overpayments followed by directions to refund a payment, especially if requested to send the payment to a third party
Any customer for whom you cannot determine the true beneficial owner
Structuring transactions to avoid government reporting or record keeping requirements
Unusually complex business structures, payment patterns that reflect no real business purpose
Wire transfer activity that is not consistent with the business activities of the customer, or which originates or terminates with parties unrelated to the transaction
Unexpected spikes in a customer’s activities
The above is not intended to be an exhaustive list. Deviation from customer and accepted business practice should alert you to further investigate the activity in accordance with this Policy.
8. Compliance controls
8.1 Senior management in each SERRN business are responsible for ensuring that their business has a culture of compliance and effective controls to comply with AML laws and regulations to prevent, detect and respond to money laundering and counter-terrorism financing and to communicate the serious consequences of non-compliance to employees.
9. Employee Responsibility
9.1 You have the obligation to read and follow this Policy, to understand and identify any red flags that may arise in their business activities and to escalate potential compliance concerns related to AML to Ethics and Compliance or the Legal Department without notifying anyone involved in the transaction and should not take any actions prior to receiving advice and/or instructions.
10. Due Diligence and Record Keeping
10.1 It is our policy to carry out due diligence ("DD") at the outset of any business relationship and, if necessary, where any red flags arise subsequently on our suppliers, distributors, counterparties, agents and any person with whom SERRN has an established business relationship that will involve the transfer to or receipt of funds ("Customers"), so we can be satisfied that they are who they say they are and so that we can ensure that there are no legal barriers to working with them before contracts are signed or transactions occur. Various factors will determine the appropriate forms and levels of screening.
10.2 You should escalate any instances where you have cause for suspicion as a result of carrying out DD and ongoing monitoring to Ethics and Compliance or the Legal Department, who will advise them regarding which tools and processes should be used to facilitate appropriate screening.
10.3 You must, in consultation with the Ethics and Compliance or the Legal Department, carefully consider screening outcomes before deciding whether to do business with the third party.
10.4 Finance managers must regularly monitor and/or review Customers to identify business activity or governance that could indicate money laundering or terrorist financing is taking place.
10.5 Record-keeping is an essential component of the audit trail required to assist in any investigation. You must maintain records as evidence of the DD and ongoing monitoring undertaken.
11. Non-compliance
11.1 Any SERRN employee or contractor, who violates this Policy may be subject to appropriate disciplinary action, independently from potential other penalties resulting from their behaviour.
11.2 Internal Audit shall conduct regular checks on local businesses to ensure compliance with AML Laws.
12. Updates, Review and Ownership
12.1 This Policy may be updated from time, and the updated version of the Policy will be immediately made available on the SERRN intranet.
Privacy Policy
Serrn adheres to the highest standards of protecting your personal information when you use www.serrn.com or any of its related blogs, websites, applications or platforms (collectively, “the Website”) or any Serrn “Services”. As such, we have created this specific and detailed Privacy Policy for you to read and appreciate exactly how we safeguard your personal information and respect your privacy (“Policy”).
● For more information regarding your personal information lawfully stored or used by the Website or Serrn, please contact info@serrn.com who will gladly assist.
● This Policy was last updated on 21 September 2023.
● Not all terms are necessarily defined in order.
● This Policy complies with, and facilitates the obligations required from, the South African Protection of Personal Information Act, No. 4 of 2013 (“POPI”), as amended.
1. Introduction and Our Role:
1.1. In some circumstances, Serrn is the “responsible party” (as defined in POPI) and is responsible for your personal information (collectively referred to as “we”, “us” or “our” in this Policy) in instances where we decide the processing operations concerning your personal information.
1.2. Sometimes we also operate as an “operator” (as defined in POPI) of personal information on behalf of a third-party responsible party, where that responsible party’s privacy terms will apply. The terms "user", “you", “data subject” and “your” are used interchangeably in this Policy and refer to all persons accessing the Website or engaging with Serrnfor any reason whatsoever.
1.3. We have appointed a data representative at Serrn who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact the representative using the details set out below.
1.4. Our full details are:
1.4.1. Full name of legal entity: Serrn (Pty) Ltd
1.4.2. Name or title of data representative: Dino Swart
1.4.3. Email address: info@serrn.com
1.4.4. Official Registered offices: 406 Vista Drive, Faerie Glen, Pretoria, South Africa.
1.5. You have the right to make a complaint at any time to the South African data regulator’s office (Information Regulator’s Office of South Africa). We would, however, appreciate the chance to deal with your concerns before you approach any such regulator, so please contact us in the first instance.
1.6. The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or terms. When you leave our Website, or engage with such third parties, we encourage you to read the distinct privacy policy of every third-party you engage with.
2. Personal information we collect from you:
2.1. Should you decide to register with or function as a user on the Website and/or use any Serrn, you thereby expressly consent to, and opt-in to Serrn collecting, collating, processing, and using the following types of information about you when you use the Website (“personal information”):
2.1.1. Information provided by the user or from a user’s other authorised responsible party: Serrn processes personal information (that is information about the user that is personally identifiable like the user’s name, address, bank account information, age, gender, ID number, email address, delivery address, company name, Service transaction information and documentation, company registration number, main industry sector, contact details, phone number(s) and other unique information such as user IDs and passwords, service preferences and contact preferences that are not otherwise publicly available) which Serrn either processes as its own responsible party, or which is received from another responsible party to whom you have provided your personal information with your permission to be shared with Serrn as the operator; and
2.1.2. Information that is collected automatically: Serrn receives and stores information which is transmitted automatically from the user’s computer when the user browses the internet and the Website specifically. This information includes information from cookies (which are described in clause 9 below), the user’s Internet Protocol (“IP”) address, browser type, web beacons, geo-location information, embedded web links, and other commonly used information-gathering tools. These tools collect certain standard information that your browser sends to the Website such as your browser type and language, access times, and the address from which you arrived at the Website.
2.2. Should your personal information change, please update it yourself by logging into your user account on the Serrn platform in order to make the necessary change/s to your information or immediately inform us and provide us with updates to your personal information as soon as reasonably possible to enable us to update it. Serrn will, however, not be able to update any personal information of yours attained from another responsible party, where should you want to update same, you must approach the relevant responsible party to do so. Serrnis under no obligation to ensure that your personal information or other information supplied by you is correct.
2.3. You understand and agree that changes in your personal information may affect whether we may provide you with our Services or not, and as such, any changes to your personal information must be brought to our attention immediately, which may or may not subsequently affect how we provide the Services to you.
2.4. We do not process the personal information of children when a data subject user is below the age of 18 (eighteen). Do not provide us with any such information, where same is considered a material breach of these Terms.
2.5. You warrant that the personal information disclosed to Serrn is directly from you as the user on the Website or in connection to the Services, and all such personal information is lawfully yours to provide. You also warrant that any personal information provided to us from a third-party responsible party, was attained from you lawfully and provided to us with your express consent to the relevant responsible party to do so.
2.6. You may choose to provide additional personal information to us, in which event you agree to provide accurate and current information, and, generally, not to impersonate or misrepresent any person or entity or falsely state or otherwise misrepresent your affiliation with anyone or anything.
3. When do we collect your personal information: We will process your personal information in the following circumstances:
3.1. when you contract with us for products and/or Services from us online or over the phone.
3.2. when you have sent us supporting documentation for the purpose of approving your account or verifying your company details.
3.3. when you access our website or use any of our mobile apps. Our website also uses cookies; to find out more about the use of cookies and how you can manage them, please read our Cookie provision below;
3.4. when you register for our newsletter or request for a quote.
3.5. when you have been in contact with one of our sales representatives or account managers during presentations, trade shows, exhibitions, conferences or roadshows.
3.6. when you contact us or we contact you to take part in surveys; and/or
3.7. when you engage with us on social media (by mentioning/tagging us or by contacting us directly).
4. How we use your personal information:
4.1. Any processing of your personal information will be reservedly for our legitimate business purposes and as a necessary function of your engagement with the Website and/or our Services, and you have expressly consented to this by using our website and/or Services, but we will not, without your express consent:
4.1.1. use your personal information for any purpose other than as set out below:
4.1.1.1. in relation to the provision to you of the Services and/or access to the Website; 4.1.1.2. to fulfil orders for products and Services.
4.1.1.3. to provide you either telephonic or email support.
4.1.1.4. for internal record keeping of responsible party third parties and the development of metrics of third-party searches.
4.1.1.5. to contact you regarding current or new Services or any other product offered by us or any of our divisions and/or partners (unless you have opted out from receiving marketing material from us, possible through that same correspondence to you);
4.1.1.6. to inform you of new features, special offers and promotional competitions offered by us or any of our divisions and/or partners (unless you have opted out from receiving marketing material from us, possible through that same correspondence to you); and 4.1.1.7. to improve our product selection and your experience on our website by, for example, monitoring your browsing habits, or tracking your activities on the Website; or
4.1.2. disclose your personal information to any third party other than as set out below:
4.1.2.1. to our employees and/or third-party service providers who assist us to interact with you via our Website, email or any other method, for your use of the Services, and thus need to know your personal information in order to assist us to communicate with you properly and efficiently;
4.1.2.2. to other authorised parties in a formal Serrn transaction with you who require your personal information in order to allow you to use the Website and/or Services (e.g. such as your related buyer or seller)
4.1.2.3. to our professional services providers (such as our insurers or lawyers where we believe that it is required under our contractual relationship with our insurance provider to do so);
4.1.2.4. to law enforcement, government officials, fraud detection agencies or other third parties when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report or support the investigation into suspected illegal activity or the contravention of an applicable law, or to investigate violations of this Policy and/or the Website’s other policies; and
4.1.2.5. to our service providers (under contract with us) who help with parts of our business operations (delivery service providers, fraud prevention, marketing, technology services etc). However, our contracts dictate that these service providers may only use your information in connection with the services they perform for us, not for their own benefit and under the same standards as how we operate.
4.2. All personal information disclosed will always be at an absolute minimum, and strictly for the original purposes acquired, or to satisfy the minimum requirements of a party to whom it is disclosed. We will never provide your personal information to any third-party which they do not need to absolutely have.
4.3. We are entitled to use or disclose your personal information if such use or disclosure is required in order to comply with any applicable law, subpoena, order of court or legal process served on us, or to protect and defend our rights or property. In the event of a fraudulent online payment, Serrn is entitled to disclose relevant personal information for criminal investigation purposes or in line with any other legal obligation for disclosure of the personal information which may be required of it.
5. Our legal justifications for processing your personal information:
5.1. Your use of the Website and/or any of our Services constitutes your explicit opt-in consent to our processing of your personal information. Further, we also rely on our contractual arrangements with you as the lawful basis on which we collect and process your personal information when you make an order for products and Services. Alternatively, in some cases, we rely on our legitimate interests as a business (for example, to measure customer satisfaction and troubleshoot customer issues). Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
5.2. Subject to the other provisions in this Policy, the following constitutes our reasons for processing your personal information:
5.2.1. To make our Services available to you:
5.2.1.1. We use your personal information to provide you with information, products and Services that you request or purchase from us (i.e. to complete certain tasks, processes or orders on our Website or within our apps, take payment online (where applicable) and deliver your products or Services), and to communicate with you regarding those products and Services that you purchased from us and respond to your questions and comments. Same will include sharing your personal information with another authorised party in your Service transaction, such as the relevant buyer or seller.
5.2.1.2. We may also use your personal information to measure how satisfied our customers are and provide customer service (including troubleshooting in connection with purchases or your requests for Services or when you ask us questions on social media).
5.2.2. For administrative and internal business purposes:
5.2.2.1. We may use your personal information for our internal business purposes, such as administrative fulfilment of orders, administrative fulfilment of invoices, project management and internal reporting. We may also use your data to monitor the use of our Website and ensure that our Website is presented in the most effective and relevant manner for you and your device and setting default options for you.
5.2.2.2. It is in our legitimate interests as a business to use your personal information in this way. For example, we want to ensure our website is customer-friendly and works properly and that our products and Services are efficient and of high quality. We also want to make it easy for you to interact with us.
5.2.3. For security and legal reasons:
5.2.3.1. We use your personal information to:
5.2.3.1.1. ensure the personal and financial information you provide us is accurate.
5.2.3.1.2. conduct fraud checks or prevent other illegal activity.
5.2.3.1.3. protect our rights or property (or those of others); and
5.2.3.1.4. fulfil our legal and compliance-related obligations.
5.2.3.2. In some cases, we will use your personal information because it’s necessary for us to comply with a legal obligation (such as if we receive a legitimate request from a law enforcement agency, or need to appoint an arbitrator or other authorised third party in a dispute-scenario with you).
5.2.3.3. In other cases (such as the detection of fraud) we will rely on our legitimate interests as a business to use your personal information in this way. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights. 5.2.4. To notify you about changes to the Website / Services:
5.2.4.1. We may also send you administrative messages and email updates regarding the Website or any changes thereto, for your information, action and/or records. 5.2.5. In relation to your Serrn customer relationship:
5.2.5.1. We use your personal information to personalise your experience with Serrn to:
5.2.5.1.1. provide you with marketing information via SMS, post and email as you have given us your consent to this.
5.2.5.1.2. process your registration details, account activity and purchase history to analyse how you use our Website and Services. This may include information on Services you have viewed and historical transactions. This allows us to provide a browsing experience which is relevant to you.
5.2.5.1.3. carry out limited automated decision making (segmentation) based on the information you have given us when we segment our Serrn customer database to determine which offers that you may be interested in.
5.2.5.2. We rely on your consent to send direct SMS, postal and email marketing messages to you based on the consent we acquired from you when you signed up, as amended by you from time to time.
5.2.5.3. In other cases (for example, measuring the effectiveness of our marketing), we will rely on our legitimate interests as a business to communicate with you in an engaging and efficient way. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
5.2.5.4. For our promotional messages sent to you, you have the ability opt-out of such marketing using the relevant prompts on the marketing sent, or on our website. 6. Original and updated purposes for processing:
6.1. We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
7. International Transfer of personal information:
7.1. We may share your personal information within the Serrn group of companies and this may involve transferring and processing your data outside of South Africa.
7.2. Whenever we transfer your personal information out of the country, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
7.2.1. we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information.
7.2.2. where we use certain service providers, we may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe under the General Data Protection Regulation, 2017; or
7.2.3. where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between Europe and the US.
8. How we treat your personal information:
8.1. We will ensure that all of our employees, third party service providers, divisions and partners (including their employees and third-party service providers) having access to your personal information are bound by appropriate and legally binding confidentiality obligations and process your personal information at standards equal to or higher than Serrn’s in relation to your personal information.
8.2. We will:
8.2.1. treat your personal information as strictly confidential, save where we are entitled to share it as set out in this Policy.
8.2.2. take appropriate technical, security and organisational measures to ensure that your personal information is kept secure and is protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access.
8.2.3. provide you with reasonable access to your personal information to view and/or update personal details.
8.2.4. promptly notify you if we become aware of any unauthorised use, disclosure or processing of your personal information.
8.2.5. never sell your personally identifiable information to any third party without your prior, explicit, opt in and informed consent.
8.2.6. provide you with reasonable evidence of our compliance with our obligations under this Policy on reasonable notice and request; and
8.2.7. upon your request, promptly correct, transfer, return or destroy any and all of your personal information in our possession or control, save for that which we are legally obliged or entitled to retain (acknowledging that some Website and/or Service functionality might be lost if certain personal information is amended or destroyed).
8.3. We will not retain your personal information longer than the period for which it was originally needed, unless we are required by law to do so, or you consent to us retaining such information for a longer period. In some circumstances, other applicable national laws require us to retain your data beyond your request for its deletion, or beyond your direct engagement with Niemann & Swart. As such, we may retain your personal information in adherence with compulsory instructions from other applicable national laws, notwithstanding your application to have it deleted or amended.
8.4. Whilst we will do all things reasonably necessary to protect your rights of privacy, we cannot guarantee or accept any liability whatsoever for unauthorised or unlawful disclosures of your personal information, whilst in our possession, made by third parties who are not subject to our control, unless such disclosure is because of our gross negligence or fraud.
8.5. If you disclose your personal information to a third party, such as an entity which operates a website linked to the Website or anyone other than Serrn, Serrn shall not be liable for any loss or damage, howsoever arising, suffered by you as a result of the disclosure of such information to the third party, including another user. This is because we do not regulate or control how that third party uses your personal information. You should always ensure that you read the privacy policy of any third party.
9. Cookies provision:
9.1. The Website may make use of “cookies” to automatically collect information and data through the standard operation of the Internet servers. “Cookies” are small text files a website can use (and which we may use) to recognise repeat users, facilitate the user’s on-going access to and use of a website and allow a website to track usage behaviour and compile aggregate data that will allow the website operator to improve the functionality of the website and its content, and to display more focused advertising to a user by way of third party tools. The type of information collected by cookies is not used to personally identify you.
9.2. If you do not want information collected using cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature. Please note that cookies may be necessary to provide you with certain features available on our website, and thus if you disable the cookies on your browser you may not be able to use those features, and your access to our Website will therefore be limited. If you do not disable “cookies”, you are deemed to consent to our use of any personal information collected using those cookies, subject to the provisions of this Policy and the Website’s other policies.
10. Safety and Security of your Personal Information:
10.1. Serrn uses some of the most advanced security measures to protect the personal information under our control. All personal information is safe, secure, and available only to the relevant user and those to whom the user has granted permissions, and on the conditions herein.
10.2. In addition, the Website is hosted in a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders.
11. User rights and obligations:
11.1. The user is entitled to request access to any relevant personal information held by Serrn and where such access is necessary for you to exercise and/or protect any of the user’s rights. For any personal information held by any third-party responsible party, the user must approach that responsible party for the realisation of the user’s personal information rights with them, and not with Niemann & Swart.
11.2. Under POPI, you have rights in relation to your personal information. Please contact us to find out more about, or manifest, these rights:
11.2.1. have your data processed in a fair, lawful and transparent way.
11.2.2. be informed about how your personal information is being used, an example being this privacy policy.
11.2.3. access personal information we hold about you.
11.2.4. require us to correct any mistakes in your personal information.
11.2.5. require us to delete personal information concerning you in certain situations where there is no good reason for us to continue to process it.
11.2.6. request that we transfer your personal information to you or another service provider in a simple, structured format.
11.2.7. object at any time to processing of your personal information for direct marketing purposes.
11.2.8. object to automated decision making which produces legal effects concerning you or similarly significantly affects you.
11.2.9. object in certain other situations to our continued processing of your personal information; and/or
11.2.10. otherwise restrict or temporarily stop our processing of your personal information in certain circumstances.
11.3. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
11.4. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
11.5. We try to respond to all legitimate requests within one week. Occasionally it may take us longer than a week if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
11.6. Users with citizenships from jurisdictions other than of South Africa, please note that Serrncomplies with all South African data protection laws when processing your personal information pursuant to the Services. Should foreign law be applicable in any regard to your use of the Services and/or the Website in any way, including how we may process your personal information, please contact Serrn at info@serrn.com who will gladly engage you on its application and your rights.
11.7. Users acknowledge that any content provided by users on the Website, including via a messaging system, enters an open, public forum, and is not confidential, where the author of which will be liable for that content, and not Serrn.
11.8. Users understand that there are risks involved in sharing personal information. By disclosing personal information such as the user’s name and email address, users acknowledge and understand that this information may be collected and used by a third party to communicate with you.
11.9. By accepting this Policy, you have opted-in to receive emails from Serrn, where your email address will be used to contact you from time to time and may also use it for security reasons to confirm your identity.
11.10. You have the right to opt-out of receiving email communication by following the directions posted on every email communication or by emailing info@serrn.com and asking to not be contacted from then on.
12. Serrn’s rights relating to personal information:
12.1. Serrn will disclose the user’s personally identifiable information if it reasonably believes that it is required to do so by law, regulation or other government authority or to protect the rights and property of Niemann & Swart, its affiliates or the public. Serrnmay also co-operate with law enforcement in any official investigation and may disclose the user’s personally identifiable information to the relevant agency or authority in doing so.
12.2. Circumstances may arise where, whether for strategic or other business reasons, Serrn decides to sell, buy, merge or otherwise reorganize its business. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is Serrn’s practice to seek reasonable protection for information in these types of transactions and notify you prior to any disclosure of personal information. Such disclosure will also be subject to this Policy.
12.3. Serrn strives to keep the user’s personal information accurately recorded. Serrn provides a user with the reasonable ability to review and correct it or ask for anonymization, blockage, transfer or deletion, as applicable. Please contact info@serrn.com to engage Serrn on such actions or requests.
12.4. We also collect, use and share aggregated data or de-identified data such as statistical or demographic data for any purpose. Such de-identified or aggregated data may be derived from your personal information but is not considered personal information in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific Website feature. However, if we combine or connect aggregated data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this Privacy Policy.
12.5. Users understand and agree that any unauthorised use of Serrn information systems is a violation of the Serrn General Terms and certain laws, including Section 86 of the Electronic Communications and Transactions Act, 2002. Such violations may subject the person to civil and criminal penalties.
12.6. Serrn may intercept, monitor, block, filter, read, delete, and disclose any communication over its private information system.