20% OFF STORE WIDE | FREE SHIPPING FOR ORDERS OVER R599

FAQS

CONTACT US

Facebook Instagram Tiktok

LOGIN / REGISTER

Privacy Policy

 

BACKGROUND

The Protection of Personal Information Act (hereafter referred to as ‘POPIA’) was signed into law on 19 November 2013 and came into effect on 01 July 2021.

The Protection of Personal Information Act 4 of 2013 aims:

  • To promote the protection of personal information processed by public and private bodies;
  • To introduce certain conditions so as to establish minimum requirements for the processing of personal information;
  • To provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000;
  • To provide of the issuing of codes of conduct;
  • To provide for the rights of persons regarding unsolicited electronic communications and automated decision making;
  • To regulate the flow of personal information across the borders of the Republic; and
  • To provide for matters connected therewith.

 

PRINCIPLES

Crystal Cove Healing (Pty) Ltd has implemented the following approach concerning Personal Information:

  • To only process personal information when the 8 conditions of POPIA are present;
  • To be transparent in its standard operating procedures that govern the collection and processing of Personal Information;
  • To comply with all applicable legal and regulatory requirements regarding the processing of Personal Information;
  • To process Personal Information in a manner compatible with the purpose for which they were collected;
  • To strive to keep Personal Information accurate, complete and up-to-date and reliable for their intended use;
  • To develop reliable, safe and sustainable means of protecting the Personal Information of individuals whether physically or digitally so as to prevent leakage, loss, alteration or misuse of said information;
  • When consigning to outside entities for the protection of said information, Crystal Cove Healing will only select those with the ability to safeguard and manage said information;
  • This policy will be made known to Crystal Cove Healing employees, prospective employees and clients;
  • Crystal Cove Healing will continue to improve this policy and all other systems for the protection of Personal Information so as to adapt to a changing environment or according to legal needs.

 

PERSONAL INFORMATION COLLECTED BY CRYSTAL COVE HEALING (PTY) LTD

Personal Information is defined by POPIA as information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:

  • Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
  • Information relating to the education or the medical, financial, criminal or employment history of a person;
  • Any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
  • The fingerprints or other biometric information of the person;
  • The personal opinions, views or preferences of the person;
  • Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the content of the original correspondence;
  • The views or opinions of another individual about the person; and
  • The name of the person if it appears with other Personal Information relating to the person or if the disclosure of the name itself would reveal information about the person.

 

Depending on the type of business Crystal Cove Healing conducts with you or the relationship you have with Crystal Cove Healing, the company may process any of the types of Personal Information as defined above, although it will only be processed in so far as it is adequate, necessary, relevant and not excessive in relation to the purposes for which it is required.

 

PURPOSE FOR WHICH PERSONAL INFORMATION IS COLLECTED BY CRYSTAL COVE HEALING (PTY) LTD

Primarily, Crystal Cove Healing uses your Personal Information to conduct business activities in order to conclude a contract or transaction with you and to carry out the obligations in terms of that contract or transaction.

The purpose for which Crystal Cove Healing uses your Personal Information is ultimately dependent on their relationship with you and will include amongst others:

Clients/Customers
  • Identify you and conduct appropriate checks, audits and procedures;
  • Delivery of goods purchased;
  • Marketing and promotions (including contacting you for such purposes);
  • Administer and manage the services they offer to you;
  • Address and resolve complaints
  • Provision of access to Crystal Cove Healing’s premises
  • Get a full understanding of you, your needs and how you interact with them in order for them to engage in product and service research, development and business strategy including managing the delivery of their services via the ways they communicate with you.

 

Service Providers

  • Identify the company and conduct appropriate checks, audits, due diligence and procedures;
  • Payment for the goods and/or services acquired and used;
  • Communication on relation to the goods and/or services supplied;
  • Review, compare and evaluate the goods and/or services supplied;
  • Record keeping in accordance with the applicable legislation;
  • Performance of the other parties respective obligations under the applicable agreement for the supply of the goods and/or services.
 
Employees or prospective employees
  • Identify you and conduct appropriate checks, audits and procedures;
  • Payment of employment benefits and related deductions;
  • Record keeping and reporting in accordance with the applicable legislation;
  • Contacting purposes;
  • Provision of access to their premises;
  • Review and evaluate your work experience and qualifications; and
  • Recruitment purposes.

 

Further to the above, Crystal Cove Healing may use your Personal Information to:

  • Pursue their legitimate interests such as to compile reports and statistical analysis;
  • Comply with requests for information from any internal or external auditor, or any regulatory body;
  • Provide you with information about their products (see Marketing section below);
  • Meet legal and regulatory requirements to which they may be subject;
  • Use in connection with legal proceedings; and
  • Assist with any criminal or similar investigation where the law requires it.

 

Crystal Cove Healing may share your information with the following third parties:

  • Those required in order to meet Crystal Cove Healing’s transactional or contractual obligations to you;
  • Crystal Cove Healing’s external auditors;
  • Regulators, governments and law enforcement authorities.

 

Where Crystal Cove Healing shares your personal information with the above third parties, the latter will be obliged to use that personal information for the reasons and purposes it was disclosed for. To this end, they have agreements in place with third parties to ensure this.

Your personal information may also for cloud storage purposes or through the use of their website, be transferred or processed outside of the Republic of South Africa. Any disclosures of your personal information to third parties outside South Africa are done in line with the requirements set out in Section 72 of POPIA.

Unless you have consented, Crystal Cove Healing will not sell, exchange, transfer or otherwise make available any personal information about you to any other parties and you indemnify Crystal Cove Healing from any unintentional disclosure of such information to unauthorized persons.

You may refuse to provide Crystal Cove Healing with your personal information in which case it is likely that they will not be able to meet our obligations to you or would have to terminate our relationship.

In all other situations, Crystal Cove Healing will not disclose your personal information without notifying you and enabling you to object.

 

HOW CRYSTAL COVE HEALING COLLECTS PERSONAL INFORMATION

  • Directly from you: the company collects most personal information directly from you through consultations, meetings and applications for employment positions. Crystal Cove Healing is required to verify the identity of their clients therefore they will ask you to provide them with various personal information.
  • From third parties: occasionally Crystal Cove Healing will collect or process personal information obtained from third party sources or in the public domain, such as credit and fraud checks. They will inform you prior to conducting credit and fraud checks.

 

MARKETING:

If you are a current client, Crystal Cove Healing may contact you from time to time to inform you of services that they provide. Crystal Cove Healing may also provide you with material with appropriate content as a value-add client service. Crystal Cove Healing may invite you to events that they hold and send you updates on current legal developments. You may object to the above at any point and Crystal Cove Healing will stop contacting you with regards to marketing with immediate effect.

 

RETENTION PERIOD OF PERSONAL INFORMATION:

In accordance with POPIA, Crystal Cove Healing will keep your personal information on record for as long as:

  • It is legally obliged to do so;
  • A contract or agreement with you requires us to keep it;
  • You have consented to them keeping it;
  • They reasonably require it to achieve the purpose set out in terms of the transaction or contract with you;
  • They require it for legitimate business purposes; or
  • There is ongoing litigation, investigation, tax or other regulatory query relating to the personal information.

 

YOUR RIGHTS AS A DATA SUBJECT

As a data subject you have a legal right in terms of POPIA to:

  • Request access to your Personal Information that Crystal Cove Healing holds;
  • Request correct and/or deletion of your Personal Information they hold;
  • Request the restriction of or object to the processing of your Personal Information they hold;
  • Withdraw your consent to the processing of your Personal Information;
  • Withdraw your consent to receiving marketing messages from Crystal Cove Healing; and
  • Complain to the Information Regulator as set out below.

 

Important to note with regards to your rights is the following:

  • Crystal Cove Healing will require adequate proof of identification from you prior to responding to you (which they will do within a reasonable time);
  • Crystal Cove Healing will correct or delete information unless they are required or entitled to keep such information under applicable laws, in which case they will inform you.
  • If Crystal Cove Healing believes information does not require correction, they will provide you with credible reasoning for such.

 

COOKIES

Crystal Cove Healing’s websites make use of “cookies” to automatically collect information and data through the standard operation of the Internet servers. “Cookies” are small text files a website can use (and which they may use) to recognise repeat users, facilitate the user’s on-going access to and use of a website and allow a website to track usage behaviour and compile aggregate data that will allow the website operator to improve the functionality of the website and its content, and to display more focused advertising to a user by way of third party tools. The type of information collected by cookies is not used to personally identify you. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature.

Please note that cookies may be necessary to provide you with certain features on their website, and thus if you disable the cookies on your browser you may not be able to use those features and your access to their website will therefore be limited.

 

SECURITY BREACHES

Crystal Cove Healing has implemented appropriate technical and structural

security measures to protect Personal Information that is in its’ possession against accidental or illegal damage, loss, modification, unauthorised disclosure, or unauthorised access, in accordance with applicable laws. Despite these measures, you acknowledge that Personal Information may be accessed by an unauthorised third party.

In the event of a data breach leading to the accidental or illegal damage, loss, modification, unauthorised disclosure or any unauthorised access to any personal information that has been transmitted, stored or otherwise processed by Crystal Cove Healing, the company has the relevant instruments and policies in place in order to cater for and assess the details relating to any such data breach in a prompt and efficient manner.

Once an employee becomes aware of a breach, they will inform the Information Officer of Crystal Cove Healing. The breach will be reviewed, and the severity will be determined in order to ascertain the correct action to be taken.

Once the incident has been dealt with, it will be evaluated on how said incident could have been avoided and all employees will be made aware of this in order to continue to better ourselves.

Crystal Cove Healing will notify you of any data breach as soon as possible in accordance with POPIA.

When Crystal Cove Healing contracts with third parties, they conclude agreements with them in terms of which they impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information is kept secure.

Whilst Crystal Cove Healing will do all things reasonably necessary to protect your rights of privacy, the company cannot guarantee or accept any liability whatsoever for unauthorized or unlawful disclosures of your personal information, whilst in their possession, made by third parties who are not subject to their control, unless such disclosure is as a result of their gross negligence.

If you disclose your personal information to a third party, such as an entity that operates a website linked to Crystal Cove Healing’s website or anyone other than Crystal Cove Healing, the company shall not be liable for any loss or damage, howsoever arising, suffered by you as a result of the disclosure of such information to the third party. This is due to the fact that the company does not regulate or control how that third party uses your personal information. You should always ensure that you read the privacy policy of any third party.

 

ACCESS TO AND CORRECTION OF PERSONAL INFORMATION

You may access and correct, if necessary, your personal information that Crystal Cove Healing are holding by emailing their Information Officer:

Information Officer:

Name – Pascal Alexander

Email address – alexander.pascal55@gmail.com

 

THE INFORMATION REGULATOR

Should you wish to lodge a complaint with the Information Regulator related to this Privacy Policy, you may do so in the prescribed manner and form.

 

The address of the Information Regulator is as follows:

The Information Regulator (South Africa)

33 Hoofd Street

Forum 111, 3rd Floor Braampark

PO Box 31533

Braamfontein, Johannesburg, 2017

Complaints email: complaints.lR@justice.gov.za

General enquiries email: inforeg@justice.gov.za

Facebook Tiktok Instagram