POPIA 3rd Party Indemnity & Waiver
The Parties hereto acknowledge that:
- The Company is a responsible party in terms of the Protection of Personal Information Act 4 of 2013 (“POPIA”);
- In terms of POPIA, the Company has a legal duty to process data subjects’ personal information in a lawful, legitimate and responsible manner;
- the Company, through its service providers and/or third parties, processes personal information which belongs to data subjects;
- failure on the part of the Company in ensuring compliance with POPIA may result in the Company incurring liability and/or damages and/or loss; and Consequently, the Parties agree to the terms recorded hereunder.
WAIVER AND INDEMNITY
For purposes of this agreement:
- “data subject” means the person to whom the personal information relates;
- “infringement and/or contravention” means disclosing personal information of data subjects, without the required consent, to unauthorised persons and/or non-compliance with the Protection of Personal Information Policy and/or POPIA;
- “responsible party” means the Company;
- “operator” means a person who processes personal information;
- “person” means a natural person or a juristic person;
- “personal information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable existing juristic person, including but not limited to:
a/ information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
b/ information relating to the education or medical, financial, criminal or employment history of the person;
c/ any identity number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
d/ the biometric information of the person;
e/ the personal opinions, views or preferences of the person; f/ correspondence sent by the person that is implicitly of a private or confidential nature or further correspondence that would reveal the content of the original correspondence;
g/ the views or opinion of another individual about the person;
h/ and the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
- “processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including- the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use; dissemination by means of transmission, distribution or making available in any other form; merging, linking, as well as restriction, degradation, erasure or destruction of information.
- The Service Provider and/or Third Party hereby agrees and accepts that in the event that it/he/she infringes and/or contravenes any provision of the Protection of Private Information Policy and/or POPIA, it/he/she and/or its/his/her dependants waive and shall not acquire any claim whatsoever against, and do hereby indemnify and hold harmless from any liability, the Company, its directors, employees, associates and all the other involved organisations, as well as employees, agents or other contractors of the above parties (hereinafter referred to as “the Indemnified Parties”).
- The waiver and indemnity set out in clause 2.2 above includes a waiver of, and indemnity against all and any claims that may arise against the Indemnified Parties as a result of such an infringement and/or contravention and is effective irrespective of whether such infringement and/or contravention has been caused directly or indirectly or wholly or partly by an act or omission, including negligence on part of the Service Provider and/or Third Party, and binds the Service Provider and/or Third Party’s heirs, executors and/or trustees (if applicable).
- Should the Company incur any loss and/or damage as a result of the Service Provider and/or Third Party’s infringement and/or contravention, as highlighted in 2.2 and 2.3 hereof, and should the Company as a result institute legal action against the Service Provider and/or Third Party to recover such loss and/or damage, the Service Provider and/or Third Party will be liable for any ensuing legal costs on an “attorney and client” scale.