This is an extensive Guidance Note, covering some 75 pages.
The document discusses understanding Risk and the recommended steps to follow in order to achieve a risk based compliance state.
Although much of the document is general risk management theory, the document is intended specifically for accountable institutions in South Africa and deals with Money Laundering and Terrorist Financing. Interestingly geographic location features as a contributing risk factor.
The good news is that our documentation currently meet the requirements of this Guidance Note.
Workshops will follow, dealing with the practical implications of this Guidance Note, and FIC enforcement posture.
We are a data company. Since data is core to the Services that we offer, we aim to be as transparent as possible about how and why we store your data.
Your privacy is important to us. This privacy statement explains the personal data Be Compliant processes, how Be Compliant processes it, and for what purposes.
Be Compliant offers a wide range of products, including server products used to help operate enterprises worldwide. References to Be Compliant products in this statement include Be Compliant services, websites, apps, software, servers, and devices.
Please read the product-specific details in this privacy statement, which provide additional relevant information. This statement applies to the interactions Be Compliant has with you and the Be Compliant products listed below, as well as other Be Compliant products that display this statement.
Personal data we collect
Be Compliant collects data from you, through our interactions with you and through our products. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with our products. The data we collect depends on the context of your interactions with Be Compliant and the choices you make, including your privacy settings and the products and features you use. We also obtain data about you from Be Compliant affiliates, subsidiaries, and third parties.
You have choices when it comes to the technology you use and the data you share. When we ask you to provide personal data, you can decline. Many of our products require some personal data to provide you with a service. If you choose not to provide data -required to provide you with a product or feature, you cannot use that product or feature. Likewise, where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract; or if this relates to an existing product you are using, we may have to suspend or cancel it. We will notify you if this is the case at the time. Where providing the data is optional, and you choose not to share personal data, features such as personalisation that use such data will not work for you.
How we use personal data
Be Compliant uses the data we collect to provide you with rich, interactive experiences. In particular, we use data to:
Provide our products, which includes updating, securing, and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request.
Improve and develop our products.
Personalise our products and make recommendations.
Advertise and market to you, which includes sending promotional communications, targeting advertising, and presenting you with relevant offers.
We also use the data to operate our business, which includes analysing our performance, meeting our legal obligations, developing our workforce and doing research.
In carrying out these purposes, we combine data we collect from different contexts (for example, from your use of two Be Compliant products) or obtain from third parties to give you a more seamless, consistent and personalised experience, to make informed business decisions, and for other legitimate purposes.
Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. Our automated methods often are related to and supported by our manual methods. For example, to build, train, and improve the accuracy of our automated methods of processing (including artificial intelligence or AI), we manually review some of the output produced by the automated methods against the underlying data.
As part of our efforts to improve and develop our products, we may use your data to develop and train our AI models. Learn more here. Specifically, we may use AI to process information found on the internet to extract relevant electronic footprint data.
Reasons we share personal data
As a rule we do nor share your personal data without your consent. We do share data with Be Compliant-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our products; and to protect the rights and property of Be Compliant and its customers.
We do not mine your data and we do not offer your data for sale.
Cookies and similar technologies
Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies and similar technologies for storing and honouring your preferences and settings, enabling you to sign-in, providing interest-based advertising, combating fraud, analysing how our products perform and fulfilling other legitimate purposes.
Our Be Compliant Online Software (BCOS) uses run-time cookies to ensure a stable user experience. This cookie is dropped at the end of every session and no persistent data is stored. If you feel uncomfortable with this cookie, please do not use our software.
We do not use, nor permit Third Party cookies to deploy through our products.
Products provided by your organisation – notice to end users
If you use a Be Compliant product with an account provided by an organisation you are affiliated with, such as your work or school account, that organisation can:
Control and administer your Be Compliant product and product account, including controlling privacy-related settings of the product or product account.
Access and process your data, including the interaction data, diagnostic data, and the contents of your communications and files associated with your Be Compliant product and product accounts.
If you lose access to your work or school account (in event of change of employment, for example), you may lose access to products and the content associated with those products, including those you acquired on your own behalf, if you used your work or school account to sign in to such products.
Many Be Compliant products are intended for use by organisations, such as law firms, estate agents, accountants and other businesses. If your organisation provides you with access to Be Compliant products, your use of the Be Compliant products is subject to your organisation’s policies, if any. You should direct your privacy enquiries, including any requests to exercise your data protection rights, to your organisation’s ITC administrator or Information Officer. When you use social features in Be Compliant products, other users in your network may see some of your activity. To learn more about the social features and other functionality, please review documentation or help content specific to the Be Compliant product. Be Compliant is not responsible for the privacy or security practices of our customers, which may differ from those set forth in this privacy statement.
When you use a Be Compliant product provided by your organisation, Be Compliant’s processing of your personal data in connection with that product is governed by a contract between Be Compliant and your organisation. Be Compliant processes your personal data to provide the product to your organisation and you. As mentioned above, if you have questions about Be Compliant’s processing of your personal data in connection with providing products to your organisation, please contact your organisation. If you have questions about Be Compliant’s business operations in connection with providing products to your organisation as provided in the Terms & Conditions portion of the Service Leval Agreement
Be Compliant account
With a Be Compliant account, you can sign in to Be Compliant products. Personal data associated with your Be Compliant account includes credentials, name and contact data, payment data, device and usage data, your contacts, information about your activities, and your interests and favourites. Signing in to your Be Compliant account enables personalisation and consistent experiences across products and devices, permits you to use cloud data storage, allows you to make payments using payment instruments stored in your Be Compliant account and enables other features.
Other important privacy information
Below you will find additional privacy information, such as how we secure your data, where we process your data, and how long we retain your data. You can find more information on Be Compliant and our commitment to protecting your privacy at Be Compliant Privacy.
When a customer engages with Be Compliant for professional services, we collect the name and contact data of the customer’s designated point of contact and use information provided by the customer to perform the services that the customer has requested.
When a customer engages with a Be Compliant sales representative, we collect the customer’s name and contact data, along with information about the customer’s organisation, to support that engagement.
When a customer interacts with a Be Compliant support professional, we collect device and usage data or error reports to diagnose and resolve problems.
When a customer pays for products, we collect contact and payment data to process the payment.
When Be Compliant sends communications to a customer, we use data to personalise the content of the communication.
