1. The provisions of this Addendum are to be read with the Agreement. Where provisions in this Addendum conflict with those in the Agreement, the provisions of this Addendum take precedence, unless agreed otherwise between the Parties.
2. Data Protection
1. This addendum will be applicable to all personal information as defined in the Protection of Personal Information Act, 4 of 2013 (“POPI”).
2. By either Party submitting any personal information to the other, the disclosing Party unconditionally and voluntarily, consents to the processing of the submitted personal information for any and all purposes related to this agreement.
3. The Parties agrees and consent that its personal information may be processed by, or on behalf of either of the Parties for the purposes set out in the Agreement.
4. The Parties shall at all times comply with its obligations and procure that each of its Affiliates comply with their obligations under POPI.
5. The Parties shall ensure that any personal information that is processed by it in the course of performing its obligations under the Agreement is done in accordance with POPI.
6. Each Party shall not process, disclose or use personal information except:
1. to the extent necessary for the provision of Services and/or Products under the Agreement; or
2. to fulfil their own obligations under the Agreement; or
3. as otherwise expressly authorised by the other Party in writing.
7. Each Party shall not disclose any personal information to any Third Party without the other Party’s prior written consent in each instance, other than to the extent required by any Regulator or Law.
8. In the event the other Party providing such consent necessary for the disclosure of personal information to a Third Party, each Party shall:
1. make such disclosure in compliance with POPI; and
2. enter into a written agreement with the applicable Third-Party recipient of such personal information that requires such Third Party to safeguard the personal information in a manner no less restrictive than each Party’s obligations under these terms.
9. The Parties shall implement and maintain an effective security safeguards that includes, but is not limited to administrative, technical, and physical safeguards, and appropriate technical and organisational measures, in each case, adequate to insure the security and confidentiality of personal information, and to protect against any anticipated risks to the security or integrity of personal information, protect against unauthorized access to or use of personal information, protect personal information against unlawful processing or processing otherwise than in accordance with this agreement, and protect against accidental loss, destruction, damage, alteration or disclosure of personal information.
10. Without limiting the foregoing, such safeguards and measures shall be appropriate to protect against the harm that may result from unauthorised or unlawful processing, use or disclosure, or accidental loss, destruction or damage to or of Personal Information and the nature of the personal information, and shall maintain all safeguard measures as is required by POPI.
11. Each Party shall not use, process, store, transfer or permit access to any personal information across the borders of South Africa, without the written consent of the other Party.
12. In the event of any actual, suspected or alleged security breach, including, but not limited to, loss, damage, destruction, theft, unauthorized use, access to or disclosure of any personal information, each Party shall:
1. notify the other Party as soon as practicable after becoming aware of such event;
2. provide the other Party will all information regarding the breach in the Party’s knowledge and possession to allow the Party to ascertain what has occurred and which personal information has been affected;
3. promptly take whatever action is necessary, at each Party’s own expense, to minimise the impact of such event and prevent such event from recurring.
Copyright AWT Solutions (Pty) Ltd