Privacy Policy

Sunstone Logistic Systems (Pty) Ltd

  1. Who we are
  • Sunstone Logistic Systems (Pty) Ltd  (reg #: 2012/160/165/07),  understands that your personal information is important to you and we recognize the importance of maintaining your privacy.
  • We offer products and services in multiple countries in Africa.
  • This Privacy Policy describes how we handle your personal information in accordance with legislation. If a requirement of an applicable law conflicts with a section of this Privacy Policy, that legislative requirement will prevail.
  • The terms of this Privacy Policy form part of any Agreement between you and us. In case of any inconsistency between any Agreement and this Privacy Policy, the Agreement prevails.
  • By using this website and our services, or by giving us your personal information, you acknowledge and consent to us collecting, using, storing, and disclosing your personal information in accordance with this Privacy Policy.
  1. The type of personal information we collect and hold
    • The kind of information we collect and hold about you will depend on the nature of your dealing with us
    • We may collect and hold information about you including:
      • contact information such as your name, address, phone number, email address, and birth date;
      • log-in information including your encrypted username and password;
      • payment and billing information including account or credit card information, billing and credit statements, and other payment-related information in connection with the purchase of our services;
      • records of correspondence; and
      • information collected from marketing campaigns, product research, surveys, and your interactions with us including via social media.
    • If you use the Digital Journey, Blue Track & Stock Master application/s (the App/s), or the Webportal, we may also collect and hold information about you including:
      • information relating to your skills development and learning experiences; and
      • class scheduling information. If you are a supplier, we may also collect and hold information about the nature of the goods and services supplied and quotes you have provided.
  • Location data. We collect during using our services, precise or approximate location data from drivers’ and client persons’ mobile devices when the Digital Journey app is running in the foreground (app open and on-screen) or background (app open but not on-screen).
  1. How we collect personal information
    • We collect personal information in a number of ways, including:
      • where you provide information directly to us, for example where you:
        • complete an order form or register to purchase any of our products or services;
        • set up an account to access the App or the Webportal;
        • make an inquiry, provide feedback, or make a request;
        • interact with us whether in person, by email, phone, SMS, social media, or in some other form of communication;
        • respond to a survey or marketing communication;
        • provide or upload information or you otherwise interact directly with the Webportal or the App; and when using our services,
  • Digital Journey collects such data from the time a delivery order is requested until it is finished, and any time the app is running in the foreground (app open and on-screen). See “Your choices regarding the collection, disclosure, and distribution of personal information” below for information on how drivers and client persons can enable/disable precise location data collection.
  • Drivers and client persons may use the Digital Journey apps without enabling the collection of location data from their mobile devices. However, this may affect Check Point core features in the Digital Journey apps. For example, a driver who has not enabled precise location data will share his location with the customer, and the customer and depot will have no visibility about the delivery order statuses which is one of the core functionalities of the app.
  • In addition, precise location data collected from a driver’s device during delivery is linked to the driver’s account, even if the driver has not enabled precise location data to be collected from their device. This data is used for purposes such as receipt generation, customer support, fraud detection, and litigation.

 

    • from third parties, for example;
      • if you are applying for employment with us, where we obtain it from a recruitment agency, your referees, education institutions, and government agencies;
      • our service providers or your school; and
      • from publicly available
  • We do not generally collect sensitive information about individuals. Where we collect, use, and disclose sensitive information about you, we will only do so where we have obtained your consent or the collection, use, or disclosure is permitted by law.
  • In the course of providing our goods and services, we may indirectly collect personal information about you. We may combine or link this personal information with our own records of your personal information.
  • If you provide any personal information about another person, please tell them about this Privacy Policy so they are aware that you have provided their personal information to us and how we will handle that information. You also warrant that you have obtained their consent to provide us with the personal information and for us to use it in accordance with this Privacy Policy.
  1. How we use personal information
  2. Acting anonymously
  • Where possible, we will allow you to interact with us through the website anonymously or using a pseudonym. However, if you do not wish to provide particular information, or the information you provide is incorrect or inaccurate we may not be able to:
    • provide you with our products or services;
    • provide you with access to protected areas of our Webportal or App;
    • consider your application for employment with us; or
    • respond to your inquiry or request.
  1. Personal and Sensitive Information

Personal and sensitive user data includes but isn’t limited to, personally identifiable information, financial and payment information, authentication information, phonebook, contacts, device location, SMS and call-related data, inventory of other apps on the device, microphone, camera, and other sensitive device or usage data. If your app handles sensitive user data, then you must:

  • Limit your access, collection, use, and sharing of personal or sensitive data acquired through the app to purposes directly related to providing and improving the features of the app (e.g., user-anticipated functionality that is documented and promoted in the app’s description in the Play Store). Apps that extend the usage of this data for serving advertising must be in compliance with our Ads Policy.
  • Post a privacy policy in both the designated field in the Play Console and within the app itself. The privacy policy must, together with any in-app disclosures, comprehensively disclose how your app accesses, collects, uses, and shares user data. Your privacy policy must disclose the types of personal and sensitive data your app accesses, collects, uses, and shares; and any parties with which any personal or sensitive user data is shared.
  • Handle all personal or sensitive user data securely, including transmitting it using modern cryptography (for example, over HTTPS).
  • Use a runtime permissions request whenever available, prior to accessing data gated by Android permissions. 
  • Not sell personal or sensitive user data
  1. Personal information and children
  • As part of the services we provide to schools, our products and services may be used and accessed by children under 18 years of age.
  • In the interests of ensuring the maximum level of privacy protection for children, we will not knowingly collect, use or disclose personal information about a child, without obtaining the prior written consent of a parent or guardian.
  • This consent will be obtained by us directly or by the school prior to setting up the child’s login details and account. We believe that this Privacy Policy affords adequate protection of privacy for children once this consent has been granted.
  • We will not send any direct marketing communications to any child under 18 years of age.
  1. Cookies and online tracking
  • On our website, we do not currently use or enable:
    • any other third-party behaviour, However, we may do so in the future.
  • If we decide to use or enable cookies or online tracking in the future, we will honour any “Do Not Track” browser mechanisms you have put in place.
  1. Purpose of collection, use, and disclosure
  • We collect, hold, use, and disclose personal information for the primary purpose of conducting our business, which includes but is not limited to:
    • providing you with our products and services including associated processing;
    • providing assistance and customer support;
    • providing account maintenance including resetting the password on your account;
    • following up on your correspondence and providing additional information as requested by you;
    • providing additional information related to your use of our products or services;
    • administering and managing our relationship with you including setting up the software at the participating school and providing access to the App or the Webportal;
    • responding to an inquiry or request;
    • resolving disputes or addressing complaints;
    • operating our website, the Webportal, and the App;
    • in the case of applications for employment, assessing your application for employment with us;
    • identifying, and informing you of, offers, events, products, and services that may be of interest to you (where you have not opted out of receiving direct marketing).
    • fulfilling obligations to, and cooperating with, government authorities;
    • protecting our property, rights, and security, and the rights, property, and security of third parties or the public in general;
    • disclosing business-related data and information (including personal information) to potential buyers or other successors in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, insolvency, liquidation, or similar proceedings; and
    • internal purposes such as administrative, marketing, planning, procedural assessments, risk management, product and service development, quality control, staff training, research, accounting, and billing purposes.
  • We may collect, hold, use, and disclose your personal information for other purposes which are within reasonable expectations or where permitted or required by law.
  1. Your choices regarding the collection, disclosure, and distribution of personal information
  •  
    • Except as otherwise described in this Privacy Policy, we will only use personal information for the purposes described above or as otherwise disclosed at the time we request the information from you.
    • You must provide your consent for us to use your personal information for any other purpose.
    • You will be notified when personal information is being collected by third parties on our website. We do this so you can make an informed choice as to whether you should disclose information to a third party.
    • If you post your personal information in a publicly accessible place, for example commenting on our social media page, your personal information will be publicly available, and we will not be responsible for the protection of the information you chose to publish in this way.
  • Drivers and client persons can enable/disable Digital Journey to collect location data from their mobile devices through their device settings, which can be accessed via the Settings > Privacy > Location menu. However, disabling will affect the app’s core features.
  1. Who we disclose your personal information to
  • We sometimes employ other companies and individuals to perform services for us. We may share your personal information with, or receive information from these parties, who have agreed to hold this information in confidence, not use it for any purpose except to carry out the requested service, and honor our privacy and security policies in the way this information is handled.
  • In particular, we may disclose your personal information:
    • to third-party suppliers, contractors, and agents in order to provide our services to you, or to assist our functions or activities including:
      • technology providers;
      • mailing houses;
      • electronic network administrators;
      • debt collection agencies;
      • lawyers, accountants, and business advisors;
      • credit card processing companies; and
      • in the case of employees, to third parties that manage our payroll system and employee records;
    • where you otherwise provide your consent, whether express or implied; or
    • where required by law
  • We take reasonable steps to ensure that, before disclosing personal information to any third party, they comply with the requirements of the GDPR and the Privacy Act, or a law or binding scheme which has the effect of protecting information in a substantially similar way to the provisions of the GDPR and the Privacy Act and any other applicable law.
  1. Storage and security of personal information
  • We keep personal information as long as it is reasonably necessary for the purposes described in this Privacy Policy or otherwise in compliance with the law or our service providers’ data retention policies.
  • If any personal information that we hold is no longer required for the purpose for which it was collected and no applicable law requires us to retain that information, we will take reasonable steps to de-identify or destroy the information.
  • We take your privacy and security seriously. For this reason, we will take reasonable steps to ensure that the information is secure and may only be accessed by authorized persons.
  • Where we store your personal information electronically in our database, we use secure servers and there are restrictions as to who has access to that information through password protection.
  • Any credit card or account information which we hold is encrypted and accessed via a secure gateway.
  • We regularly assess the risk of misuse, interference, loss, and unauthorized access, modification, or disclosure of personal information, and take measures to address those risks including scanning regularly for malware and other malicious programs. We are committed to handling any suspected or actual data breach expeditiously and will notify the individual(s) affected, or likely to be affected, as well as the relevant privacy authority in accordance with applicable privacy laws.
  • In the unlikely event that we need to investigate or resolve problems or inquiries, we can (and you authorize us to do so) disclose any personal information about you to private entities, law enforcement, or other government officials as we, in our discretion or as may be required under law, believe necessary or appropriate. In these cases, we will notify you in writing.
  • Although we take reasonable steps, we are not responsible for third-party circumvention of security measures on our electronic databases or at any of our premises. We are also not responsible for unlawful access or interception by a third party of any transmissions or private communications.
  • Accordingly, while we strive to protect your personal information, we cannot ensure or warrant, and do not warrant, the security, privacy, or confidentiality of any information, including personal information that you transmit to us, and you do so at your own risk.
  • Further, we cannot guarantee that only authorized persons will access your personal information. Please notify us immediately if you believe there has been any unauthorized access to your information.
  • You are solely responsible for maintaining the security of your passwords and for any account information. Accordingly, please be careful and responsible with your personal information, whenever you are online.
  1. Access and correction
  • We will take reasonable steps to ensure the personal information we hold is complete, up-to-date, and accurate, so far as it is practicable for us to do so.
  • If you have access to the App or the Webportal, and wish to:
    • access and review your personal information, you can do so by using the export function in the App or Webportal;
    • correct your information, your school can put in a correction request on your behalf; or
    • Deactivate your account you can do so in the App or Webportal or your school can notify us of your intention to de-activate your account.
  • Otherwise, you may request access to the personal information we hold about you by contacting us using the details below. Before we provide you with access to your personal information we may require proof of identity.
  • We will provide you with access to any of the personal information we hold (except in limited circumstances recognized by law). We will respond to any request to access or correct your personal information within 30 days of receiving your request.
  • We may charge you a reasonable fee for giving you access to your personal information but we will not charge you for making the request itself. We will notify you in advance of the amount of any fee (or the basis for their calculation) for providing access to your information.
  • If you need to correct your personal information, please contact us using the contact details below. We will not charge you for making a correction request.
  • In the unlikely event that we disagree about the accuracy of the personal information provided and we are unable or unwilling to change it, we will, to the extent reasonable, provide you with a written response as to our reasons. You can make a complaint if you think we have wrongly refused to correct or give you access to your personal information by using the contact details in section 14.6 below.
  1. Questions and complaints
  • If you are not satisfied with how we have handled your personal information, please contact us using the contact information in section 14.6 below. We may ask you to provide further details about your complaint and we may discuss your complaint with our personnel, our service providers, and others as appropriate.
  • Our team will investigate the matter and attempt to resolve it within a reasonable amount of time.
  • Our contact details are:
  • Attention: Applications
  • 43B Edward Rubenstein Drive, Sandown, Johannesburg, South Africa;  [email protected]
  1. Changes to this Privacy Policy
  • We may change this Privacy Policy at any time but we will endeavour to ensure that your overall level of privacy protection is not diminished.
  • Please refer back to this Privacy Policy periodically to review any updates as you agree to be bound by any modified or amended versions of this Privacy Policy.
  • If we make material changes to this Privacy Policy we will notify you by publication on our website.
  • The revised version of the Privacy Policy will be effective at the time we post it, which time will be indicated below.

 

  1. Grounds for Processing
  • In accordance with the GDPR, we process personal information under the following legal grounds:
    • the processing of personal information is necessary for the performance of our contract with you for the provision of our goods and services.
    • the processing is necessary to comply with our legal obligations including disclosing personal information to relevant law enforcement agencies.
    • the processing is necessary for our legitimate interests. This will include processing for the purpose outlined in this Privacy Policy, for direct marketing purposes and to enforce our contract with you.
    • You have consented to the processing. You may revoke your consent at any time but if you revoke your consent it may limit the products and services that we are able to provide or that you may have access to.
  • We do not use automatic decision-making, such as profiling, to make decisions that may have a legal effect on you concerning your personal information.
  1. Transfers of Personal Data
  • Due to the nature of the products and services provided by us, the transfer of personal information to different countries is essential. We will comply with applicable laws when transferring your personal information to entities in different countries but data standards may be different to those of your country of residence. By using the products and services provided by us, you understand and consent to the cross-border transfer of your personal information.
  • In certain circumstances, the courts and regulatory authorities in other countries may be entitled to access your personal information.
  1. Complaints
  • If you are not satisfied with our resolution of your complaint lodged in accordance with section 14 above, and no other complaint resolution procedures are agreed upon or required by law, you can refer your complaint to the relevant supervisory authority for further investigation.

BY USING OUR SERVICES, YOU SIGNIFY YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU SHOULD NOT USE OUR SERVICES. YOUR CONTINUED USE OF OUR SERVICES FOLLOWING THE POSTING OF CHANGES TO THIS PRIVACY POLICY WILL MEAN THAT YOU ACCEPT THOSE CHANGES.

Last updated: 07/08/2024