Cookie Policy

We may place small text files on your device when you visit our website that allow us to provide you with a personalised experience by associating your personal information with your device. They let us remember your preferences, allow third parties to provide services to you, and otherwise serve useful purposes for you. Your internet browser generally accepts them automatically, but you can often change this setting or delete them manually by amending your browser settings. However, we won’t be able to provide you with access to certain aspects of our website where cookies are necessary, if you do so, we have no access to or control over any cookies that our business partners use on our website and they have their own privacy polices that govern them.

Protection of Personal Information Act of 2013 (“POPI”)

We are committed to protecting your privacy. Whenever you use our website, complete an application form or contact us electronically, you consent to our processing of your personal information in accordance with the requirements of POPI. In the event that you wish to revoke your consent, please send an email to [email protected]. 

External Privacy Policy
 

1. WHO ARE WE AND WHAT DO WE DO? 

1. Ziwani Community Non-Profit Company (registration number 2024/134328/08) (“Ziwani“, “we“, “us” or “our“) is an impact initiative with the vision to mobilise, equip and connect Christian business leaders on the African continent to positively impact their communities. 
2. We do this by hosting conferences, seminars, gatherings, and other forms of virtual and in-person events connecting business leaders in Africa (“Events“) to capture and otherwise collect knowledge, stories and resources in order to update our database of knowledge (“Database“). Ziwani then uses the Database in order to create content, resources and course material (“Content“), which our customers (“Customers“) can subscribe to and access on our website platform, Ziwani.com (“Platform“).  

 
2. WHAT IS OUR PRIVACY MISSION?

1. We are committed to respecting and protecting the privacy rights of all Customers, business partners and associates of this organization. Although we engage with business leaders, churches and ecosystem partners across Africa, as we are a company registered and operating in South Africa, we are a “responsible party” in terms of the provisions of the Protection of Personal Information Act of 2013 (“POPIA” or the “Act“). We are required to ensure that our processing of your personal information is in accordance with the Act. 

 
3. WHAT IS THE PURPOSE OF THIS POLICY?  
The purpose of this privacy policy (“Policy“) is to give an outline of our policy in respect of the processing of your personal information as a ‘data subject’ in terms of the Act. In this Policy we inform you why we require personal information about you, how we will collect that information, for what purposes we will store or use the information, how we will protect your personal information, and otherwise “process” your personal information. It also informs you about your rights. 
 
 4. DO I NEED TO READ ANY DOCUMENTS BESIDES FOR THIS POLICY? 

1. This Policy supplements any other notices of a similar nature that we may have provided you with during your onboarding, including any consent forms and our manual prepared in terms of the Promotion of Access to Information Act No 2 of 2000 (“PAIA“) (“PAIA Manual“). Please read this Policy in conjunction with all of these documents in order to have the full picture of how we process your personal information.
2. Any terms that we have highlighted but not defined, will have the meaning contained in POPIA. 

5. WHAT IS THE STRUCTURE OF THIS POLICY? 
This Policy is structured as a layered policy, with more detailed and further information relating to the processing of your personal information appearing in the annexures. 
 
6. WHO DOES THIS POLICY APPLY TO? 

1. This Policy applies to you, regardless of where you reside, if you - 
   1. are a Customer or have otherwise used the Platform to access our Content; 
   2. are contracted to provide services to us, either on a defined or ad-hoc basis; 
   3. attend or have indicated your interest in attending any of our Events; 
   4. have contributed to our Database in any way, including by providing any knowledge, stories or resources to Ziwani, or are in the process of doing so (“Content Contributor“); 
   5. are a member of the Ziwani Advisory Panel;
   6. have subscribed to our newsletters; or
   7. are otherwise a member of the Ziwani community in that you -
      1. are one of our X-Change facilitators or have indicated your interest in becoming one; or
      2. are a City or Church Champion. 
2. Any reference to “you” or “your” should be interpreted as referring to any of these categories of persons, adapted for the context in which the term appears, including where you are a corporation, trust, partnership, company, organization or other type of juristic person. 
3. This Policy does not apply to you if you are, or have previously been, an employee, agency worker, consultant, contractor or director of ours. If you are, please refer to our internal privacy statement, accessible here, which applies to our relationship with you. 

 
7. WHAT IS PERSONAL INFORMATION?  

1. “personal information” is defined in the Act and incudes any information which identifies you (tells someone who you are), from which you are identifiable (from which someone can work out who you are), or otherwise relates to you such as unique numerical identifiers like your computer’s IP address or your mobile device’s MAC address, as well as cookies.
2. Personal information can range from basic information about you like your name and contact details, to more sensitive information such as your financial and tax records. 
3. At Annexure A, we list some of the personal information we process about you. Download the full Privacy Policy with Annexures here. 
4. Keep in mind that, given the type of relationship we have with you, we may process a large amount of your personal information, which may also include various types of personal information. The personal information we may be required to process about you may not be specifically listed or mentioned in this notice. If you are concerned about what personal information we process about you, you can contact our Information Officer at the details at 20.4. 

 
8. DO WE PROCESS SPECIAL PERSONAL INFORMATION? 

1. Certain categories of your personal information are regarded as “special personal information” in terms of POPIA. Special personal information is of a sensitive nature, and we are required to treat it with particular care and ensure that we have a lawful basis to process such information.
2. We briefly discuss the categories of special personal information which we process.
3. Content Contributors 
   1. We may process your religious beliefs and views. This is related to Ziwani’s vision – to support African Christian business leaders in integrating their faith and work for redemptive business. We require our Content Contributors to share their religious views as part of their contribution to our Content. Accordingly, our processing of your religious beliefs, which is your special personal information, is necessary to achieve our aims and principles.
   2. We will obtain your consent before we transfer your personal information to any third parties. 
4. Other data subjects – We do not generally process the special personal information of our Customers, service providers or other Ziwani community members, however we may do so, where we are require to for the establishment, exercise, or defence of a right or obligation in law, for example, regarding the alleged commission of a criminal offence by you, any criminal proceedings against you. 

 
9. WHAT PERSONAL INFORMATION DO WE COLLECT FROM YOU AND HOW DO WE USE IT? 

1. We collect personal information when initially engaging with you and in the course of collecting and generating Content with you or, where you are a service provider, in the course of our business with you. As a consequence of which you are considered to be a data subject in terms of the Act.
2. The type of personal information we collect from you will differ based on your relationship with us and the purpose for which the personal information is shared with us or obtained by us.
3. As a general rule information is collected voluntarily and directly from you, or from an authorised representative of yours. In some cases, personal information may be collected from our associates, from the public domain or from other sources, provided that it is collected in a lawful manner and for lawful purposes as envisaged by the Act. The information may be collected manually or electronically, telephonically, via email, online portals or via other electronic platforms. 

 
10. WHY DO WE PROCESS YOUR PERSONAL INFORMATION? 

1. We will only process your personal information for a specific, lawful and clear purpose (a “lawful basis“, or, in relation to multiple “lawful bases“) which will generally be for purposes related to our vision.
2. Depending on the purpose for which your personal information is processed, the legal basis for the processing of your personal information may be: 
   1. To pursue our legitimate interest, or to protect your legitimate interest, which can be (i) for us to use your personal information to market to you, (ii) research your use of our Content and its impact on your business, (iii) improve the quality of our Database and Content.
   2. The performance of a contract that you are party to, more specifically, to perform our obligations in respect of any agreements entered into with our service providers. 
   3. Legal grounds, we may be required to process your personal information in order to comply with a legal obligation, for example, in order to process your PAIA requests for records. 
   4. We may rely on consent to use your personal information, although we typically rely on one of the other legal bases. We will always clearly ask you for consent in writing where we use it is a lawful basis. To the extent that you have consented to the processing of your personal information, where we have another lawful basis/bases to process your personal, including those set out in this document, that other lawful basis/bases will prevail, which means we will be able to continue processing your personal information.
3. We have listed the reasons why we process your personal information and the related lawful basis/bases at Annexure B. Download the full Privacy Policy with Annexures here.

 
11. DO YOU HAVE TO PROVIDE YOUR PERSONAL INFORMATION TO US?

1. Depending on our relationship with you, if you are not willing to provide us with your personal information, we may not be able to use your contribution to create our Content, provide you with a copy of our newsletter, enable your access to our Events or continue our relationship with you.
2. If you refuse to provide specific personal information to us, we may be required to terminate our relationship with you, refuse to provide you with further access to Events or limit your access to our Content and/or website. 

 
12. HOW AND WHERE IS YOUR PERSONAL INFORMATION STORED?

1. Your personal information is stored electronically, by our cloud service operator, on servers located in Germany. We may also keep physical records at our offices. 
2. As your personal information is stored outside of South Africa, Ziwani takes appropriate steps to ensure that there is an adequate level of data protection in the country of the recipient as required in terms of the Act. If the external party is unable to ensure an adequate level of data protection, we will inform you accordingly and your personal information will not be transferred to any such location without your consent. 
3. HOW DO WE ENSURE THAT YOUR INFORMATION REMAINS SECURE? We have administrative, technological and physical measures in place to ensure the maintenance of security surrounding the storage and disclosure of personal information, as required by the Act. Such measures are designed to protect your personal information against unauthorized loss, damage, modification, disclosure, or access. These include the use of cybersecurity solutions such as data loss prevention software as well as access control and security mechanisms for our offices, including the use of 24 hour security personnel and locked file storage.
4. Whenever any external party is appointed to operate our data storage systems on our behalf, we seek a written undertaking from such an external party, who is an “operator” in terms of POPIA, that the integrity and confidentiality of the personal information will be protected. 

13. WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH? 
It may be necessary, from time to time, for us to disclose your personal information to third parties for the following reasons: 

1. To carry out specific services and provide you with the resources you need.
2. To protect, defend or enforce our rights or interests, for example: legal representatives, auditors, accountants and other professional advisers. 
3. To comply with legal, regulatory or administrative obligations or requests, including from the Information Regulator, the South African Revenue Service, the South African Police Service, and the National Prosecuting Authority.
4. In relation to any potential acquisition, amalgamation or merger of our company. 
5. Where required to be provided to other support service providers necessary to assist us with any of the aforementioned activities.
6. We rely on trusted third parties to perform a range of business operations, to carry out your requests , and as required or permitted by law. We only provide them with the information they need to perform the service, and we require that they do not use your personal information for any other purpose.
7. FOR HOW LONG IS THE INFORMATION RETAINED? The personal information collected from you will only be kept for as long as it is reasonably necessary to serve the purpose for which it was collected, unless a longer period is required by law, or for the exercise or defence of legal claims. Usually, we retain your personal information for as long as we have a contract in place with you or for as long as you are a Content Contributor or a member of our Advisory Panel. 
8. We shall review the need to keep particular records from time to time. However, you may contact the Information Officer at any time if you would want any record of your personal information to be removed. 
9. When we no longer need to use your personal information or are no longer authorized or required by law to retain your personal information, it will be deleted from our systems and records or destroyed or de-identified so that you can no longer be identified from it.

14. DO WE TRANSFER YOUR PERSONAL INFORMATION OVERSEAS? 

1. Due to the nature of our operations and our vision to make an impact across the continent, your personal information may be processed by personnel operating outside South Africa who work for us, or one of our third party service providers who act on our behalf.
2. Where we transfer your personal information overseas, we will ensure suitable safeguards are in place to protect the confidentiality and integrity of your personal information. We will also ensure that the third party recipient of the personal information is subject to laws or an agreement with us which provides the same level of protection to personal information as POPIA does. You can obtain information and a copy of the policies outlining the security safeguards which apply to your personal information from the Information Officer indicated at 20.4. 

 
15. WHAT HAPPENS IF MY PERSONAL INFORMATION IS ACCESSED BY AN UNAUTHORIZED PERSON? 

1. If your personal information is accessed or acquired by an unauthorized person (i.e. a security compromise or data breach), we will notify you and the Information Regulator in accordance with our obligations in POPIA.
2. If you suspect that your personal information which we process may have been acquired or accessed by an unauthorized person, please contact our Information Officer immediately. 

 
16. WHAT ARE YOUR OBLIGATIONS REGARDING OTHER PERSON’S PERSONAL INFORMATION? 
In the event that we enter into a contractual relationship with you, you are required to treat other person’s personal information confidentially and securely in accordance with the law and our policies. If you are our contractor or service provider, please ensure you comply with all our policies which apply to you. 
 
17. DO WE CONDUCT DIRECT MARKETING? 

1. We may use your personal information to market our products and / or services to you. You will receive marketing communications from us if you have consented to receiving such communications, or if you have previously purchased Content, attended our Events or contributed to our Database, provided that you have not opted out of receiving such marketing.
2. When collecting information that might be used to market to you, we give you the opportunity to opt-out from receiving such communications. Moreover, each marketing communication we send you includes an unsubscribe link. If we contact you by telephone line with a human speaking to you, you are still permitted to refuse further marketing by indicating so over the phone. 
3. YOUR RIGHTS AND OBLIGATIONS UNDER THE POPIA. You have the rights afforded to you in terms of POPIA to the extent applicable, including the right - 
   1. to object to the processing of your personal information in certain circumstances; 
   2. to access personal information we hold about you; 
   3. to request for it to be corrected, or to be destroyed or deleted in certain circumstances; 
   4. not to be subject to automated decision-making, including profiling which has legal or similar significant effects; 
   5. to request that we restrict the processing of your personal information if you want us to establish the accuracy of certain information; for proof without deleting it; where you say that the processing is unlawful but you do not want us to delete it; or you want us to transfer the information to another system; and 
   6. to withdraw consent, where consent is the basis upon which we process the personal information at any time, without affecting the lawfulness of processing based on consent before its withdrawal, or processing for which we rely on another lawful basis. 
4. Please refer to our PAIA manual for further information on how to lodge any of the requests indicated above, the necessary forms, and required fees to do so.
5. We may request proof of identification to verify your request. We may refuse your request or, alternatively, be required to refuse your request, for example, if one of the mandatory grounds of refusal are triggered in relation to a request for access.
6. We have appointed and registered an Information Officer with the Information Regulator to ensure that the provisions of the Act are complied with and to facilitate communication with our Content Contributors, Advisory Panel members, partners, associates and the Information Regulator. You may address your requests to the Information Officer using the following details: 

 7. We would appreciate if you could give us the opportunity to resolve any data protection related issue you may have by contacting our Information Officer. If we are unable to do so, you may lodge a complaint with the Information Regulator using the following details: 

 
CHANGES TO THIS POLICY 

8. This Policy is subject to change, at least annually, if not more, if there is anything we need to provide for.

9. We will notify you if this Policy changes, however it is your responsibility to ensure you are familiar with this Policy.xter