A. Definitions

For purposes of this policy: - 

  1. POPIA refers to the Protection of Personal Information Act, 2013 and the Regulations promulgated thereto

  2. Data Subject has the meaning ascribed thereto in section 1 of the Act

  3. Our Website means www.faberallin.co.za

  4. Personal Information has the meaning ascribed thereto in section 1 of the Act.

  5. Process has the meaning ascribed thereto in section 1 of POPIA

  6. Responsible Party has the meaning ascribed thereto in  in section 1 of POPIA.

  7. Operator has the meaning ascribed thereto in section 1 of POPIA

  8. Services means the online content offered through our Website.

  9. ‘users’ or ‘you’ or ‘your’,  as required by the context, means all visitors to our Website, including members of the public or legal entities accessing the Website for information purposes; members of the public or legal entities procuring legal services, members of the public or legal entities submitting advertisements, comments, files, images, videos, sounds, business listings and/or information,                   service and information requests and/or any other material or data (‘Content’); web search engines; and data and/or information aggregators

  10. ‘us or ‘we’ or ‘our’ as required by the context, refers to Faber & Allin Inc. Attorneys

B. Introduction

  1. We recognise and respect the Constitutional right to Privacy and we support the purpose of POPIA in giving effect to that right. 

  2. Personal Information is ordinarily processed in the provision of legal services, and is in fact a prerequisite thereto. As such, we are a Responsible Party under POPIA.

  3. The provision of legal services is regulated and legal practitioners are subject to legislative and regulatory duties and obligations, in addition to those prescribed by POPIA, more notably under the:-

    • The Legal Practice Act 28 of 2014 as amended, and the Regulations thereto;

    • The Rules of the Legal Practice Counsel, of which we are a member;

    • The Financial Intelligence Centre Act 38 of 2001 (FICA); and 

    • The Financial Intelligence Centre Amendment Act 1 of 2017 (FICA

  4. We undertake to process information lawfully, in accordance with POPIA, and in observance of our obligations and duties as a law firm.

  5. This privacy policy, together with our Section 51 Manual and Website terms and conditions sets out the basis on which any Personal Information that we collect from you, or that you provide to us, is processed. 

  6. By using our Website and/or our Services and communicating electronically with us, you consent to the processing, including the transfer of your Personal Information, as set out in this policy.

  7. Due to ongoing changes in the law and the changing nature of technology, our data protection practices will change from time to time. If and when our privacy protection practices change, we will update this policy, to describe such new practices and you are encouraged to check regularly for such updates and/or revisions.

C. Information we           process

  1. We process Personal Information relating to both natural and juristic persons in the operation of our Website and delivery of Services, the provision of legal services in carrying on our business, and in performing organisational functions. 

  2. You may provide Personal Information to us either directly or indirectly, by requesting information in respect of our services, or by entering into an attorney/client engagement with us,  whether in person or through our Website.

  3. When you visit our Website we collect information that is not Personal Information, which information when viewed independently from accompanying identifying criteria, does not identify you personally (for example your Internet Protocol (‘IP’) address, operating system, browser type, and Internet service provider).

  4. When you use our Website and/or our Services, we may collect Personal Information that you provide to us by which you can be identified (such as your name, identity number, postal address, physical address, e-mail address, telephone number, postal code, fax number, gender, date of birth and company name). We may process such information in the following instances:

    • when you fill in and submit forms on our Website, subscribe to our newsletter, submit a job application, or request legal services;

    • the information you submit when you report a problem with our Website or our Services;

    • records of correspondence between us;

    • details of your visits to our Website (including traffic data, location data,  weblog(s) and other communication data); and

    • public Personal Information collected about you.​

  5. We may collect combined information about you from various sources.

  6. The Personal Information we process in the ordinary course of business include, but is not limited to: -  adequate, necessary, and relevant information required by law when engaging our services such as your name, identity number, business registration number, employees or director’s Personal information, and contact information; electronic communications transmitted to us; information submitted to us in response to an employment advertisement; and technical information, for instance through the use of cookies and data analytics.

  7. The Personal information we process in the operation of our business, include but is not limited to: -

    • client information required in compliance with domestic and foreign legal & regulatory requirements;

    • the screening of visitors to our business premises in terms of COVID19 protocols; and

    • information relating to employees of the firm.

  8. Online payments on our Website are processed by a 3rd party service provider and all transactions are subject  to 3D secure authentication. Neither us or the 3rd party payment processor: -

    • has visibility of the actual interaction between you and the bank;

    • has access to the 3D authenticate OTP; or

    • stores your card details in any form.

  9. We use 3rd party companies to monitor Website traffic, which may, in some instances, store your information (including the Personal Information you submit to such third parties).

G. Why and how we       process                     information

  1. In terms of section 43B and Schedule 1 to FICA and FICAA (‘the Acts”) law firms and legal practitioners in South Africa, are designated as accountable institutions to the Financial Intelligence Centre (the ‘FIC’), and we process information in this regard as determined by: 

    • section 20A of FICA, which prohibited us from acting for anonymous clients and/or clients acting under a false or fictitious name;

    • section 21 of FICA which requires us to  establish and verify the identity of a client in the course of establishing a business relationship or when entering into a single transaction; and if applicable, the person representing the client as well as any other person on whose behalf the client is acting; 

    • section 29 of FICA which requires all businesses to report suspicious or unusual activities or  transactions or series of transactions related to money laundering, the financing of terrorist and related activities, and contraventions of prohibitions to financial sanctions, to the FIC; and 

    • section 37(1) of FICA which overrides secrecy and confidentiality obligations in South African law in that no duty of secrecy or  confidentiality prevents any institution or person from complying with an obligation to file a report under FICA.

  2. We may use the information we hold about you in the following ways:- 

    • to execute and deliver legal services on your instructions; 

    • to ensure that content from our Website is presented in the most effective manner for you and for your computer; 

    • in aggregate and de-identified form, for internal business purposes such as generating statistics; to provide you with information and/or services that you request from us; 

    • to provide you with information which we feel may interest you, when you have consented to be contacted for such purposes; 

    • to allow you to participate in interactive features of our Services when you choose to do so; 

    • to respond to any queries you make; and

    • to notify you about changes to our Services.

  3. We may use information provided by you to:-

    • execute and deliver legal services on your instructions; 

    • create and manage user accounts; 

    • enforce our online contract and/or booking policy; 

    • monitor user activity and manage traffic on our Website; 

    • provide customer services; and 

    • assist you with technical difficulties. 

  4. We may block users located in certain countries from using our Website. 

  5. Information collected through our Website is transferred outside of South Africa by our Website development and design platform, who is an operator and who affords an adequate and equivalent level of protection and security frameworks as required by POPIA.

H. Protecting 

    Information 

  1. You are a valued client  and we will do our best to protect your Personal Information, and we use technology to help us do this. 

  2. Our data storage cloud-computing operator is POPIA compliant; and their security protocols include the following: - 

    • server data centres are housed in South Africa in secure, fire-proof and air- conditioned facilities that provide software and hardware firewalls,  24-hour on- site engineers, daily automated backups, and disaster recovery facilities;

    • constant monitoring of web traffic to detect intrusion attempts and pre-empt unauthorised access, by their engineers, with every single request to the server stored and monitored for inconsistencies. 

    • data transmitted to/from their cloud environment is transmitted securely over a 256-bit encrypted Secure Socket Layer (SSL) connection (HTTPS);

    • their passwords are encrypted using leading interative algorithms with random keys and salts. The results are stored as highly secure hashes in their database;

    • documents are stored using 256-bit encryption keys, which are only decrypted upon retrieval by an authenticated user;

    • passwords must subscribe to minimum complexity requirements in order to avoid brute force attacks and multi factor authentication can be used to decrease the risks of unauthorised access. 

    • user inputs and outputs are strictly sanitized in order to prevent SQL injection and cross-site scripting attacks. 

  3. We do not directly process any payments and do not store your credit card information. Secured Socket Layer (‘SSL’) technology is used for processing payment transactions with 3rd party service provider partners.

  4. Our website & email hosting servers and data centres are located in South Africa and offers adequate physical as well as network security solutions, compliant with the requirements and provision of POPIA.

  5. Our physical security in respect of access to data devices and/or paper based personal information is adequate and complies withindustry best practices. This includes access control, 24/7 business premises security , and robust policies and procedures enforced throughout our business operations.

I. ACCESSING AND        MODIFYING               PERSONAL                 INFORMATION AND   COMMUNICATION     PREFERENCES

  1. You have the right to access, remove, review, and/or make changes to Personal Information that you provide us with, subject to our legislative and regulatory duties and obligations.

  2. We may send you any legally required notifications as well as certain notifications including service related notices and notices regarding  a change to any of our policies. For example, we may send you a notice regarding server problems or scheduled maintenance to the  Website. You can always opt out of certain e-mail communications from us, including our notifications to you.

  3. We will not change your preferences without your consent.

J. Disclosures

  1. On rare occasions, we may be required to disclose your Personal Information because of legal or regulatory requirements. In such instances, we reserve the right to disclose your Personal Information as required in order to comply with our legal obligations including complying with court orders, warrants, subpoenas, service-of-process requirements or discovery requests.

  2. We may also disclose information about our users to law enforcement officers or others, in the good faith belief that such disclosure is reasonably necessary to enforce our Website terms and conditions  or this privacy policy or respond to legal claims that any content violates the rights of third parties, or to protect our intellectual property rights or our personal safety or the personal safety of our users or the general public. 

  3. We will notify you of any transaction in which substantially all of our assets are sold to or merged into another company, including assets which contain your Personal Information. The acquiring company will be given access to your Personal Information without your consent.

K. Notification of             changes

We reserve the right, in our sole discretion, to change this privacy policy from time to time. We will notify you of material changes to this privacy policy by publishing such changes on our Website.

L. How to contact us

If you have questions about this privacy policy, please contact us at info@faberallin.co.za with ‘Privacy Policy’ in the subject line.

D. Storage of Data

  1. The transmission of information via the Internet is not completely secure, and we cannot guarantee the security of the information you transmit to our Website. Transmission of your information to our Website is entirely at your own risk and we accept no responsibility for any loss or unauthorised use or interception of information transmitted via the internet, and which is beyond our control.

  2. Once we have received your information, we use appropriate security features and Information Technology platforms to store and transfer such information, and we employ technology and internal best practices to prevent unauthorised access.

  3. When you have chosen or been given a password which enables you to access certain parts of our Website, you are responsible for keeping that password secure and you should not share your password with anyone.

  4. Legal practitioners and/or law firms are required to keep all files and documents relating to matters dealt with by them on behalf of clients, including the associated accounting records, for 7 (seven) years from the date of the last entry recorded in each particular book or other document of record or file. 

E. Cookies & IP

  1. Cookies are small text files transferred by a web server to your hard drive and thereafter stored on your computer. You have the ability to accept or decline the use of Cookies on your computer, by configuring your browser not to accept Cookies.

  2. Our website only uses essential cookies, which cannot be disabled, and which enable core functionality of our Website such as security, verification of identity and network management. ​

  3. By default the following cookies are disabled on our Website: - Marketing Cookies - used to track advertising effectiveness; Functional Cookies - used to collect data to remember choices users make on a website; and Analytics Cookies - used to understand how visitors interact with a website.

  4. We may collect information about your computer (including your IP address, operating system and browser type) for system administration purposes. This information is statistical data about your browsing actions and patterns only.

  5. Our 3rd party service providers may also use Cookies on our Website. We cannot control or access Cookies used by third-party service providers and this policy covers only Cookies used by us.

F. Third party links /       content

  1. Our Website may occasionally contain links to external Websites. If you click on links to external Websites, you leave our Website, We have no control over external websites and we are not responsible for the content of such external websites, their data processing and/or storage practices, or for the security of your Personal Information when you use them. 

  2. We recommend that when you enter an external website you review its privacy policy as it relates to how that Website processes and protects your Personal Information.