Last Modified: 22 FEBRUARY 2022
1.1. The following additional documentation referenced in this policy
1.1.2. Third Party Processing
1.1.4. Data Processing Addendum
1.1.5 POPIA Compliance
2.1. “Customer” or “You” means any party from whom we collect personal information;
2.2. “Users” means collectively, our customers and visitors who use our websites, products and services;
3. ABOUT US
3.1. Metabolica Med (Pty) Ltd and our subsidiaries (“we,” “us” or “Metabolica Med”) are a leading provider of dietary and/or health supplementary products. We care about protecting the personal information of our Users.
4. INFORMATION COVERED BY THIS POLICY
5. INFORMATION WE COLLECT FROM YOU
5.1. During your use of the Services, we obtain the following information about you as described below. We collect this data for the purposes described under “How we Use Your Information” in paragraph 6.
5.2. Signing Up for Services; User Information
5.2.1. Information you provide prior to any registration process, such as your email when you provide it to us;
5.2.2. Information that you provide during any registration process, including in connection with a co-branded offer (such as your name, company name, email address, phone number, billing address or credit card information, geographic location and industry), when you call or email us (for support or otherwise) or when you use our products or services; and
5.2.3. Payment information that you provide to us (by way of our Services or otherwise) when you purchase some of our products and services, including credit card data.
5.3. Use of Services, Website Visits and Support
5.3.1. Data relating to your online activity on our websites with respect to our Services, including the following:
22.214.171.124. IP address;
126.96.36.199. browser type and version;
188.8.131.52. geographic location;
184.108.40.206. pages you view;
220.127.116.11. how you got to our Services and any links you click on to leave our Services;
18.104.22.168. when you update your information, communicate with us, or order new Services;
22.214.171.124. metadata about your use and your contacts’ use of our Services and your emails you send (including clicks and opens);
126.96.36.199. your interactions with any videos we offer;
188.8.131.52. issues you encounter requiring our support or assistance;
184.108.40.206.any device or other method of communication you use to interact with the Services;
5.3.2. We store this data we collect in a variety of places within our infrastructure, including system log files, back-end databases and analytics systems.
5.3.3. Your telephone conversations with us (which we may monitor or record).
5.4. Social Media
5.4.1. Information from third party social networking sites, including information that social networking sites provide to us if you use your credentials at such social networking sites to log into some of our Services (such as your name and email address to pre-populate our sign-up form).
5.4.2. The information you allow us to access varies by social networking site and depends on the level of privacy settings you have in place at the social networking site. You can control and find out more about these privacy settings at the applicable social networking site.
5.5. Other Sources
5.5.1. Information you provide to us at seminars or to our partners;
5.5.2. Information you provide to us in surveys;
5.5.3. Information that is publicly available; and
5.5.4. Information you consent to us receiving from third parties.
6. HOW WE USE YOUR INFORMATION
6.1. We have a legitimate interest in running a successful and efficient business and in providing you with Services and useful content, and we use the information we collect, both on its own and combined with any other information we collect about you, for the following purposes:
6.1.1. To provide the requested Services to you;
6.1.2. To provide you with useful content;
6.1.3. To ensure the proper functioning of our Services
6.1.4. To offer and improve our Services;
6.1.5. To provide you with requested information or technical support
6.1.6. To facilitate your movement through our websites or your use of our Services;
6.1.7. To do a better job of advertising and marketing our Services (our use of your information to do this is performed with your consent where required by applicable law);
6.1.8. To advertise and market third party products and services (such advertisement is only performed with your permission where your consent is required by applicable law)
6.1.9. To diagnose problems with our servers or our Services;
6.1.10. In connection with our security and compliance programs;
6.1.11. To administer our websites;
6.1.12. To communicate with you;
6.1.13. To target prospective customers with our products or services (such targeting is only performed with your permission where your consent is required by applicable law);
6.1.14. To assist us in offering you a personalised experience or otherwise tailor our Services to you; and
6.2. We also use the information we receive in aggregated and anonymised formats to produce reports on trends and statistics, such as mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
6.3. Payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services.
6.4. We also use recorded telephone conversations for quality control purposes, to train our employees and for our own protection.
7. SHARING OF INFORMATION
7.1. As further described below, we will only share certain personal information with:
7.1.1. other members of the Endurance corporate family;
7.1.2. our partners;
7.1.3. third party service providers and vendors;
7.1.4. in connection with a sale, merger, acquisition or corporate reorganization;
7.1.5. authorized users within your organization; and
7.1.6. for legal reasons.
7.2. Further information about the third parties with whom we share personal information is available, the most recent of which is referenced in the pre-amble of this policy.
7.3. Sharing with the Metabolica Med corporate family
7.4. Sharing with partners
7.4.1. When we share personal information with certain third-party partners, including marketing and advertising partners, that information includes your name, email address and other information enabling partners to:
7.4.2. assist you in using our products and services;
7.4.3. contact you with offers, services or products that may be of interest to you, and;
7.4.4. provide you with their products or services.
7.4.5. If you are located in a jurisdiction where such sharing requires your permission, we will only do so with your consent. Please note that if you access our services through a tool that hides your location, such as through a virtual private network, you may not receive our request for permission because we were not able to identify you as being located in a jurisdiction where your permission is required.
7.4.6. Further, our partners are prohibited from using your contact information for any purpose beyond those set forth above without your consent. We will not provide our partners with your credit card information. Further information about certain partners we share personal information with is included in the Third-Party Data Controllers and Sub-Processors document referenced in the preamble to this policy.
7.5. Sharing with third party service providers and vendors
7.5.1. Occasionally, we enter into contracts with carefully selected third parties so that they can assist us in servicing you (for example, providing you with customer service, fraud detection and deterrence or access to advertising assets and providing us with information technology and storage services) or to assist us in our own marketing and advertising activities (including providing us with analytic information and search engine optimization services). Our contracts with such third parties prohibit them from using any of your personal information for any purpose beyond the purpose for which it was shared.
7.5.2. If you purchase a product or service from a third party through one of our brands, we will pass your personal information to such third party in order for them to fulfill your order.
7.5.3. We also share non-personal information with certain third parties, including the media, industry observers, marketing and advertising partners, vendors, customers, potential customers or partners. For example, we disclose mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
7.6. Corporate reorganizations
7.6.1. If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transaction, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
7.7. Authorised users
7.8. Legal process
7.8.1. Lastly, if legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be:
220.127.116.11. violating our terms and conditions of use;
18.104.22.168. causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or
22.214.171.124. violating federal, state, local, or other applicable law.
8. SECURITY OF YOUR INFORMATION
8.1. The measures we take
8.1.1. We are committed to industry best practice when it comes to preventing loss, misuse, alteration, unauthorised access, or unlawful or unnecessary processing of the information we collect. For example, we:
126.96.36.199. make use of encryption technology as appropriate;
188.8.131.52. use appropriate network access control technology to limit access to the systems on which collected information is stored;
184.108.40.206. monitor for possible vulnerabilities and attacks.
8.1.2. Unfortunately, we cannot guarantee that the technical, physical and organizational measures we take will prevent every security threat nor can we guarantee that your personal information will not be improperly accessed, used, altered or destroyed. We will notify you if we discover there has been a material breach of security, which resulted in an unauthorized disclosure of your personal information.
8.2. The steps you should take
8.2.1. To help maintain the security of information you provide to us or you store on our hosted systems, please follow these rules:
220.127.116.11. Keep your passwords private;
18.104.22.168. If you’re already a customer, remember that you’re responsible for making sure no unauthorized person has access to your passwords and account details. You should promptly notify us if you need to deactivate your login or change your password. You should also implement appropriate security measures for the data you store on the hosted system;
22.214.171.124. Remember, when you use online tools such as our forums, community sites or social networking sites, the content you upload to them will be public. If you don’t want the content you upload to be seen by the rest of the world, please don’t post it.
9. TRACKING TECHNOLOGIES AND ONLINE ADVERTISING
10.1. Marketing communications from us
10.1.1.1. You always have the opportunity to opt out of our marketing communications with you or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at lohan@Metabolica Med.co.za. Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for Metabolica Med products and services are provided to you upon the condition that you receive these communications from us. You must cancel your account(s) for Metabolica Med products and services, as applicable, if you do not wish to receive any transactional or service communications. To cancel your Metabolica Med account(s), please follow the instructions found in the terms of service for the applicable Metabolica Med service. You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
10.1.2.1. We may contact you by telephone, with your consent where applicable, for marketing purposes (including by automatic dialer and/or pre-recorded message). If you do not want to receive marketing calls, please contact customer support at the brand from which you purchased your Services. You do not need to agree to receive automated marketing phone calls or texts from us to use the Services.
10.3. Information from third parties
10.4. Unauthorised accounts
10.4.1. If an account or profile was created without your knowledge or authorization, please contact customer support at the brand on which the account or profile is located to request removal of the account or profile.
11. RETENTION OF PERSONAL INFORMATION
11.1. We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than five years following the later of (i) the date on which you terminate your use of the Services or (ii) as long as needed to fulfil the purpose for which personal information was originally collected, or (iii) February 22, 2022, unless we are otherwise required by law or regulation to retain your personal information for longer.
11.2.1. You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
11.3.1. You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or it’s processing once received by the third party.
11.4.1. You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information, we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
11.5.1. You may request that we erase the personal information we hold about you in the following circumstances:
126.96.36.199. where you believe it is no longer necessary for us to hold the personal information;
188.8.131.52. we are processing it based on your consent and you wish to withdraw your consent;
184.108.40.206. we are processing your data based on our legitimate interest and you object to such processing;
220.127.116.11. you no longer wish us to use your data to send you marketing; or
18.104.22.168. you believe we are unlawfully processing your data.
11.5.2. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
11.6. Restriction of processing to storage only
11.6.1. You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
22.214.171.124. You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
126.96.36.199. We wish to erase the personal information as the processing we are doing is unlawful, but you want us to simply restrict the use of that data;
188.8.131.52. We no longer need the personal information for the purposes of the processing, but you require us to retain the data for the establishment, exercise or defence of legal claims; or
184.108.40.206. You have objected to us processing personal information we hold about you based on our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
11.7.1. You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
11.7.2. You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
11.8. Withdrawal of consent
11.8.1. Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by contacting our Data Protection Officer at lohan@Metabolica Med.co.za.
12. THIRD PARTY LINKS AND INFORMATION COLLECTION AND USE BY OUR USERS
12.1. Some of our Services provide links to other websites. Because we do not control the information policies or practices of these third-party sites, you should review their privacy policies to learn about how they collect and use personal information.
12.1.1. You may also log in to some of our Services using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain personal information with us, such as your name and email address to pre-populate our sign-up form. For example, if you take advantage of certain of our social media features, such as the Facebook Like button, and widgets, such as the “Share This” button or interactive mini-programs that run on our site, the applicable social networking sites may collect your IP address, which page you are visiting on our websites and may set a cookie to enable it to function properly.
13.1. Our Services or products are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
14. DATA TRANSFER
14.1. In order for us to provide the Services to you, your personal information will be transferred to, and stored at/processed in South Africa, more specifically at the main place of business of the service provider / product supplier in accordance with the POPIA Act.
15. PERSONAL INFORMATION OF OUR CUSTOMERS’ CLIENTS
15.2. Our customers are responsible for maintaining the security and confidentiality of their accounts and access to the hosted systems and encrypting any personal information they store on or transmit to/from our hosted system.
15.4. Metabolica Med provides its services under the direction of its customers and has no direct relationship with the individuals whose personal data our customers’ process. If you are a client of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you interact with directly.
15.5. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers
16.1. In the event that you wish to make a complaint about how we process your personal information, please contact our Data Protection Officer at lohan@Metabolica Med.co.za and we will try to deal with your request.
17. NOTIFICATION OF CHANGES