Privacy notice | UCT Law at Work

This privacy notice applies to all participants enrolled in a course offered by UCT Law@work or administered by UCT Law@work on behalf of an external academic partner.

We value our course participants’ privacy. Therefore, we have created this privacy notice is to help you understand how we collect, use, share, protect and store your personal information.

We may update this privacy notice occasionally. We will inform you when we do.

Please email us if you have any questions.

You can contact the Information Regulator at inforeg@justice.gov.za.

1. What personal information we collect and generate

We collect information that helps us register you as a course participant and communicate with you while you are a course participant.

We collect:

Your name
Your ID number or passport number
Your date of birth
Your gender
Your physical address
Your email address
Your telephone number(s)

We generate information about you in the form of records.

We generate:

Attendance records
Academic records

2. When and why we collect and process your personal information

When we collect and use your personal information	Why we collect your personal information
When you register for a course run by UCT Law@work. When you register for a course that we administer on behalf of one of our external academic partners. When we send you information about how and when the relevant course will happen or additional academic resources from the relevant course convener. When we communicate with the relevant course convener about the participants who are attending their course. When you participate in a course run by or administered by UCT Law@work, we monitor your attendance and performance to ensure you meet all the course requirements. When we issue and send your course completion certificate to you. When we communicate with our external academic partners about attendance registers and issuing course completion certificates for the courses we administer on their behalf. When we receive confirmation from Fundi that you have obtained financing through this platform to complete one of our courses. When UCT Law@work owes you a refund.	We process this information to meet our contractual obligations with you.
When you contact us by email or telephone, we use the information we collect to reply to, investigate, and resolve your query, complaint, or request. When you are in breach of your financial obligations to UCT Law@work, we may hand over your account for debt collection purposes.	We process this personal information because it is in your or our legitimate interest to do so.
When you subscribe to our email newsletter. You can unsubscribe at any time by contacting us via the email address provided in the newsletter.	We process this personal information with your consent.

3. In order to deliver our services to you, we must share your information with others we trust

As UCT employees or appointed UCT visiting lecturers, all course conveners are required to keep your information confidential, secure and only use your information for the purpose it was shared for.

UCT Law@work provides appropriate safeguards through the contract signed between us and all course conveners we use.

We have course conveners who take each course that UCT Law@work runs or administers.

The University of Cape Town Senate Policy on Continuing Education Courses requires all course conveners to be a UCT academic staff member. Or, if the course convener is not employed at UCT, the course convener will be appointed as a visiting lecturer.

We share information about the seniority level, industries, and other necessary information about course participants with course conveners before starting the course. This is so course conveners can cater or adapt the course to their audience.

Some of the course conveners that we use may be located in other countries. These countries may not have the same levels of protection of personal information as South Africa, in which case the course convener must protect our course participants' personal information to the same level that we do.

We provide for appropriate safeguards by means of contracts between our foreign course conveners and us.

UCT Law@work provides appropriate safeguards through the contract signed between us and all external academic partners we collaborate with.

We have several external academic partners whom we collaborate with to administer courses on behalf of.

The University of Cape Town Senate Policy on Continuing Education Courses requires that a contract be put in place when collaborating with an external academic partner.

External academic partners will share course participant personal information with us for course registration and administration purposes. In turn, we will share course participant attendance records and course completion certificates with the relevant external academic partner. This personal information exchange is performed, so we administer the course on behalf of the external academic partner, and so the external academic partner can send course participants their course completion certificates.

Some of our external academic partners may be located in other countries. These countries may not have the same levels of protection of personal information as South Africa, in which case the external academic partner must protect the course participants' personal information to the same level that we do.

We provide for appropriate safeguards by means of contracts between our foreign external academic partners and us.

UCT Law@work provides appropriate safeguards through the contract signed between us and all service providers we use.

We use service providers to help us:

provide virtual courses to you
put our academic content on a Learning Management System (LMS) for you
courier course completion certificates to you
collect outstanding debt
store our paper and electronic files securely

Some of our service providers may be located in other countries. These countries may not have the same levels of protection of personal information as South Africa, in which case the service provider must undertake to protect the personal information of the course participants to the same level that we do.

We provide for appropriate safeguards by means of contracts between us and our foreign service providers.

4. We have taken reasonable steps to minimise the impact of a breach

We have reasonable security safeguards in place to protect your personal information.

Our security safeguards are in place to protect your personal information from:

loss
misuse
unauthorised access
being altered
being destroyed

In line with UCT’s Information Security Policy, these security safeguards are reviewed regularly to ensure they are being implemented properly.

In line with UCT’s Information Security Policy, the adequacy of these security safeguards to protect against all known risks and deficiencies is also reviewed regularly.

These security safeguards are reviewed regularly to ensure they are working properly and are strong enough to protect your personal information against all known risks and deficiencies.

But no system is perfect, and we cannot guarantee that your personal information may not be accessed, disclosed, altered or destroyed by a breach of any of our security safeguards.

We will let you know of any breaches that may affect your personal information.

If something should happen, we will take steps to minimise the threat to your privacy, and we will let you know if your personal information has been compromised.

We will also let you know how you can help minimise the impact of the breach.

You can help to keep your information secure by being aware of how you communicate.

Despite the security measures we have in place, emails can still be intercepted and are not a safe way to share personal information.

Instead, give us a call or complete our online registration form.

5. Why, how and for how long we store your personal information

We store your personal information electronically on UCT’s PeopleSoft system.

The University of Cape Town Senate Policy on Continuing Education Courses requires that all course participants’ personal information records are stored on the PeopleSoft system.

We store electronic backups of your personal information, course registers and waybills for couriering course certificates.

We have to keep your personal information for as long as you are a course participant or you are subscribed to our newsletter.

We have to keep your personal information records in course registers and waybills for business continuity purposes (e.g., to confirm that you completed a course with us back in 2010 and that we definitely couriered your course completion certificate). We also have to keep this information to comply with specific higher education sectoral laws.

We will not keep your personal information for longer than we need to or than we are legally required to.

6. You have the right to know what we know about you and what we do with that information

You can request access to the information we hold about you or correct your personal information by contacting us.

It may take us up to 21 days to respond to your request, because there are procedures we need to follow. In certain cases, we may require proof of your identity.

You can contact the Information Regulator at inforeg@justice.gov.za.

You have the right to:

ask what personal information we hold about you, to ask when we collect and process the personal information we hold about you, and to ask how we collect and process the personal information we hold about you.
request access to the personal information we hold about you.
request that we delete your personal information.
ask us to update or correct any out-of-date or incorrect personal information we hold about you.
ask what personal information of yours was sent to our course conveners, external academic partners, service providers or any other third party.
unsubscribe from any direct marketing communications we may send you.
object to the processing of your personal information.
ask that we restrict our use of your personal information.
lodge a complaint with the Information Regulator.