NMG C and A Holdings (SA) (Pty) Ltd. (registration number 2002/0015082/07) (“NMG”, “we”, “our” or “us”) is committed to respecting your privacy and protecting information that identiﬁes or is associated with you (“personal information”). This Privacy Notice applies to NMG and all its subsidiaries as well as our websites, platforms, and digital channels.
NMG offers the full set of solutions to meet the needs of employers, medical schemes, retirement funds, employees, and retirees. We provide clients with unbiased and professional advice on the provision and management of medical, life and disability insurance, and retirement solutions.
We help clients take a complete view of their employee beneﬁts programme and ensure that the beneﬁts encourage greater productivity, loyalty and whilst at the same time protecting the future ﬁnancial security of the business.
The identity of the controller responsible for your personal information will depend on who you are and how you are engaging or interacting with NMG. If you are an individual using our website, the data controller is NMG. If you are a client (or representative of a client) or a member, the relevant data controller will depend on the NMG ofﬁce you are engaging with.
The type of information we collect will depend on the purpose for which it is collected and used. We will only collect information that we need for that purpose.
The source of the personal information we collect depends upon our relationship. For example, where:
We collect and process your Personal Information mainly to provide you with access to our services and products, to help us improve our offerings to you, to support our contractual relationship with you and for certain other purposes explained below. We will process your personal information only for the purposes for which it was collected or agreed with you, for example:
Where we collect Personal Information for a speciﬁc purpose, we will not keep it for longer than is necessary to fulﬁl that purpose, unless we must keep it for legitimate business purposes or pursuant to applicable law.
You can opt out of receiving communications from us at any time. Any direct marketing communications that we send to you will provide you with the information and means necessary to opt out.
You have the following rights under applicable data protection legislation in relation to your personal information:
If you wish to exercise one of these rights above, please contact us using the details set out at below.
You also have the right to lodge a complaint to the relevant data protection regulator.
The details of our Information Ofﬁcer and POPIA Legal and Compliance Ofﬁcer are as follows:
Tel: 011 509 3000
POPIA Legal and Compliance Ofﬁcer
Tel: 011 509 3000
You have the right to ask us to update, correct or delete your personal information. We will take all reasonable steps to conﬁrm your identity before making changes to Personal Information we may hold about you. We would appreciate it if you would take the necessary steps to keep your Personal Information accurate and up to date by notifying us of any changes, we need to be aware of.
In terms of the POPI Act (POPIA) section 18. (h) (v) you have the right to lodge a complaint to the Information Regulator (South Africa) (IRSA). The IRSA contact details are:
JD House, 27 Stiemens Street
Braamfontein, Johannesburg, 2001
P.O Box 31533
Braamfontein, Johannesburg, 2017
NMG may share your Personal Information with the following categories of recipients:
We maintain appropriate security measures to protect your personal information against accidental or unlawful destruction, loss, change or damage. All personal information you register on our website is transmitted across the Internet in an encrypted state and is stored in a secure data centre.
NMG operates in South Africa and Namibia. While the data protection and other laws of these countries differ, please be assured that we take steps to ensure that your privacy is protected, including restricting access, enabling encryption, and putting in place appropriate contractual provisions between the various NMG entities. Additionally, NMG personnel may access our systems remotely when working abroad (including from jurisdictions outside South Africa). Where they do so, they are required to use our data systems and access any personal information in accordance with NMG’s internal policies and procedures.
Furthermore, if we need to share your personal information with a third-party service provider, we will ensure we do so in compliance with relevant data protection legislation and will review our contracts regularly to ensure we are compliant.