1. Introduction
Credo Business College (“the College”) is committed to safeguarding the privacy of personal information in compliance with the Protection of Personal Information Act 4 of 2013 (POPIA). This policy outlines how we collect, use, disclose, and protect personal information.
2. Definitions
- Personal Information: Information relating to an identifiable, living natural person or existing juristic person, including but not limited to contact details, demographic information, history, and opinions.
- Data Subject: The person to whom personal information relates.
- Responsible Party: Credo Business College, which determines the purpose and means of processing personal information.
3. Collection of Personal Information
We collect personal information directly from data subjects through applications, registrations, and interactions with the College. This may include:
- Contact details (e.g., name, address, email, phone number)
- Demographic information (e.g., age, gender, nationality)
- Educational history
- Financial information
- Medical information, where necessary
4. Purpose of Collection
Personal information is collected and processed for the following purposes:
- Providing educational services
- Student administration
- Staff administration
- Compliance with legal obligations
- Alumni relations
- Marketing and communication, with consent
5. Consent
Where required, the College obtains explicit consent from data subjects for the collection and processing of personal information. Data subjects have the right to withdraw consent at any time.
6. Use and Disclosure of Personal Information
Personal information is used solely for the purposes for which it was collected. The College may share personal information with third parties, such as regulatory bodies, service providers, or other educational institutions, only if:
- Consent has been obtained
- It is required by law
- It is necessary for the performance of a contract
7. Security of Personal Information
The College implements appropriate technical and organizational measures to protect personal information against unauthorized access, loss, or damage. This includes secure storage systems and regular data protection training for staff.
8. Access and Correction
Data subjects have the right to access their personal information held by the College and to request correction or deletion of inaccurate, irrelevant, or outdated information. Requests should be directed to the College’s Information Officer.
9. Retention of Personal Information
Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Thereafter, it is securely destroyed or de-identified.
10. Changes to This Policy
The College may update this Privacy Policy from time to time. Any changes will be communicated through appropriate channels.
11. Contact Information
For any queries or concerns regarding this Privacy Policy or the processing of personal information, please contact:
Information Officer
Credo Business College