WEBSITE PRIVACY STATEMENT
ONDERSTEPOORT BIOLOGICAL PRODUCTS SOC (PTY) LTD
This Website is owned and operated by ONDERSTEPOORT BIOLOGICAL PRODUCTS SOC (PTY) LTD, referred to
as “OBP” in this document.
Our physical address is as follows: 100 Old Soutpan Rd, Onderstepoort, 0110, Pretoria, South Africa, Tel: +27 (0) 12
522 1500,
YOUR USE OF THIS WEBSITE INDICATES THAT YOU HAVE BOTH READ AND ACCEPTED THE
TERMS DESCRIBED IN THIS PRIVACY POLICY. USE OF THIS WEBSITE IS PROHIBITED SHOULD
YOU DISAGREE WITH THE EXPRESSED TERMS IN THIS STATEMENT

  1. USER PRIVACY NOTICE
    1.1 This Notice describes how we obtain, use, and disclose your personal information, in accordance with
    compliance requirements
    1.2 For the purposes of this section, Personal Information will be understood in accordance with the definition
    provided in the Protection of Personal Information Act 4 of 2013 (“POPIA”), hereafter “the Act”
    1.3 We adhere to the principles governing electronic collection of Personal Information outlined in the Act, and the
    legislative conditions referred to therein
    1.4 At Onderstepoort Biological Products SOC (PTY) LTD, we endeavour to ensure the quality, accuracy, and
    confidentiality of Personal Information in our possession, which includes proper use
    1.5 According to the Act ‘‘personal information’’ means information relating to an identifiable, living, natural
    person, and where it is applicable, an identifiable, existing juristic person. In this definition, we include all
    addresses including residential, postal and email addresses and change of name.
  2. INFORMATION OBP COLLECTS
    2.1 The primary purpose of collecting and processing your personal information is to inform our business practice
    while taking steps to protect the information at our disposal. While we take every precaution to offer full
    protection of your personal information, we cannot, and do not, provide complete assurance, nor do we
    provide guarantees to this end:
    2.1.1 We collect information directly from you where you provide us with your personal details
    2.1.2 Website usage information may be collected using “first-party cookies” which allows us to collect
    standard internet visitor usage information:
     First Name
     Surname
     Email
     Phone Number
     Company/CC/Business Name
    2.2 We endeavour to limit the nature of the Personal Information we process to that for which we have obtained
    consent from you. Active processing includes online registration, newsletters, professional announcements,
    SMS, MMS, and other mobile services
    2.3 Your agreement to the terms expounded upon in this Privacy Policy constitutes your consent as described in
    section 69 of the Act
    2.4 We endeavour to obtain your consent in the instance where specific consent is lawfully required and where
    your consent might not suffice under this condition
    2.5 We will not collect, use, or disclose sensitive information without your specific consent except in the
    circumstance where it is permitted or required by law
    2.6 By agreeing to the terms contained in this Privacy Policy, you consent to the use of your Personal
    Information in relation to:
     The provision and performance of our services to you
     The provision of marketing related services to you by us
     Responding to any queries or requests you may have
    2.7 Although absolute security cannot be guaranteed on publicly accessible channels, we have in place up-todate, reasonable technical and organisational security measures to protect your Personal Information against
    accidental or intentional manipulation, loss, misuse, destruction or against unauthorised disclosure or access
    to the information we process online
  3. STORAGE OF YOUR PERSONAL DATA
    3.1 We store your Personal Information directly in our database or Portal, or as deemed necessary and
    appropriate, make use of a central database on which we transfer and store your Personal Information.
    3.2 If the central database is in a country that does not have substantially similar laws which provide for the
    protection of Personal Information, we will take reasonable steps to ensure that your Personal Information is
    adequately protected in that jurisdiction by means of ensuring that standard data protection clauses are
    enforced as envisaged by the POPIA/PAIA.
    3.3 Your information will not be stored for longer than is necessary for the purposes described in this Privacy Policy
    or as required by applicable legislation.
    3.4 The Personal Information we collect from users shall only be accessed by our employees, representatives,
    and consultants on a need-to-know basis, and subject to reasonable confidentiality obligations binding such
    persons.
    3.5 We shall have the right, but shall not be obliged, to monitor or examine any information and materials including
    any website link that you publish or submit to us for publishing on the Site.
    3.6 You shall be solely responsible for the contents of all material published by yourself.
  4. HOW YOUR INFORMATION IS UTILISED
    As a visitor to our website, we may collect such information as your IP address, the name of your ISP (Internet
    Service Provider), your browser, the website from which you visit us, the pages on our website that you visit
    and in what sequence, the date and length of your visit, and other information concerning your computer’s
    operating system, language settings, and broad demographic information. This data is collected as part of an
    aggregation and retains anonymity and does not identify you specifically. However, you acknowledge that this
    data may be able to be used to identify you if it is aggregated along with Personal Information that you supply
    to us. This information is not shared with third parties and is used only within the company on a need-to-know
    basis. Any individually identifiable information related to this data will never be used in any way different to that
    stated above, without your explicit permission
  5. THIRD PARTIES
    5.1 The services available through the Website, may contain links to other Third-party websites, including (without
    limitation) social media platforms, appointment scheduling and/or live chat platforms (“Third-Party Websites”)
    5.2 We take no responsibility if you select a link to any Third-Party Website that subjects you to Third-Party
    Website’s terms and conditions and/or other policies
    5.3 Hyperlinks to Third-Party Websites are provided “as is”, and we do not necessarily agree with, edit, or sponsor
    the content on Third-Party Websites
    5.4 We do not monitor or review the content on any Third-Party Website. Opinions expressed or material own to
    the websites are not necessarily shared or endorsed by us and therefore, excludes us as being responsible
    for, or identified as publishers or proponents of said content. Please be aware that we are not responsible for
    the privacy practices, or content where it appears on Third-Party websites. It is at the user’s own discretion
    whether to provide Third Parties with personal information
  6. INFORMATION SECURITY
    6.1 We are legally obliged to provide adequate protection for the personal information we hold and to stop
    unauthorized access and use of personal information.
    6.2 We will, on an on-going basis, continue to review our security controls and related processes to ensure that
    your personal information remains secure.
    6.3 Our security policies and procedures cover:
     Physical security
     Computer and network security
     Access to personal information
     Secure communications
     Security in contracting out activities or functions
     Retention and disposal of information
     Acceptable usage of personal information
     Governance and regulatory issues
     Monitoring access and usage of private information
     Investigating and reacting to security incidents
  7. APPLICATION OF THE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT 25 OF 2002
    (“ECT ACT”)
    7.1 Data Messages (as defined in the ECT Act) will be deemed to have been received by us, when, we respond to
    the Data Messages
    7.2 Data Messages sent by us to a user will be deemed to have been received by such user
    7.3 in terms of the provisions specified in section 23(b) of the ECT Act
    7.4 Users acknowledge that electronic signatures, encryption and/or authentication are not
    required for valid electronic communications between us and users
    Information to be provided in terms of section 43(1) of the ECT Act:
    Users warrant that Data Messages sent to us from any electronic device, used by such user, from time to time
    or owned by such user, were sent and or authorised by such user, personally
  8. YOUR RIGHTS
    8.1 A user has the right:
    8.2 to access their Personal Information stored and processed by us. This may be done by emailing us at the
    address referred to at the end of this document
    8.3 to rectification of Personal Information that we hold on a user’s behalf, in instances where such Personal
    Information is incorrect or incomplete
    8.4 of erasure of Personal Information (“right to be forgotten”) if such information is no longer needed for the
    original processing purpose, alternatively if a user withdraws their consent and there is no other reason or
    justification to retain such Personal Information, further alternatively, if a user has objected to such Personal
    Information being processed and there is no justified reason for the processing of such Personal Information
    8.5 to restrict/suspend processing of Personal Information to only that which is strictly necessary for us to perform
    our services to you
    8.6 if we breach any of the terms of this Privacy Policy, to complain to the requisite data protection authority in
    their territory
    8.7 to withdraw their consent at any time if processing of Personal Information is based on consent
    8.8 to object to processing of Personal Information, if such processing is based on legitimate interests; and
    8.9 to object to the processing of Personal Information for direct marketing
    LODGING OF COMPLAINTS
    We process your Personal Information in compliance with this Privacy Policy and in accordance with the relevant data
    protection laws. If, however you wish to raise a complaint regarding the processing of your Personal Information or are
    dissatisfied with how we have handled your Personal Information, you have the right to lodge a complaint with the
    supervisory authority in the Republic of South Africa, or with the presiding authority in your country
    To access the personal information stored and processes by us, please send a request to the following email address: