CapeSoft EcoTime will manage the security of its filing system to ensure that personal information is adequately protected. To this end, security controls will be implemented in order to minimise the risk of loss, unauthorised access, disclosure, interference, modification or destruction.
Security measures also need to be applied in a context-sensitive manner. For example, the more sensitive the personal information, such as medical information or credit card details, the greater the security required.
We will continuously review its security controls which will include regular testing of protocols and measures put in place to combat cyber-attacks on the organisation's IT network.
We will ensure that all paper and electronic records comprising personal information are securely stored and made accessible only to authorised individuals.
All new employees will be required to sign employment contracts containing contractual terms for the use and storage of employee information. Confidentiality clauses will also be included to reduce the risk of unauthorised disclosures of personal information for which CapeSoft Eco Time is responsible.
All existing employees will, after the required consultation process has been followed, be required to sign an addendum to their employment containing the relevant consent and confidentiality clauses.
Our operators and third-party service providers will be required to enter into service level agreements with CapeSoft Eco Time where both parties pledge their mutual commitment to POPIA and the lawful processing of any personal information pursuant to the agreement. An example of the "Employee Consent and Confidentiality Clause" for inclusion in CapeSoft EcoTime's employment contracts can be found under Annexure B. An example of an "SLA Confidentiality Clause" for inclusion in CapeSoft EcoTime's service level agreements can be found under Annexure C.