This document was last updated 23 September 2021
a) In providing services to clients, Genlib collects, uses, processes and, in some circumstances, shares the personal information of users;
b) Genlib respects the rights of clients whose personal information is collected, and used and/or processed by it, including their right to protection against the unlawful collection, retention, sharing and use of such personal information;
d) This applies to your personal information that we collect during your interactions with us in writing, orally, through our website, or personal information that we may collect offline or receive from 3rd parties;
2. Definitions and Interpretation
a) “consent’’ means any voluntary, specific and informed expression of will in terms of which permission is given by or on behalf of You of the website for the processing of Your personal information;
b) ‘‘direct marketing’’ means to approach a data subject, either in person or by mail or electronic communication, for the direct or indirect purpose of promoting offering to supply any goods or services to the data subject;
c) “information officer’’ means the information officer appointed by Genlib in accordance with the POPI from time to time;
d) “juristic person” includes a body corporate, a partnership, an association, or a trust as defined in the Trust Property Control Act 57 of 1988;
e) ‘‘operator’’ means an outside third party who processes personal information for or on behalf of Genlib in terms of a contract or mandate;
f) “Person” means a natural person or a juristic person;
g) “personal information’’ means any information linked to You or information that can identify You, including but not limited to:
i. information relating to Your gender, nationality, ethnic or social origin age, language;
ii. information relating to Your education or Your financial, criminal or employment history;
iii. Your identity or registration number, email address, physical address, telephone number, location information or online identifier;
iv. all financial information about You;
v. Your personal opinions, views or preferences;
vi. correspondence sent by You which is of a private or confidential nature;
vii. the views or opinions of others about You; and
viii. Your name if it appears with other personal information relating to You, or if the disclosure of Your name on its own would reveal further personal information about You, or any other personal information as defined and contemplated in POPI;
h) ‘’POPI’’ means the Protection of Personal Information Act 4 of 2013, including any regulations or codes of conduct promulgated under it;
i) ‘’PAIA’’ means the Promotion of Access to Information Act 2 of 2000;
j) ‘’process” or “processing’’ means, in relation to personal information, any operation or activity or any set of operations, whether or not by automatic means, including:
i. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use of that information;
ii. dissemination by means of transmission, distribution or making available in any other form; or
iii. merging, linking, as well as restriction, degradation, erasure or destruction of that information;
k) “Genlib” means Genlib CC, registration number 2008/032635/23;
l) ‘’website’’ means the website or any part thereof which is accessible from www.genlib.co.za;
m) ‘’You’’ means an insurer, an underwriting manager, a supplier, a client, a broker or a sub-agent, and “Your” has a corresponding meaning.
i. the singular includes the plural and vice versa;
ii. any one gender includes the other genders, as the case may be;
iii. an act, regulation or other law is to the version of that law in force at the effective date of this notice and includes any amendment or re-enactment made to that law after the effective date of this notice.
o) When calculating any number of days for the purposes of this notice, the first day must be excluded and the last day of the relevant interval included, unless the last day is not a business day, then the last day will be the next succeeding business day.
p) The word “include” means “include without limitation”. Use of the word ‘’include’’ or ‘’in particular’’ is for illustration or emphasis only and where followed by specific examples must not be interpreted as limiting the meaning of the general wording preceding it.
3. Responsible Party
Genlib may instruct operators from time to time to undertake certain processing activities relating to Your personal information.
4. What Information do we Collect?
Genlib CC is subject to the Protection of Personal Information Act, No.4 of 2013 (POPI), the main objectives of which shall be adhered to. Personal information is defined in POPI as information relating to an identifiable, living natural person, and where applicable, an identifiable, existing juristic person. Depending on how you interact with Genlib CC, personal information we collect may include but without limitation:
Address, Banking Details, Correspondence That Would Reveal The Identity Of A Data Subject, Date Of Birth, Driver’s License Number, Education, Email Address, Employment, Full Name, ID Number, Medical, Owned Properties E.G. Vehicle Identification Number (VIN), Passport Number, Telephone Number
We may also collect other information that does not personally identify you. Such other information includes browser and device information, website usage data, IP addresses, demographic information such geographic location, home language, and information collected through cookies and other technologies or information that has been anonymised or aggregated. If we link this information with your personal information, we will treat such linked information as personal information. You may choose not to provide personal information to Genlib CC when requested.
5. How Do We Collect Personal Information?
We may collect your personal information from you in a variety of ways when you interact with Genlib CC, including:
• When you access our internet services, or interact with us in any other way, or use our solutions, products, and services;
• We collect personal information when you place orders for our solutions, products, and services, we process your orders and payment transactions, perform administrative and business functions, market our solutions, products, and services;
• When you communicate with us;
• We collect personal information when we respond to your inquiries and requests, obtain feedback from you about our solutions, products and services or you apply for employment with us;
• We collect personal information from third parties, business partners and third parties that provide list enhancement or similar services;
6. Collection Directly from User
a. Genlib shall, as far as possible, always collect personal information about You directly from You, except in the following circumstances:
i. where personal information is collected from a public record, or from another source if the information has already been made public by You;
ii. where You have given your written consent to Genlib to collect your information from another source;
iii. where the collection of Your personal information from another source will not prejudice any of Your legitimate interests;
iv. where the collection of personal information from another source is necessary to maintain Genlib’s legitimate interests or those of any third party it intends sharing the information with;
v. where the collection of personal information directly from You would prejudice the purpose for the collection;
vi. where the collection of personal information directly from You is not reasonably practicable in the circumstances.
b. If Genlib collects personal information from a source other than You, it shall record in writing the details of that source, including the full names and contact details of that source where applicable.
c. Personal information may be collected from or supplied by You in any of the following ways:
i. by You completing a proposal form;
ii. by Your Broker submitting the details to us;
iii. when requesting further services or information from Genlib;
iv. when contacting Genlib to report a problem for any reason;
v. when completing any forms on the Genlib website.
7. Legal Basis for Processing Your Personal Information
• Our legitimate interests (or those of a third party with whom we share your personal information) for the purpose of managing, operating or promoting our business, and administrative purposes, except where such interests are overridden by your interests or fundamental rights or freedoms which require protection of personal information.
• Where this is necessary to comply with a legal obligation on us.
• To protect the vital interests of any individual.
• Where you have consented for such processing to take place.
a. Genlib shall only collect Your personal information for a specific, explicitly defined and lawful purpose relating to a function or activity of Genlib’s business.
b. Such purposes may include the following:
i. to make the decision whether or not to enter into a contract with You or allow You to contract with our panel of Insurers;
ii. to perform any obligations under a contract with You;
iii. to comply with a legal obligation;
iv. to protect a legitimate interest of Your (unless You have specifically objected in writing to all or some of the processing activities on reasonable grounds);
v. to pursue its own legitimate interests or the legitimate interests of a third party who it is sharing the information with (unless You have specifically objected in writing to all or some of the processing activities on reasonable grounds);
vi. to customise and display content including, but not limited to products, articles, listings and advertisement to You in a way that Genlib feels may interest You or
vii. be most beneficial to You;
viii. to send content including, but not limited to products, articles, listings and advertisement content to You via email or other electronic media, where You have consented to be contacted by Genlib with such content;
c) Genlib will not sell Your personal information to any third party without the prior written consent of You.
8. Use of Your Personal Information
We may use your personal information to:
• Enable you to effectively use and to improve our solutions, products, and services, for example to: Perform administrative and business functions and internal reporting;
• Send administrative information to you;
• Obtain feedback from you about our services, products and solutions including through client satisfaction surveys, in which event, we will only use your personal information for the sole purpose of sending you a survey;
• Respond to your inquiries and fulfil requests by you;
• Assess the performance of our services and to improve their operation;
• Update our records and keep your contact details up to date;
• We engage in these activities to manage our contractual relationship with you to comply with our legal obligations, or for our legitimate business interests;
We engage in the following activities with your consent or for our legitimate business interests:
• Achieve our business purposes and analyse information. For example, to: Establish, manage, and maintain our business relationship with you. Compile usage statistics for our services;
• Process and respond to privacy requests, questions, concerns, and complaints;
• Fulfil legal and contractual obligations;
• We engage in these activities to manage our contractual relationship with you to comply with a legal obligation.
9. Sharing Your Personal Information
• With business partners with whom we may offer co-branded services;
• With service providers to provide operational services, including but not limited to processing of orders, assisting with sales-related activities or post-sales support, client support, data analytics and auditing;
• Where you consent to the sharing of your personal information;
• In connection with any joint venture, merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company;
• Where applicable, for credit reference, fraud prevention or business scoring agencies, or other credit scoring agencies;
• For debt collection agencies or other debt recovery organisations.
For other legal reasons:
• We may share your personal information in response to a request for information by a competent authority in accordance with, or required by any applicable law, regulation, or legal process;
• Where necessary to comply with judicial proceedings, court orders or government orders, or
• To protect the rights, property, or safety of Genlib CC, its business partners, you, or others, or as otherwise required by applicable law.
Any third parties with whom we share personal information are contractually required to implement appropriate data protection and security measures to protect personal information and are not permitted to use personal information for any purpose other than the purpose for which they are provided with or given access to personal information.
10. User’s Rights in Relation to the Processing of Their Personal Information
a. You shall have the following rights in relation to the processing of Your personal information:
i. to access and correct any personal information held by Genlib about them;
ii. to object to the processing of their information; and
iii. to lodge a complaint with the Information Regulator.
b. You may make a request in terms of clause 8.a.i by following the process for making such a request as set out in Genlib’s PAIA manual – a Data Subject Request Form may be accessed and completed from the Genlib website www.genlib.co.za or from the Information Officer
11. Further Processing
a. Genlib shall not process Your personal information for any purpose not previously specified except in the following circumstances:
i. where You have consented to such further processing;
ii. where the further processing is necessary for the exercise of any contractual rights or the fulfilment of any obligations between Genlib and You;
iii. where the further processing activities are linked to or compatible with the original purpose;
iv. where the further processing is necessary for the prevention, detection, investigation, prosecution and punishment of an offence;
v. where the further processing is necessary to enforce any law;
vi. where the further processing is necessary for the conduct of legal proceedings in any court or tribunal that have commenced or are reasonably contemplated;
vii. where the further processing is necessary to prevent or mitigate a serious and imminent threat to the life or health of You or another individual;
viii. where the further processing is necessary for historical, statistical or research purposes.
b) Genlib shall ensure that if it intends processing personal information for other purposes not previously specified, it shall notify You of such further purposes and the possible consequences of the intended further processing for You.
12. Accuracy, Correctness and Completeness of Personal Information
a) Genlib shall take reasonably practicable steps to ensure that the personal information kept by it about You is complete, accurate, not misleading and is updated when necessary;
b) However, if You are aware of any personal information in Genlib’s custody that is incorrect, inaccurate or which needs to be updated, You must make a written request to Genlib’s information officer to update or correct the relevant information by completing the Data Subject Request Form which is accessible from the Genlib website www.genlib.co.za;
c) If You have contested the accuracy of any personal information being used by Genlib, it shall immediately stop using that information until its accuracy has been verified;
d) Genlib reserves its right to only adhere to a request from You in terms of clause 10.a. if the correction or updating of that information will result in the personal information being correct and accurate;
e) Where personal information that has been shared by Genlib with a third party is subsequently updated or corrected, Genlib shall ensure that all third parties, with whom that information was shared, receives the updated and/or corrected version of the information as soon as it has been updated and/or corrected.
13. Security of Your Personal Information
a. Genlib is committed to protecting the personal information in its custody against any loss of, damage to or unauthorised destruction of that information, and to prevent any unauthorised parties from accessing that information.
b. Genlib takes steps to continually identify and document any risks to the personal information it has in its possession or under its control and that appropriate security safeguards are in place against those risks.
c. Genlib shall ensure that in any contracts entered into with third party operators who process personal information on Genlib’s behalf, include the following obligations:
i. the operator shall not process any personal information without Genlib’s knowledge and authority;
ii. the operator shall treat all personal information given to it as confidential and shall not disclose it to any unauthorised third parties;
iii. the operator shall establish and maintain adequate security measures which are the same or offer similar protection over the personal information as that employed by Genlib;
iv. the operator shall notify Genlib immediately where there are reasonable grounds to believe that any personal information has been leaked to or accessed by any unauthorised person;
v. if the operator is situated in another country, it must comply with the data protection laws in that country and be able to provide verification that it is so compliant;
vi. if an operator is legally obliged to disclose any personal information processed by them on Genlib’s behalf to other parties, it must notify Genlib beforehand enable Genlib and/or You to protect Your rights if necessary.
d. Genlib shall ensure that all personal information on its systems is properly backed up and that backup copies are stored separately from the live files.
14. Notification of Breach of Security
1. If personal information about You is inadvertently leaked or Genlib’s security has been unlawfully breached by any unauthorised party, Genlib shall immediately identify the relevant users who may be affected by the security breach, and shall contact them at their last known email address or contact details or by the quickest means possible.
2. Genlib shall provide sufficient information to You to allow You to take the necessary protective measures against the potential consequences of the compromise, or shall advise You of the steps to
3. be taken by You and the possible consequences that may ensue from the breach for You.
15. Decisions Based on Personal Information
a) If Genlib is required to make a decision about You using any personal information that has been obtained, it shall ensure that a record of such information and decision made is kept for a reasonable period of time to give You an opportunity to request access to that record;
b) Genlib may allow You a reasonable opportunity to make representations before any decision is made solely on the basis of the personal information processed, if that decision will affect Your legal position, or will otherwise adversely affect You in some manner or form;
c) Genlib shall always ensure that the underlying logic behind any decision made pursuant to the automated processing of personal information is sound and that underlying logic may be able to be communicated to You to enable You to make representations;
d) If Genlib has made a decision based on incorrect personal information, it shall immediately revisit that decision as soon as it receives notice or becomes aware of the error or inaccuracy of that information.
17. Cookies and Similar Technology
• Keeping track of information you have provided to us
• Improving your browsing experience
• Customising our interactions with you
• Storing and managing your preferences and settings
• Compiling statistical data
• Analysing the performance and usability of our website
• Measuring traffic patterns for our website
• Determining which areas of our website has been visited
These technologies collect information that your browser sends to our website including your browser type, information about your IP address (a unique identifier assigned to your computer or device which allows your PC or device to communicate over the internet), together with the date, time and duration of your visit, the pages you view and the links you click.
18. Retaining Your Personal Information
We will retain your personal information for as long as is necessary to fulfil the purpose for which it was collected unless a longer retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements.
The criteria we use to determine retention periods include whether:
• We are under a legal, contractual, or other obligation to retain personal information, or as part of an investigation or for litigation purposes;
• Personal information is needed to maintain accurate business and financial records;
• You have consented to us retaining your personal information for a longer retention period, in which case, we will retain personal information in line with your consent.
Once Genlib has achieved the purpose for the collection of Your personal information, it will destroy or delete such information, unless You have directed otherwise writing, or Genlib is required by law to retain the information for a longer period of time.
If Genlib no longer needs to process personal information to achieve the purpose originally specified, it will stop using that information.
19. Cross Border Transfers of Personal Information
a) Genlib does not intend sharing Your personal information with a third party in another country.
b) Genlib may transfer personal information to another country in the following circumstances, to which You consent:
i. the transfer is necessary for the conclusion or performance of a contract with a third party which is for the benefit of or in the interest of You;
ii. the transfer is otherwise for the benefit of You;
iii. You have consented to the transfer of Your information; or
iv. to store Your personal information electronically in a secure database, which shall be done by electronically transmitting Your personal information via a secure connection to, and storing Your personal information electronically in, a secure database hosted in an ISO27001 certified environment. Your personal information shall be hosted with an offshore hosting partner which is a European Union member, compliant with the EU Data Directive which provides data protection at least as protective as POPI , as selected by Genlib from time to time.
c) The service providers to which Genlib discloses Your personal information have the right to electronically transmit Your personal information via a secure connection to, and store Your personal information electronically in, a secure database hosted outside South Africa, provided they have security and privacy policies and procedures providing at least the same level of protection as Genlib does.
20. Change of Control
21. Choice of Law
23. Contact Us
For more information on your rights to privacy over your information, or the information processing activities of Genlib, please do not hesitate to contact us directly.