TERMS & CONDITIONS

Terms & Conditions of Membership

 

This Agreement governs the Terms and Conditions with regards to SIZA membership. By registering with SIZA, you as a SIZA member, agree to the following:

  • To implement the requirements of the SIZA social and/or environmental standards and to uphold the principle of continuous improvement before, during, and beyond the audit process in the business between audit periods.
  • To implement the SIZA programme requirements, which include but are not limited to, annual renewal of membership, annual updating of the self-assessment questionnaire (SAQ) and completion of third-party audits according to the SIZA risk matrix and corrective action plan in the given timeframes.
  • In cases where businesses knowingly exclude production units or sections on the farm/business without SIZA’s knowledge, the business risks the rejection of the audit report from SIZA and buyers, or possibly membership suspension. SIZA will not be liable or responsible in such a case for any misconduct, risk, or cost related to the issue.
  • To implement the necessary measures within your business to ensure personal information is shared with the required permission from employees and relevant third parties.
  • To allow the SIZA programme to have access to any documentation in relation to the profile, self-assessment questionnaire, remedy actions, best practices, third-party audit data, and digital monitoring data.
  • SIZA can share member data according to the market choices the member makes on the platform.
  • To allow SIZA to undertake the necessary checks and balances that are in the interests of maintaining the integrity of the programme.
  • To not deliberately breach the SIZA code requirements/legislation.
  • To not pervert the course of the audit through fraud, coercion, deception, or interference.
  • To not deliberately damage the SIZA brand reputation or integrity of the programme in any event.

The MySIZA platform and its security are monitored regularly, and great importance is placed on the security of your personal information, however, no data transmission over the internet can be guaranteed to be 100% secure. So, while we strive to protect your data, SIZA cannot guarantee or warrant the security of any information you transmit or receive from SIZA, and you do so at your own risk. All SIZA employees and service suppliers who deal with personal information are notified and reminded about the importance that is placed on privacy and what measures to follow to ensure that your information is protected. Although our information technology systems are operated and developed on Salesforce by Cloudsmiths, (a Salesforce Cloud Partner and AppExchange Partner), and although SIZA has partnerships with other platforms, we endeavour to ensure that appropriate security measures are in place to prevent unauthorised disclosure of any personal information. SIZA, will not be held liable for breach of information, for any reason whatsoever, at any time.   

Whilst we endeavour to ensure that the MySIZA platform is available 24 hours a day, we will not be liable if, for any reason whatsoever, the site is unavailable or not accessible for any period. 

This will include the relevant regulations as promulgated by the Protection of Personal Information Act, 2013 (“POPIA”) to ensure that the responsible parties acknowledge, protect, and actively safeguard the gathering, storage, and processing of personal information.

“Personal information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:

  • Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic, or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language, and birth of the person.
  • Information relating to the education or the medical, financial, criminal or employment history of the person.
  • Any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier, or other assignment to the person.
  • The biometric information of the person.
  • The personal opinions, views, or preferences of the person.
  • Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence.
  • The views or opinions of another individual about the person; and
  • the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

These Terms and Conditions, the SIZA PAIA Manual, and data protection and privacy policies endeavour to ensure that the eight (8) POPIA Conditions are met.

Accountability:

The responsible party must ensure that the conditions and all the measures set out in the Act that give effect to such conditions are complied with at the time of determining the purpose and means of the processing.

  • SIZA will ensure all requirements, as set out by the POPIA is met and implemented by the appointed Information Officer and relevant Deputy Information Officers.

Processing Limitation:

Personal information may only be processed in a fair and lawful manner and only with the consent of the data subject.

  • The SIZA member (data subject) will adhere to the privacy and information gathering principles set out by SIZA’s Terms and Conditions which prohibits the SIZA member (data subject) to give access to any unauthorised individual or group when submitting personal information of the business, employees, or other data.
  • As per SIZA’s Terms and Conditions, the SIZA member fully acknowledges and agrees to the information being used when registering with the programme on the MySIZA
  • If the personal information has been gathered from a third party, the SIZA member has to ensure consent has been given to the information being shared on the MySIZA
  • Only information that is required for the specific purpose for which it is gathered will be stored. SIZA may collect more information than required for the intended purpose for future use if the necessary consent from the SIZA member is obtained.

Purpose Specific:

Personal information may only be processed for specific, explicitly defined, and legitimate reasons.

  • Personal information and relevant data are gathered by SIZA for the sole purpose of assessing compliance to the SIZA Social and Environmental Standards, national labour and environmental legislation, applicable international conventions, and relevant buyer/market requirements. The purpose of the data and the information collected is to provide visibility to the relevant stakeholders, as is required between the SIZA primary member (who is a supplier of produce) to a particular market/buyer (who enters into a buying agreement with the particular supplier). SIZA members agree to be aware of the purpose for which personal information and data is gathered.
  • Personal information and data will be gathered and retained for as long as the data subject (SIZA member) is a member of the SIZA programme. In any event where a member cancels their membership with SIZA, the information will be deleted and destroyed from the MySIZA
  • SIZA will only delete and destroy information once a formal request has been made by the SIZA member (data subject) in writing or when the SIZA member (data subject) does not meet the requirements of the programme for continued membership (i.e., lapse in membership renewal payments, severe conduct that negatively impacts the integrity of the SIZA programme or continuously does not comply to other programme requirements).

Further Processing Limitation:

Personal information may not be processed for a secondary purpose unless that processing is compatible with the original purpose.

  • The further use or reuse of personal information will remain in accordance with the original intended purpose for gathering the information which is to monitor and evaluate compliance against the relevant Standards, legislation, and market requirements. In any event where personal information will be used for any other purpose, the data subject (SIZA member) will be notified, and consent will be provided prior to the use for further processing or alternative purpose.
  • SIZA members must adhere to the Terms and Conditions whereby it requires that members remain active and participate in the programme requirements, which includes the regular update of information for the intended purpose. SIZA members hereby acknowledge their responsibility to be aware of the continued use of the personal information and data for the intended purpose.

Information Quality:

The responsible party must take reasonable steps to ensure that the personal information collected is complete, accurate, not misleading, and updated where necessary.

  • Personal information and data will be validated, verified, and evaluated during third-party audits, between audit monitoring visits, and SAQs. The requirement to submit further evidence to a specific subject (if requested) must be adhered to by the member.
  • SIZA members can update their information at any time they wish to do so by logging in to their membership account. In any event that the SIZA member is unable to make changes, or requires assistance, they can contact the SIZA office via telephone or email during office hours. If in any scenario the SIZA member decides to withdraw consent for the sharing of any particular information, the member acknowledges that they do so on their own accord, and this may influence their risk rating or market acceptance. Members can withdraw consent but are limited in terms of the particular information they would like to limit or withdraw consent for. This is due to the fact that with the registration with the SIZA programme, the SIZA member does so in order to provide SIZA and the relevant third-party audit firms with access to evaluate compliance to supply global markets.
  • In an event where data is not complete, accurate or misleading due to members uploading incorrect or false data, SIZA and their independent and third-party partners are not liable for any misconception that is created by incorrect or false and misleading data that can influence data reports or create misperception with buyers.

Openness:

The data subject whose information you are collecting must be aware that you are collecting such personal information and for what purpose the information will be used.

SIZA members’ information will only be gathered, stored, and evaluated when the SIZA member joins the programme by formally registering on the MySIZA Platform, and agreeing to the Terms and Conditions. The information is then gathered through the completion of a Self-Assessment Questionnaire (SAQ) which is completed by the SIZA member, and/or via Digital Monitoring Tools, which is also completed by the member themselves, and information related to the SIZA member following a third-party audit conducted by a recognised audit firm. Consent to obtain the information during the audit is included in the SIZA Terms and Conditions but allows for further consent to be given between the SIZA member and the audit firm.

  • The SIZA member acknowledges the gathering, storage and processing of information when registering with the programme and agreeing to the Terms and Conditions.
  • The MySIZA Platform is developed and designed to only allow access to the member once the Terms and Conditions have been accepted.

Security Safeguards:

Personal information must be kept secure against the risk of loss, unlawful access, interference, modification, unauthorised destruction, and disclosure.

  • SIZA will manage the gathering, processing, and storage of information via a digital platform, namely the MySIZA The Platform is built on Salesforce which ensures further credibility in terms of the management of data. There is a formal protection of personal information and data privacy agreement in place with Salesforce to ensure the protection of data and personal information for all members. Strict adherence to safety protocols will be followed to ensure no personal information is distributed to any unauthorised party.
  • SIZA will conduct a security risk assessment to evaluate any possible internal or external risks to personal information.

Data Subject Participation:

Data subjects may request whether their personal information is held, as well as the correction and/or deletion of any personal information held about them.

  • SIZA members may request information from SIZA on whether SIZA holds their personal information. This request will not be declined. The full nature and details of the information being held will be provided on request.
  • The SIZA member has the right to correct the personal information that is stored on the MySIZA They also have the right to withdraw consent at any time. The SIZA member can do so by contacting the SIZA office telephonically or via email after which the request will be directed to the CEO of the company for further action.

Although SIZA will take precaution to keep data confidential, SIZA has a responsibility according to the programme specifications to involve and notify relevant parties that will be at risk, such as buyers, when a critical finding has been made or severe practices in breach of the SIZA code principles/legislation have been identified.

SIZA members shall use the SIZA trademark or logo and or any other IP rights of SIZA in the manner and according to the rules provided by SIZA and shall not alter, modify, or distort them in any way. For more information regarding the use of the SIZA logo and branding, please contact Retha Louw (retha@siza.co.za).

You may stop using the SIZA programme at any time. Cancelling your profile can be done by completing a cancellation form and notifying the SIZA office. It is important to note once you cancel your SIZA membership and profile that all visibility on partner platforms will also be cancelled and all data will be deleted on all platforms. In any event where you decide to register an account again, you will have to start from the beginning to build up credibility and visibility with stakeholders.

Membership granted to you will continue until membership expires or a cancellation notification is received as described in the Termination/cancellation paragraph. Terms & Conditions will be valid and applicable until a termination/cancellation application is submitted by the member to the SIZA office.

SIZA may modify these Terms and Conditions Agreement, for example, to reflect changes to our Service or for legal, regulatory, or security reasons. SIZA will provide reasonable advance notice of any modifications to this Agreement and the opportunity to review these changes. However, changes addressing newly available features of the Programme or changes made for legal reasons may be effective immediately without notice. Changes will only apply going forward. If you do not agree to the modified terms, you may cancel your membership by notifying the SIZA office.

By accessing any part of the MySIZA Platform or the SIZA Programme, you shall be deemed to have accepted these terms in full. These terms shall be governed by and construed in accordance with relevant South African and applicable international legislation.