Privacy Notice

Organisation Details

Name: Phinity Risk Solutions (Pty) Ltd
Physical address: B107 Buchanan Square, 160 Sir Lowry Road, Woodstock, Cape Town, 7925
Postal address: PO Box 1171, Woodstock, 7925
Contact details: 021 201 1140
Website address of our organization:
Details of the information officer: Patrick Ryan


This privacy notice applies to all prospective, present and past Phinity Stakeholders, including but not limited to the following:

  • Employees and affiliate consultants
  • Customers (including persons that are involved in the course of service delivery)
  • Visitors
  • Third Party Service Providers / partners / operators / vendors (Third parties)
  • Subsidiaries and member companies


We are committed to protecting the privacy rights of our Stakeholders. This privacy notice describes our information handling and associated privacy practices. This includes:

  • How we collect personal information about our Stakeholders
  • How we process and use such personal information
  • How we may share personal information
  • How we secure personal information
  • Stakeholder rights


Types of personal information collected
We may collect the following types or categories of personal information, including:

  • Contact details such as name, email address, telephone number and work location.
  • Company details required for third parties and customer administration.
  • Confidential information that relates to organisations, for example, information security risks and controls.
  • Government issued identification numbers for the purposes of employee application validation, employee administration and third parties registration and administration.
  • Information related to candidate or employee race and disability status for BBBEE reporting purposes.
  • Other relevant personal information to enable the conduct of business.


Personal Information Handling Practices
We endeavour to notify our Stakeholders about the manner in which, and the purposes for which, we collect and use their personal information. We collect and use personal information for the following purposes:

  • To establish and maintain a relationship with our Customers, enabling ongoing service delivery.
  • To understand Customer needs and preferences. For example, we maintain a record of services you have purchased or signed up for.
  • Where the collection and processing is required by Law, for example, mandatory tax reporting requirements.
  • For audit and record keeping requirements.
  • To conduct statistical or market related research.
  • For the administration of remuneration, employment benefits and accounts payable / receivable.
  • To evaluate candidates and applicants who submit personal information for employment opportunities.
  • To effectively respond to queries submitted through our online “contact us” feature or to individual team members.
  • To communicate relevant services and information to Stakeholders.


We may use your personal information collected including but not limited to your name, email, company and job title for purposes of contacting you, sending notifications, updates and invitations to events. If you would like to withdraw your consent for such processing, you may use the contact us feature on this website.

We will only share personal information with authorised third parties, partners and vendors to communicate specific services or products that we feel you or your organisation may benefit from.

We may collect and process juristic and natural personal information in the course of carrying out contracted business (projects) with our clients as well as relating to prospective and current employees, as required by applicable employment legislation.

Unless required or permitted by law, Phinity shall not use or disclose personal information or sensitive personal information for a new purpose that has not been identified and consented to by you.


Currently we only use cookie technology that is strictly necessary for administration and operation of our website. These are necessary to enable you to click through our website.


Choice and Consent
In most circumstances, we receive personal information directly from you. For example, when you request Phinity services or tools, we may require personal information for contact or billing purposes.

Phinity will only require you to consent to the collection, use or disclosure of personal information as per the identified purposes in this Notice. We will not unreasonably withhold products, services or information if you refuse or withdraw your consent.

You may withdraw or modify your consent at any time, subject to legal and contractual restrictions, provided that reasonable notice is given to us. If you would like to withdraw your consent for such processing, you may use the “contact us” feature or send a query to  Please allow at least 30 days for us to effect changes in communication preferences.


Third Parties
We may make use of third party services to support our service delivery to Stakeholders. Our third parties are vetted in terms of information protection risks and agree to required privacy practices and controls. Examples of third parties with whom we may share personal information, include:

  • Member companies within Phinity
  • Regulators
  • Selected and contracted service providers that support our service delivery
  • Persons acting on our behalf (incl. affiliate consultants and third parties)
  • Auditors


We will not share personal information with third parties other than as disclosed in this notice or explicitly agreed with you. Further, we will only disclose your personal information if:

  • The law requires it.
  • We have a public duty to disclose the information.
  • If it is reasonably necessary to prevent illegal activity.
  • Our or your legitimate interests require disclosure.
  • You consented to such disclosure.


Cross Border Transfer
In certain instances, we may process Personal Information in other countries to support ongoing business delivery. Some countries may not have similar Privacy requirements; in which case we will ensure that the receiving parties agree to adequate Privacy Principles before we share such information.


How we secure Personal Information
We endeavour to protect the security, availability and confidentiality of Personal Information by implementing and maintaining reasonable technical and organisational controls. Our controls are aligned to leading practices and frameworks, including ISO27000 series and other generally accepted controls for information security.


Your Privacy rights
You may request access to, verification, restriction and deletion of your personal information upon reasonable grounds. Refer to the PAIA Manual for more information. Alternatively, and in countries outside of South Africa you may write to us and send your request to

If you would like to withdraw your consent for direct marketing, you may use the contact us feature on this website.


Queries and complaints
You may lodge a query or complaint directly with us through the contact us feature on this website or directly with our Information Officer.

Alternatively, you may lodge a complaint with the South African Information Regulator at


External links
Our website may contain links to external websites and sources of information. This does not indicate endorsement by Phinity and due care should be taken before following such links.


Information Regulator
Should you wish to contact the Information Regulator, we have provided their contact details:

Telephone: 012 406 4818
Fax: 086 500 3351


Maintenance of this notice
Last revision: November 2018
We reserve the right to update this notice on an ad hoc basis. To check for changes, please visit our website on a regular basis.


We believe in cutting through complexity and revolutionising the way you think about risk, by automating risk analysis and allowing resources to concentrate on risk management.