Privacy Policy

Multi-Furniture & Appliance

Privacy Policy

Effective Date 23 August 2021

Multi-Furniture & Appliances is committed to protecting the online privacy of its users on this website and as such this Privacy Policy has been written to allow you to understand the policy, as well as how your personal information will be handled when using this website. This Privacy Policy will also provide you with information so that you are able to consent to the processing of your personal data in an explicit and informed manner where appropriate.

In general, any information and data which you provide to MFA over the website or which is otherwise gathered via the website by MFA, will be processed by MFA in a lawful, fair and transparent manner to this end and as further described below. MFA takes into consideration nationally recognised principles governing the processing of personal data such as purpose limitation, storage limitation, data minimisation, data quality and confidentiality.

Contents:

  1. Data controller and Data Protection Officer
  2. Personal Data processed
  3. Purposes of processing
  4. Grounds for processing and mandatory or discretionary nature of processing
  5. Recipients of Personal Data
  6. Transfer of Personal Data
  7. Retention of Personal Data
  8. Data subjects’ rights
  9. Amendments

1. Data controller and Data Protection Officer

MFA, as identified at the top of this Privacy Policy, is the data controller regarding all personal data processing carried out through the Website.

To get in touch with MFA’s Data Protection Officer, please contact: support@mfaonline.co.za

2. Personal Data processed

When you use the Website, MFA will collect and process information regarding you (as an individual) which allows you to be identified either by itself or together with other information which has been collected. MFA may also be able to collect and process information regarding other persons in this same manner only if you choose to provide the respective information.

This information may be classified as “Personal Data” and can be collected by MFA both when you choose to provide it (e.g., when you sign up for an account to receive the MFA online service) or simply by analysing your behaviour on the Website.

Personal Data which can be processed by MFA through the Website are as follows:

2.1. Name, contact details and other Personal Data.

In various sections of the Website – including if you decide to create an account on the Website – you will be asked to submit information such as your name, phone / mobile numbers, e-mail address, gender, date of birth, country of residence and address.

In addition, whenever you participate in surveys and other promotions or contests which may be available on the website from time to time, as well as whenever you communicate with MFA through the contact details provided on the website or by telephone with Customer Services, MFA may collect additional information which you choose to provide. This is also the case regarding any information you choose to disclose in certain sections of the website which allow you to participate in a public forum or to contact MFA directly.

2.2. Special categories of Personal Data

Certain areas of the Website include free text fields where you can write messages to MFA, or otherwise allow you to post various types of content on the Website, which may contain Personal Data.

Where these fields are completely free, you may use them to disclose or may post content which discloses (inadvertently or not) more sensitive categories of Personal Data, such as data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs. The content you upload in these fields may also (inadvertently or not) include other types of sensitive information relating to you, such as your genetic data, biometric data or data concerning your health, sex life or sexual orientation.

MFA asks that you do not disclose any sensitive Personal Data in these free text fields or in your posts on the Website unless you consider this to be strictly necessary. If you do, then you will be considered as having consented to MFA’s processing of this Personal Data, which will be considered lawful also since you have publicly disclosed it on the Website.

In any case, MFA would stress the importance of providing your explicit consent to process this sort of Personal Data (e.g.: by declaring that you consent to processing in the message you write in the free text fields or posts), if you decide, nonetheless, to share it.

2.3. Other persons’ Personal Data

As mentioned in the previous section, certain areas of the Website include free text fields where you can write messages to MFA or otherwise allow you to post various types of content on the Website. These messages and content may (inadvertently or not) include Personal Data related to other persons.

In any situation where you decide to share Personal Data related to other persons, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. This means, among other things, that you must fully indemnify MFA against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, brought by the third parties whose information you provide through the Website.

As MFA does not collect this information directly from these third parties (but rather collects them, indirectly, from you), you must make sure that you have these third parties’ consent before providing any information regarding them to MFA if not, then you must make sure there is some other appropriate grounds on which you can rely to lawfully give MFA this information.

2.4. Browsing data

The Website’s operation is currently standard as per any other websites on the Internet. It involves the use of computer systems and software procedures which collect information about the Website’s users as part of their routine operation. While MFA does not collect this information to link it to specific users it is still possible to identify those users either directly via that information or by using other information collected – as such, this information must also be considered Personal Data.

This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website. The time of requests made. The method used to submit requests to the server. The dimensions of the file obtained in response to a request. The numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on.

The data will be used to compile statistical information on the use of the Website as well as to ensure its correct operation and identify any faults and/or abuse of the Website.

2.5. Cookies

Cookies are small text files that may be sent to and registered on your computer by the websites you visit to then be re-sent to those same sites when you visit them again. It is thanks to these cookies that those websites can “remember” your actions and preferences (e.g. login data, language, font size, other display settings, etc.), so that you do not need to configure them again when you next visit the website, or when you change pages within a website.  

Cookies are used for   electronic authentication, monitoring of sessions and storage of information regarding your activities when accessing a website. They may also contain a unique ID code which allows tracking of your browsing activities within a website and for statistical or advertising purposes. Some operations within a website may not be able to be performed without the use of cookies which, in certain cases are technically necessary for operation of the website.

When browsing a website, you may also receive cookies from websites or web servers other than the website being visited (i.e., “third-party cookies”).

There are various types of cookies, depending on their characteristics and functions, which may be stored on your computer for different periods of time: “session cookies”, which are automatically deleted when you close your browser, and “persistent cookies”, which will remain on your device until their pre-set expiration period passes.

According to the law which may be applicable to you, your consent may not always be necessary for cookies to be used on a website. In particular, “technical cookies” – i.e., cookies which are only used to send messages through an electronic communications network, or which are needed to provide services you request – typically do not require this consent. This includes browsing or session cookies (used to allow users to login) and function cookies (used to remember choices made by a user when accessing the website, such as language or products selected for purchase).

On the other hand, “profiling cookies” – i.e., cookies used to create profiles on users and to send advertising messages in line with the preferences revealed by users while browsing websites – typically require specific consent from users, although this may vary according to the applicable law.

The Website uses the following types of cookies: 

  • Browsing or session cookies: which are strictly necessary for the Website’s operation, and/or to allow you to use the Website’s content and Services.
  • Analytics cookies: which allow MFA to understand how users make use of the Website and to track traffic to and from the Website.
  • Function cookies: which are used to activate specific Website functions and to configure the Website according to your choices (e.g., language), to improve your experience.
  • Profiling cookies: which are used to observe the preferences you reveal through your use of the Website and to send you advertising messages in line with those preferences.
  • Heat Map Cookies: which are used to identify the most common functions used on the website.

 CAUTION: If you block or delete technical and/or functional cookies used by the Website, the Website may become impossible to browse and certain services or functions of the Website may become unavailable or other malfunctions may occur. In this case, you may have to modify or manually enter some information or preferences every time you visit the Website.

3. Purposes of processing

MFA intends to use your Personal Data collected through the Website for the following purposes:

  • To verify your identity and assist you in case you lose or forget your login/password details for any of MFA registration services to allow you to participate in the Website’s forums and discussions by maintaining a registered user profile as well as managing and registering your participation and to provide any other Services which you may request (“Service Provision”);
  • For future marketing, promotional and publicity purposes, including to allow participation in contests and promotions available via the Website as well as to carry out direct marketing, market research and surveys via e-mail, SMS, push notifications, over the phone, through an operator and through MFA’s official social media pages (“Marketing”);
  • To create a profile of you as a website user using profiling cookies and by collecting and analyzing information on the preferences you select and choices you make on the website as well as your general activities on the website. This profile will be used to give you information and advertisements which may be relevant to you and your interests. (“Profiling”).
  • For compliance with laws which are imposed upon MFA and the collection and/or further processing of certain kinds of Personal Data (“Compliance”)
  • For development and administration of the website and in particular by use of data analytics regarding how you and other users use the website as well as the information and feedback you provide to improve our offerings (“Analytics”);
  • To prevent and detect any misuse of the Website or any fraudulent activities carried out through the Website (“Misuse/Fraud”).

4. Grounds for processing and mandatory/discretionary nature of processing

The MFA legal bases to process your Personal Data and according to the purposes identified in Section 3, are as follows:

  • Service Provision: processing for these purposes is necessary to provide the Services and therefore is necessary for the performance of a contract with you. It is not mandatory for you to give MFA your Personal Data for these purposes however if you do not MFA will not be able to provide any services to you.
  • Marketing: processing for these purposes is based on your consent. It is not mandatory for you to give consent to MFA for use of your Personal Data for these purposes and you will suffer no consequence if you choose not to (aside from not being able to receive further marketing communications from MFA). Any consent given may also be withdrawn at a later stage.
  • Profiling: processing for this purpose is based on your consent given by accepting the use of profiling cookies. It is not mandatory for you to give consent to MFA for use of your Personal Data for this purpose and you will suffer no consequence if you choose not to (aside from not being able to benefit from greater personalization of your user experience regarding the Website). Any consent given may also be withdrawn at a later stage.
  • Compliance: processing for this purpose is necessary for MFA to comply with its legal obligations. When you provide any Personal Data to MFA, MFA must process it in accordance with the laws applicable to it which may include retaining and reporting your Personal Data to official authorities for compliance with tax, customs, or other legal obligations.
  • Analytics: Information collected for this purpose is used to allow MFA to understand how users interact with the Website and to improve the Website accordingly with the aim to providing a better user experience.
  • Misuse/Fraud: Information collected for this purpose is used exclusively to prevent and detect fraudulent activities or misuse of the Website (for potentially criminal purposes).

5. Recipients of Personal Data

Your Personal Data may be shared with the following list of persons / entities (“Recipients”):

  • Persons, companies, or professional firms providing MFA with advice and consultancy regarding accounting, administrative, legal, tax, financial and debt collection matters related to the provision of the Services.
  • Entities engaged to provide the Services (e.g., hosting providers or e-mail platform providers).
  • Entities engaged as data processors to carry out processing activities related to Marketing on MFA’s behalf where you have consented to processing of your Personal Data for these purposes (e.g., SMS engines).
  • Persons authorized to perform technical maintenance (including maintenance of network equipment and electronic communications networks).
  • Persons authorized by MFA to process Personal Data needed to carry out activities strictly related to the provision of the Services who have undertaken an obligation of confidentiality or are subject to an appropriate legal obligation of confidentiality (e.g. employees of MFA).
  • Other companies within the MFA Group and Public entities, bodies or authorities to whom your Personal Data may be disclosed in accordance with the applicable law or binding orders of those entities, bodies or authorities.

6. Transfer of Personal Data

Considering MFA’s National presence and business operations your Personal Data may be transferred to recipients located in several different regions. MFA implements appropriate safeguards to ensure the lawfulness and security of these Personal Data transfers.

7. Retention of Personal Data

Personal Data processed for Service Provision will be kept by MFA for the period deemed strictly necessary to fulfil such purposes – in any case as these Personal Data are processed for the provision of the Services, MFA may continue to store this Personal Data for a longer period as may be necessary to protect MFA’s interests related to potential liability related to the provision of the Services.

Personal Data processed for Marketing and Profiling will be kept by MFA from the moment you give consent until the moment you withdraw the consent given. Once consent is withdrawn Personal Data will no longer be used for these purposes although it may still be kept by MFA, in particular as may be necessary to protect MFA’s interests related to potential liability related to this processing.

Personal Data processed for Compliance will be kept by MFA for the period required by the specific legal obligation or by the applicable law.

Personal Data processed for Analytics and Misuse/Fraud will be kept by MFA for as long as deemed strictly necessary to fulfil the purposes for which it was collected unless you validly object to the processing of your Personal Data for these purposes.

8. Data subjects’ rights

Under the Regulation, you, as a data subject are entitled to exercise the following rights before MFA, at any time:

  • Access your Personal Data being processed by MFA (and/or a copy of that Personal Data) as well as information on the processing of your Personal Data;
  • Correct or update your Personal Data processed by MFA where it may be inaccurate or incomplete.
  • Request erasure of your Personal Data being processed by MFA, where you feel that the processing is unnecessary or otherwise unlawful.
  • Request the restriction of the processing of your Personal Data, where you feel that the Personal Data processed is inaccurate, unnecessary, or unlawfully processed or where you have objected to the processing.
  • Exercise your right to portability: the right to obtain a copy of your Personal Data provided to MFA, in a structure commonly used and machine-readable format as well as the transmission of that Personal Data to another data controller.
  • Object to the processing of your Personal Data based on relevant grounds related to your situation which you believe must prevent MFA from processing your Personal Data or Withdraw your consent to processing (for Marketing and Profiling).
  • Please note that most of the personal information you provide to MFA can be changed at any time including your e-mail preferences by accessing the user profile you can create on the Website.

You can withdraw consent regarding processing for Marketing by selecting the appropriate link included at the bottom of every marketing e-mail message received.

Aside from the above means you can also exercise your rights described above by sending us a support request via the Website or by sending a written request to MFA at the following address: 40 Berg Road, Marburg, Port Shepstone, 4252

In any case, please note that, as a data subject you are entitled to file a complaint with the competent supervisory authorities for the protection of Personal Data, if you believe that the processing of your Personal Data carried out through the Website is unlawful.

9. Amendments

This Privacy Policy entered into force on 31 August 2021. Multi-Furniture & Appliance reserves the right to amend this Privacy Policy partly or fully or simply to update its contents, e.g., as a result of changes in applicable law. MFA will inform you of such changes as soon as they are introduced, and they will be binding as soon as they are published on the Website. MFA therefore invites you to regularly visit this Privacy Policy in order to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remain constantly informed on how MFA collects and uses Personal Data.