|
1.
|
Member Information
|
|
|
ALLSA shall ensure that:
|
|
|
1.1
|
member information shall be obtained only for the
purpose of delivering and improving the Services and
will not be processed in any manner incompatible with
this purpose;
|
|
|
1.2
|
member information shall be adequate, relevant and not
excessive in relation to the abovementioned purpose for
which it is collated and/or processed;
|
|
|
1.3
|
member information shall be accurate, and where
necessary, kept up to date and reasonable steps shall be
taken to ensure that information which is inaccurate
and/or incomplete, having regard to the purpose for
which it was collected, is erased or rectified;
|
|
|
1.4
|
member information shall be kept in a format which
permits identification for no longer than is necessary
for the purpose for which the information was collected
or processed.
|
|
|
|
2
|
Member Consent
|
|
|
Member information may only be processed if:
|
|
|
2.1
|
the member has unambiguously given his consent; or
|
|
|
2.2
|
processing is necessary for:
|
|
|
|
2.2.1
|
the performance of a contract to which the member is a
party; or
|
|
|
|
2.2.2
|
in order to take steps at the request of the member
prior to entering into a contract; or
|
|
|
|
2.2.3
|
for compliance with a legal obligation to which ALLSA is
subject; or
|
|
|
|
2.2.4
|
the performance of a task carried out in the public
interest or in the exercise of official authority vested
in the recipient; or
|
|
|
|
2.2.5
|
for purposes of the legitimate interest pursued by
ALLSA, except where such interest is overridden by the
interest for fundamental rights as reflected in the
constitution.
|
|
|
|
3.
|
Access to Member Information
|
|
|
ALLSA shall ensure that:
|
|
|
3.1
|
access to, or disclosure of member information will not
be authorized without the documented commitment of the
intended recipient so as to maintain confidentiality and
the rightful use of such information;
|
|
|
3.2
|
access to member information by ALLSA personnel,
contract workers, consultants, service providers or
suppliers will be restricted to the level of access
needed to effectively perform delegated or contracted
duties and/or the level of service needed to render a
reliable and effective service to ALLSA members.
|
|
|
|
4.
|
Preventative Measures
|
|
|
ALLSA shall ensure that appropriate technical and
organizational measures shall be taken against the
unauthorized access, processing or disclosure of member
information
|