Privacy Policy

1. INTRODUCTION

1.1​ Purpose​
1.2​ Scope​
1.3​ Legislation and Regulations​
1.4​ Roles and Responsibilities​

2.​INFORMATION COLLECTION​
2.1​ Services in collaboration with business partners​
2.2​ Persons under 18 years of age​

3.​PURPOSE AND USE OF INFORMATION​
3.1 Information required to identify an applicant and/or client
3.2 Contact information
3.3 Financial records and information
3.4 Information to determine creditworthiness
3.5 Information required for AFG’s agreements
3.6 Information to determine legal capacity
3.7 Information for statistical purposes and research
3.8 Information for litigation, disciplinary, and incapacity proceedings
3.9 Information required by legislation

4. MARKETING AND OPTING OUT

5.​ RETENTION AND DESTRUCTION OF INFORMATION​

6.​ INFORMATION PRESERVATION AND PROTECTION​

7.​ INFORMATION DISCLOSURE​

8.​ YOUR RIGHT TO ACCESS INFORMATION​

9.​ INFORMATION BREACH NOTIFICATION​

10.​ AMENDMENT OF THIS PRIVACY POLICY​

11.​CONTACT US​
11.1 ​AFG Information Officer​

11.2​ Information Regulator (South Africa)

2. INFORMATION COLLECTION

To make use of AFG’s products and services you are required to provide us with your personal information including but not limited to your South African ID number or passport number (for non-South African citizens), name, surname, contact information and other personal details.

You may provide personal information to us either directly or indirectly (through a person acting on your behalf), by completing an application form for our products and services or requesting further information about our products and services, whether in writing, through our website, over the telephone, or any other means.

We only collect information that is reasonably necessary for our business functions and activities and related purposes. The type of information we collect and hold, will depend on the purpose for which it is collected and used. Where possible, we will inform you what information you are required to provide to us and what information is optional. The information we process is typically to provide you with the products and services offered by AFG, to manage and improve our day-to-day operations, to manage and improve our website and platform with the aim of improving your customer experience.

We may also collect your personal information from a person acting on your behalf, any regulator, or other third party that may hold such information.

You agree to give accurate and current information about yourself to AFG and to maintain and update such information when necessary. To improve the accuracy of our data and get to know our clients better, we may enrich it from other third parties, including credit bureaus.

2.1 Services in collaboration with business partners

AFG has various business-and-lending partners. In order for us to deliver our products and services, varying levels of information are required to be processed, including obtained from or shared with relevant external business partners to verify against, or facilitate the services offered by the business partner. When you agree to AFG and/or business partner’s terms and conditions, it allows us to share relevant information to facilitate the product or service being rendered to you.

Note that, for some of our products, we may require you to provide additional information directly to a business partner of ours. In such instance, AFG processes this information on the business partner’s behalf, and as such, the relevant business partner remains responsible for protecting this information, not AFG. When signing up with one of our business partners, it is important for you to recognise that you are establishing a direct, binding relationship with such a partner under their terms and conditions and related privacy policies and that they would be the responsible party under POPIA.

2.2 Persons under 18 years of age

AFG is committed to protecting the privacy of our clients, and we do not knowingly collect any information from individuals under the age of 18 years unless required by applicable laws and regulations. Our website, products and services are intended for individuals who are at least 18 years or older.

In certain instances, we may legally be obligated to collect personal information from persons under the age of 18 years for the specific purpose of establishing the ultimate beneficial owners and beneficiaries of a trust in accordance with section 21B of the Financial Intelligence Centre Act 38 of 2001.

If we are required to collect information from individuals under the age of 18 for legal or regulatory reasons, we will ensure strict compliance with POPIA and other relevant data protection laws. We will communicate the necessity of such collection to users, provide details about the specific purposes, and obtain any required consents.

3. PURPOSE AND USE OF INFORMATION

AFG uses your information for the specific purposes for which it was collected or agreed with you, aimed at facilitating the provision of our comprehensive range of financing services. Our information collection practices are designed to not only support the delivery of our products and services but also to ensure compliance with various laws and regulations.

Examples of information collected from you or other sources and processed by AFG are detailed below and linked to the purpose thereof. This list is not exhaustive and may include any other relevant data required for the specified purposes.

3.1 Information required to identify an applicant and/or client:

• Purpose: To establish the identity of individuals involved with or ralted to AFG, including clients, suppliers, business and lending partners, employees, contractors, directors, members, trustees and shareholders.
• Examples: Name, identity and registration numbers, obtained from the data subject directly or from the Companies and Intellectual Property Commission, copies of identity documents, constitutional documents, including registration certificates, memorandums of incorporation, letters of authority and trust deeds, founding statements and partnership agreements, telephone and cell phone numbers and e-mail addresses.

3.2 Contact information:

• Purpose: To facilitate essential support, communications as well as to better customise our offering to you.
• Examples: Telephone numbers, email addresses and/or any other contact particulars.

3.3 Financial records and information:

• Purpose: To assess a client’s creditworthiness, manage risk, and ensure regulatory compliance. Financial records aid in determining suitable financing terms, monitoring financial performance, and making informed decisions about approving or declining credit application.
• Example: financial records and information including, financial statements, management accounts and copies of bank account statements.

3.4 Information to determine creditworthiness:

• Purpose: To assess the creditworthiness of individuals or entities and to conduct a credit assessment.
• Example: Credit checks, including credit bureau information, Deeds Office information and bank codes.

3.5 Information required for AFG’s agreements:

• Purpose: To fulfil contractual obligations and maintain records related to agreements with clients, suppliers, business and lending partners, employees and contractors.
• Examples: Invoices, information about related directors, members, trustees, shareholders, resolutions, minutes of meetings, share certificates, title deeds, bond documentation, CV’s, records related to the appointment of officials, auditors, tax records, personnel records, correspondence, contracts, and records regarding assets and liabilities.

3.6 Information to determine legal capacity:

• Purpose: To verify the legal capacity of individuals, particularly in relation to matters such as contracts and business transactions.
• Examples: Marriage certificates, birth certificates, Deeds Office information, constitutional documents.

3.7 Information for statistical purposes and research:

• Purpose: To gather data for statistical analysis, market research, and to improve services and communication with clients.
• Examples: Information collected from AFG’s website, lists of products and services of interest, personal or professional interests, demographics, experiences with AFG’s products.

3.8 Information for litigation, disciplinary, and incapacity proceedings:

• Purpose: To collect evidence and information for legal, disciplinary, or incapacity proceedings.
• Examples: Records relevant to litigation, disciplinary proceedings or investigations.

3.9 Information required by legislation:

• Purpose: To comply with legal requirements and obligations imposed by relevant legislation.
• Examples: Any information required by specific laws and regulations applicable to AFG.

We may also use your information for the following reasons:

• complying with statutory and regulatory requirements in respect of the storage and maintenance of documents and information;
• providing customer service and assessing customer complaints;
• detecting and preventing fraud and money laundering and/or in the interest of security and crime prevention;
• assisting in law enforcement, fraud investigations, anti-money laundering and counter-terrorist financing initiatives;
• providing you with the services, products or offerings you have requested, and notifying you about important changes to these services, products or offerings;
• managing your account or relationship and complying with your instructions or requests;
• operational, marketing, auditing, legal and record keeping requirements;
• recording and/or monitoring your telephone calls and electronic communications to/with AFG in order to accurately carry out your instructions and requests, to use as evidence and in the interests of crime prevention;
• conducting market research and providing you with information about AFG’s products or services from time to time via email, telephone or other means (for example, events);
• disclosing your personal information to third parties, for example, business or lending partners (in which case we will have agreements in place to secure the confidentiality of your Personal Information) for reasons set out in this policy or where it is not unlawful to do so;
• monitoring, keeping record of and having access to all forms of correspondence or communications received by or sent from AFG or any of its employees, agents or contractors, including monitoring, recording and using as evidence all telephone communications between you and AFG;
• improving or evaluating the effectiveness of AFG’s business or products, services or offerings;
• conducting internal investigations; and
• prevention and control of any disease.


4. DIRECT MARKETING AND OPTING OUT

If you are an existing client, we may communicate with you based on the preferences as selected by you in relation to products or services you have signed up for. This may include making contact via telephone, email, SMS, WhatsApp (or other cross-platform messaging service), social media and other channels about products and or services which may be of interest to you. If you are not considered to be a client, we will obtain your consent to opt-in to direct marketing.


5. RETENTION AND DESTRUCTION OF INFORMATION

Information that AFG collects is kept in a form which permits your identification for no longer than is necessary to fulfil the purposes for which it was collected and processed in each specific case, and in any case not longer than as specified by the relevant applicable laws unless we have your consent to process it indefinitely.

AFG will retain your information after the completion of the transaction where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our agreement.

If none of the afore-mentioned scenarios are required, AFG will permanently delete (electronic) and shred (paper) after the purpose of collection the information has expired.


6. INFORMATION PRESERVATION AND PROTECTION

We commit to taking all reasonable steps to safeguard your personal information from loss, misuse, or unauthorised alteration. While certain functions of the AFG may involve manual operations, trusted employees with access to your personal information are contractually obligated to maintain confidentiality.

Our commitment to protecting the information we collect extends to both our premises and the assistance of service providers, aligning with the principles of confidentiality, integrity, availability and privacy. This guides our objectives in areas such as culture improvement, risk-based protection, legal compliance, detection and response capabilities, and the integration of security into business decisions.

Recognising the inherent vulnerabilities in data transmission and IT systems, we cannot guarantee the absolute security of information transmitted over the internet or stored on our services. However, we undertake every reasonable measure within our control to protect and maintain the accuracy of your information, adhering to a commitment to data quality for the provision of enhanced services.


7. INFORMATION DISCLOSURE

Notwithstanding anything to the contrary in this policy, AFG reserve the right to disclose any information about you if we are required to do so by law, and if we believe such action is necessary to:

(a) fulfil a government request;
(b) conform with the requirements of the law or legal process;
(c) protect or defend our legal rights or property, our website, or other users; or
(d) in an emergency to protect the health and safety of our website’s users or the general public.

Authorised AFG employees, consultants or business and lending partners will have access to some or all of your information. We may also disclose your information within our group of companies.

We do use service providers to provide our services and maintain our systems, including but nit limited to maintenance, security, analysis, audit, payments, customer service, marketing,and system development. These partners will have access to your information as reasonably necessary to perform these tasks on our behalf.


8. YOUR RIGHT TO ACCESS INFORMATION

You have the right:

• free of charge, to confirm with us whether we hold any information about you;
• at a prescribed fee, which we will give you a written estimate of to request the record of information held by us;
• to request a description of the information held by us, including information about the identity of all third parties, or categories of third parties, who have, or have had, access to the information;
• to update and correct any out-of-date or incorrect information we hold about you;
• destroy or delete a record of information of you which we are no longer authorised to retain, and
• update your communication preferences and / or unsubscribe from communications we may send you.

Before we provide you with access to your information, we may require proof of identity. We may require up to 21 (twenty-one) days to respond to any requests for information. We may refuse to disclose some information in accordance with PAIA.

If you require AFG to delete and/or remove any and/or all your information that we have about you, please also contact our offices. Note that you will probably have to terminate all agreements you have with us as we cannot maintain our relationship with you without at least having some of your information. We may also refuse to delete and/or remove some of your information if we are required by law to retain it or if we need it to protect our rights.


9. INFORMATION BREACH NOTIFICATION

A security compromise or information breach can be described as a threat to the confidentiality, integrity, availability or privacy of IT systems and/or information. Such incidents are governed by AFG and our services providers which allows us to deal with the compromise/breach and/or loss in an efficient and effective manner. One of the key pillars of this process is keeping all impacted stakeholders informed and updated.

When there are reasonable grounds to believe that your information has been accessed, altered, deleted, or acquired by any unauthorised person, we will notify the Information Regulator and yourself in cases where your identity can be established. This notification will be done in accordance with the provisions of POPIA and as soon as reasonably possible after the discovery of the compromise, considering the legitimate needs of law enforcement or any measures reasonably necessary to determine the scope of the compromise and to restore the integrity of our systems.


10. AMENDMENT OF THIS PRIVACY POLICY

We may amend this policy from time to time for any of the following reasons:

• to provide for the introduction of new systems, methods of operation, services, products, property offerings or facilities;
• to comply with changes to any legal or regulatory requirement;
• to ensure that this policy is clearer and more favourable to you;
• to rectify any mistake that may be discovered from time to time; and/or
• for any other reason which AFG, in its sole discretion, may deem reasonable or necessary.

Any such amendment will come into effect and become part of any agreement you have with AFG by publication of the amended policy on our website. It is your responsibility to check the website often.

11. CONTACT US

11.1 AFG Information Officer

If you have questions about this privacy policy or wish to exercise your rights in terms of access to, correction, or deletion of your information, please contact our Information Officer so that we can attempt to resolve your query.