Privacy Policy

1 ABOUT

This Privacy Policy governs the manner in which Momentum Metropolitan (‘we’, ‘our’, ‘us’, ‘MMH’) treats your personal information, collected electronically when you use our website, which can be found at (www.momentummetropolitan.co.za), to apply online for certain products and services, contact us electronically or register for one of the services we offer on the website.

We respect your privacy and your personal information and for this reason, we will take all reasonable measures, in accordance with this Policy, to protect your personal information to keep it confidential, even when you are no longer our client.

We will maintain the confidentiality of your personal information and comply with the Protection of Personal Information Act 4 of 2013 (POPIA) when processing your personal information.

This policy applies to South African entities within the Momentum Metropolitan Holdings Limited of companies, its subsidiaries, operating divisions, business units, licensed entities, management-controlled entities and activities.

Momentum Metropolitan comprises of companies that provide, among others, the following products and services:

  • Advisory Services
  • Advanced Analytics
  • Claims Processing
  • Claims Administration
  • Financial services
  • Fiduciary Services
  • Health benefits
  • Loyalty rewards and benefits
  • Insurance products
  • Investment management services
  • Insights and Research
  • Investment products
  • Medical schemes and pension fund administration
  • Managed care services
  • Retirement products
  • Savings Products
  • Payment products and services

 

We briefly outline these principles below:

  • We will only collect, disclose, collate, process and store ('use') your personal information with your express written permission, unless legally required to do so, and will only use such information for the lawful purpose for which it is required.
  • We will disclose in writing, the specific purpose for which we use, request and store your personal information. We will also keep a record of that personal information and the specific purpose for which we collect it.

 

2 INFORMATION DISCLOSURE

2.1 What is personal information?

  • Personal information refers to any information that identifies you or specifically relates to you. Personal information includes, but is not limited to, the following information about you: 
  • Your marital status (like married, single, divorced); your national origin; your age; your language; birth; education. 
  • Your financial information, which may include your financial history and information (like your income or your buying, investing and banking behaviour based on, amongst others, account transactions).
  • Your identifying number (like an account number, identity number or passport number). 
  • Your e-mail address; location information; physical address (like residential address, work address or your physical location); and telephone number (including your cellular number, home landline or office work number). 
  • Your online identifiers such as social media profiles. 
  • Your biometric information (like fingerprints, face recognition, signature or voice). 
  • Your race and/or gender.
  • Your physical health; mental health; wellbeing; disability; religion; belief; conscience; culture. 
  • Your medical history (like your HIV / AIDS status and any medical history disclosed or obtained); criminal history; employment history. 
  • Your personal views, preferences and opinions. 
  • Your confidential correspondence; and / or 
  • Another’s views or opinions about you and your name also constitute your personal information.

 

2.2 What is special personal information

Special personal information is personal information about the following: 

  • Your religious and your philosophical beliefs (for example where you enter a competition, and you are requested to express your philosophical view). 
  • Your race (like where you apply for a product or service where the statistical information must be recorded). 
  • Your ethnic origin.
  • Your trade union membership.
  • Your political beliefs.
  • Your health (like where you apply for an insurance policy or medical/health related products);
  • Your biometric information (like to verify your identity); and / or
  • Your criminal behaviour and alleged commission of an offence (like to prevent money laundering as required by law or when you apply for employment or enter into a relationship with us).

 

2.3 How does Momentum Metropolitan collect personal information?

The company collects information either directly from you, the data subject, the employer or through financial services intermediaries. In certain instances, Momentum Metropolitan may appoint third parties to collect information on its behalf. The source from which personal information was obtained, if not directly from the data subject, will be disclosed.

 

2.4 What type of personal information does Momentum Metropolitan collect?

Personal information collected by Momentum Metropolitan can include a data subject’s name, contact, birth date, identity number, gender, employment details, marital, family, policy, location information, online identifier, bank account, medical or health information.

When personal information is collected, the company will indicate the purpose for the collection and whether the information required is compulsory or voluntary.

 

2.5 When will we process your personal information?

We will only process your personal information for lawful purposes relating to our business if the following circumstances apply: 

  • You have consented thereto.
  •  A person legally authorised by you, the law or a court, has consented thereto.
  •  It is necessary to conclude or perform under a contract we have with you.
  • The law requires or permits it. 
  • It is required to protect or pursue your, our or a third party’s legitimate interest; and/or 
  • You are a child, and a competent person (such as a parent or guardian) has consented thereto on your behalf.

 

2.6 When will we  special process your personal information?

We may process your special personal information in the following circumstances: 

  • If you have consented to the processing thereto. 
  • If the processing is needed to create, use or protect a right or obligation in law. 
  • If the processing is for statistical or research purposes. 
  • If the special personal information was made public by you. 
  • If the processing is required by law. 
  • If racial information is processed and the processing is required to identify you; and/or 
  • If health information is processed, and the processing is to determine your insurance risk, or to comply with an insurance policy, or to enforce an insurance right or obligation. 
  • If we do sanctions screening (against any sanctions list, we may in our sole discretion determine) and we may find reports of alleged criminal conduct or proceedings in this regard.

 

2.7 Reasons for processing your personal information

We will process your personal information for the following reasons:

  • Payment processing services providers, merchants, banks and other persons that assist with the processing of your payment instructions. 
  • Location information for the purpose of recording your Safe Dayz journeys and for Safety Alert emergency call out where the feature have to voluntarily be activated as part of the products signed up for with Momentum Metropolitan.
  • Insurers, brokers, other financial institutions or other organisations that assist with insurance and assurance underwriting, the providing of insurance and assurance policies and products, the assessment of insurance and assurance claims, and other related purposes. 
  • Law enforcement and fraud prevention agencies, and other persons tasked with the prevention and prosecution of crime. 
  • Regulatory authorities, industry ombudsmen, government departments, and local and international tax authorities. 
  • Credit bureaux.
  • Trustees, executors or curators appointed by a court of law. 
  • Cheque verification service providers. 
  • Our service providers, agents and sub-contractors such as couriers and other persons we use to offer and provide products and services to you. 
  • Courts of law or tribunals.
  • Participating partners, whether retail or online, in our customer loyalty reward programmes. 
  • our joint venture partners; and/or
  • marketing list providers.
  • to process payment instruments (such as a cheque) and payment instructions (such as a debit order or a stop order deduction). 
  • To create, manufacture and print payment instruments (such as a cheque) and payment devices (such as a debit card); 
  • To conduct affordability assessments, credit assessments and credit scoring (where applicable); 
  • To develop credit models and credit tools. 
  • To open, manage and maintain your accounts/policies, contracts, agreements or relationship with us. 
  • To disclose and obtain personal information from credit bureaux regarding your credit history. 
  • To enable us to deliver goods, documents or notices to you. 
  • For security and identity verification, and to check the accuracy of your personal information. 
  • To communicate with you and carry out your instructions and requests. 
  • For customer satisfaction surveys, promotional and other competitions. 
  • For insurance and assurance underwriting and administration. 
  • To process or consider or assess insurance or assurance claims. 
  • To provide insurance and assurance policies and products, and related services. 
  • To enable you to participate in customer loyalty reward programmes: determine your qualification for participation, rewards points, rewards level, and monitor your buying behaviour with our rewards partners to allocate the correct points or inform you of appropriate products, goods and services you may be interested in, or to inform our reward partners about your purchasing behaviour. 
  • To enable clients to save earned cashbacks and money deposited into their wallet as well as to earn interest on their funds. 
  • To process payments from their wallets.
  • To enable you to participate in and make use of value-added products and services. 
  • To assess our lending and insurance risks; and/or 
  • For any other related purposes.

 

2.8 Processing Information of a child

Protecting privacy of children – Momentum Metropolitan takes the privacy of children very seriously. Children under the age of 18 years should obtain their guardian's consent before providing / submitting any personal information about themselves on the MMH website.

We will not require children under this age to provide any personal information other than that which is reasonably necessary to use the MMH website.

If we determine that a user is under the age of 18, we will not use or maintain his/her personal information without the guardian's consent.

A child is a person who is defined as a child by a country’s legislation, and who has not been recognised as an adult by the courts.  We process the personal information of children if the law permits this.  We will only process the personal information of children if any one or more of following applies:

  • A person with the ability to sign legal agreements has consented to the processing, being the parent or guardian of the child.
  • The processing is needed to create, use or protect a right or obligation in law, such as where the child is an heir in a will, a beneficiary of a trust, a beneficiary of an insurance policy or an insured person in terms of an insurance policy. 
  • The child’s personal information was made public by the child, with the consent of a person who can sign legal agreements. 
  • The processing is for statistical or research purposes and all legal conditions are met.
  • Where the child is an heir in a will, if required to give effect to the will. 
  • Where the child is a beneficiary of a trust, if required to give effect to the trust deed. 
  • Where the child is legally old enough to open a bank account without assistance from their parent or guardian. 
  • Where the child is legally old enough to sign a document as a witness without assistance from their parent or guardian.
  • Where the child benefits from a bank account such as an investment or savings account; and/or 
  • Where the child is an insured person or beneficiary of an insurance policy, if required to give effect to the policy. 

2.9 Obtaining personal information about clients

We collect information about you: 

  • Directly from you.
  • Based on your use of our products, services, or service channels (such as our websites, applications, and ATMs (in the case with your wallets)). 
  • Based on how you engage or interact with us, such as on social media, and through e-mails, letters, telephone calls, and surveys.
  • From public sources (such as newspapers); and 
  • From third parties for the purposes of conducting our business (such as partners, reward partners, list providers, our customer loyalty rewards programmes’ retail and online partners, or our service providers). 

If the law requires us to do so, we will ask for your consent before collecting personal information about you from third parties.  The third parties from whom we may collect your personal information include, but are not limited to, the following:

  • Members of the MMH group, any connected companies, subsidiary companies, its associates, cessionaries, delegates, assignees, affiliates or successors in title and/or appointed third parties (such as its authorised agents, partners, contractors and suppliers) for any of the purposes identified in this Privacy Policy.
  • Your spouse, dependants, partners, employer, joint applicant or account holder and other similar sources. 
  • People you have authorised to share your personal information, such as a person that makes a travel booking on your behalf, or a medical practitioner for insurance purposes. 
  • Attorneys, tracing agents, debt collectors and other persons that assist with the enforcement of agreements.
  • Payment processing services providers, merchants, banks and other persons that assist with the processing of your payment instructions. 
  • Insurers, brokers, other financial institutions or other organisations that assist with insurance and assurance underwriting, the providing of insurance and assurance policies and products, the assessment of insurance and assurance claims, and other related purposes. 
  • Law enforcement and fraud prevention agencies, and other persons tasked with the prevention and prosecution of crime. 
  • Regulatory authorities, industry ombudsmen, government departments, and local and international tax authorities. 
  • Credit bureaux.
  • Trustees, executors or curators appointed by a court of law. 
  • Cheque verification service providers. 
  • Our service providers, agents and sub-contractors such as couriers and other persons we use to offer and provide products and services to you. 
  • Courts of law or tribunals.
  • Participating partners, whether retail or online, in our customer loyalty reward programmes. 
  • Suppliers in the delivery of our wallet and payment services.
  • Our joint venture partners.
  • Marketing list providers.
  • Digital data transformation or aggregation services which you have authorised to collect activity, health or other digital data streams and share with us.

 

2.10 Processing Information about Persons Related to a Juristic Person

If you are a juristic person, such as a company or close corporation, we may collect and use personal information relating to the juristic person’s directors, officers, employees, beneficial owners, partners, shareholders, members, authorised signatories, representatives, agents, payers, payees, customers, guarantors, spouses of guarantors, sureties, spouses of sureties, other security providers and other persons related to the juristic person. These are related persons. 

If you provide the personal information of a related person to us, you warrant that the related person is aware that you are sharing their personal information with us, and that the related person has consented thereto.

We will process the personal information of related persons as stated in this Privacy Policy, thus references to “you” or “your” in this Privacy Policy will include related persons with the necessary amendments.

 

2.11 Direct Electronic Marketing

If we are legally permitted to do so, Momentum Metropolitan may use your personal or other information to tell you about products, services and special offers from the company or other subsidiaries of Momentum Metropolitan. You can opt out from receiving such information by contacting us and requesting us accordingly.

We will use your personal information to market financial, insurance, investments and other related products and services to you.

  • We will do this in person, by post, telephone, or electronic channels such as SMS, email and fax. 
  • If you are not our customer, or in any other instances where the law requires, we will only market to you by electronic communications with your consent. 
  • In all cases, you can tell us to stop sending marketing communications to you at any time. 

 

3 COOKIE POLICY

What happens if you disable your cookie functionality?

  • Clearing or disabling cookies may limit your website functionality, and your functionality once you’ve logged in.  You can limit the collection of your information by disabling cookies on your browser.  You may also be able to modify your browser settings to require your permission each time a site attempts to set a cookie.
  • However, our website(s) (and many other websites) rely on cookies to enable certain functionality. If you choose to disable cookies, some of the services available on our website may not work properly.

What are cookies?

  • A cookie is a small text file stored on your device by the website you are visiting. It helps the website to remember information about your device and how you use the website. We use this information to make your visit to our site as easy and useful as possible.

Types of cookies we use?

  • There are two main types of cookies, i.e.
  • Session cookies
  • When you close your browser, some cookies are deleted. These are called session cookies.
  • Persistent cookies
  • Other cookies are stored on your device until they expire, or you choose to delete them. They are called persistent cookies. These cookies are sent back to us each time you visit our site.

What we use cookies for?

  • We use cookies for session management, user device identification and classification, traffic routing, and analytics

Is your personal information at risk?

  • No, we will never save any personal information, including login details or other personal information on your computer.

 

4 LOCATION SERVICES

We use location services for specific products and services through our websites and applications.  The location services will only be switched on with the prior consent of the user.  The use of location services are set out in the purpose of collection of data.

 

5 CONFIDENTIALITY AND SECURITY

5.1 Routine Precautions

MMH has physical, technological and procedural security safeguards in place and will use its best endeavours to protect your personal information.

Personal information refers to information that identifies or relates specifically to you, which for example include:

  • Your name
  • Age
  • Gender
  • Identity number
  • Your assets and liabilities
  • Your income
  • Your employment details
  • Payment records
  • Your contact details
  • Your marital status
  • Family information
  • Bank account information
  • Medical or health information
  • Your policy information

Any information about what you buy, where you shop, where you bank, how you invest, your health behaviour, your health transactions and all related information will also be regarded as personal information.

In short, any information that we know about you will be regarded as your personal information.

 

6 YOUR PERSONAL INFORMATION

6.1 Securing personal information

Momentum Metropolitan will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. The company will store all the personal information in secured environments, for example on secured servers in a protected data centre.

6.2 How you can review and correct your personal information

You can request to review your personal information contained in Momentum Metropolitan’s records at any time to correct or update the information. If the purpose for which your personal information was requested initially does not exist anymore, for example you no longer have a contract with it, you may request information held by the company to be removed. However, Momentum Metropolitan can decline your request to delete the information from its records if other legislation requires the continued retention thereof or if it has been de-identified.

6.3 Managing Data Privacy at Momentum Metropolitan Board Level and Reporting Frequency

The Momentum Metropolitan Board Risk Capital and Compliance Committee (BRCC) is a sub-committee of the Board that is accountable to address and manage the risk of data privacy and cyber security. The BRCC follows the board cycle and convenes on a quarterly basis. The Momentum Metropolitan Group Chief Risk Officer (CRO) is the business representative on BRCC for data privacy, data security and cyber security. The Momentum Metropolitan Chief Risk Officer provides guidance and input regarding appropriate Risk Management.

6.4 Employee Training on Cyber Security and Data Privacy

Employee Training on Cyber Security and Data Privacy forms part of ongoing compliance training. Cyber Security training is currently further required as a basic compliance training that all employees must complete. As part of the POPIA management programme, there is a specific focus on training, awareness as well as communication that will cover data privacy, data security and more detailed cyber security training as mandatory compliance training to all staff. The POPIA management programme is actively managed at Momentum Metropolitan Group level with participation of all business entities and subsidiaries of Momentum Metropolitan.

6.5 Centralised Cyber Security and Data Security Functions and Coordination

To deal with Cyber Security and Data Privacy, two separate centralised functions exist within Momentum Metropolitan. The IT Security environment includes managing cyber security as a capability and the Data Management environment deals with the aspects of data privacy and extended data security and privacy which is enabled through IT security.

These two functions report into the Group Exco and is coordinated to work closely together to ensure coordinated efforts to best deliver on the relevant requirements.

6.6 Review and correcting your personal information

You can request to review your personal information contained in Momentum Metropolitan’s records at any time to correct or update the information. If the purpose for which your personal information was requested initially does not exist anymore, for example you no longer have a contract with us, you may request information held by the company to be removed. However, Momentum Metropolitan can decline your request to delete the information from its records if other legislation requires the continued retention thereof or if it has been de-identified.

6.7 Cookies

You agree that we shall be entitled to send "cookies" from this website to your computer. We use the word "cookie" to refer to information that is sent from this website to your hard drive, where it is saved and contains information to personalise your experience on this website. In this way, the next time you use this website we will know who you are and that you have visited this website before.

6.8 Third Parties

We do not exercise control over affiliate parties' privacy policies - Personal information and third parties.  Because we are not responsible for any representations or information or warranties or content on any website of an affiliate party (including websites linked to this website or websites facilitated by us), we do not exercise control over affiliate parties' privacy policies, and you should refer to the privacy policy of any such affiliate party to see how such party protects your privacy.

6.9 Sharing your Information

Your privacy is important to us. We will therefore not sell, rent or provide your personal information to unauthorised entities or other third parties, for their independent use, without your consent. 

We may disclose your personal information to the following third parties:

  • Other companies in the Momentum Metropolitan Holdings Group of companies.
  • Selected third parties to provide us with services, including companies that provide us with technical support and assistance in respect of the Website, companies that provide back-office services, companies that provide hosting services or, that track the Website’s activities and analytics, and companies engaged to market and distribute MMH products and/or services and conduct research on our behalf.
  • Professional advisers, judicial, regulatory and law enforcement bodies; and
  • A third party that acquires all or part of our assets or shares, or that succeeds us in carrying on all or a part of our business, whether by merger, acquisition, re-organisation or otherwise.
  • In order for us to ensure that we meet your needs, we may collect and analyse your personal information and combine all the information that we have about you to compile a profile of you in order for us to personalise and tailor our services to meet your specific needs.
  • Once we have collected and analysed your personal information, we may send you promotional material or details which we think may be of interest to you. If any of this promotional information relates to products, promotions, news or services of an affiliate party, and if you indicate that you would like more details, we may inform the affiliate party to contact you directly. We will, however, only inform an affiliate party to contact you directly if you have indicated that this is agreeable to you.

If at any stage, after you have given us your consent, you no longer wish us to use or share your personal information with an affiliate party; you may at any stage withdraw your consent.  By choosing to withdraw your consent with affiliated third parties there may be an impact on our offering to you, and it will be explained to you on your request to withdraw your consent.

6.10  Cross Border Sharing

We will only transfer your personal information to third parties in another country in any one or more of the following circumstances: 

  • Where your personal information will be adequately protected under the other country’s laws or an agreement with the third-party recipient.
  • Where the transfer is necessary to enter into, or perform, under a contract with you or a contract with a third party that is in your interest. 
  • Where you have consented to the transfer; and/or 
  • where it is not reasonably practical to obtain your consent, and the transfer is in your interest. 
  • This transfer will happen within the requirements and safeguards of the law. 
  • Where possible, the party processing your personal information in the other country will agree to apply the same level of protection as available by law in your country, or if the other country’s laws provide better protection, the other country’s laws would be agreed to and applied. 
  • An example of us transferring your personal information to another country would be when you make payments if you purchase goods or services in a foreign country.

TAKE NOTE: As the MMH group operates in several countries, your personal information may be shared within the MMH group entities in other countries and processed in those countries.

 

7 CHANGES TO PRIVACY POLICY

Perusing amendments to the policy.  Our right to amend this Privacy Policy.  We reserve the right, in our sole discretion to amend (including without limitation, by the addition of new terms and conditions) this Privacy Policy from time to time. You agree to review the Privacy Policy whenever you visit this website for any such amendments. Save as expressly provided to the contrary in this Privacy Policy, the amended version of the Privacy Policy shall supersede and replace all previous versions thereof.

Which laws apply?

This Privacy Policy will be governed by and construed and interpreted in accordance with the laws of South Africa. To the extent that a court has jurisdiction over any dispute which may arise out of or in connection with this Privacy Policy, we both submit to the jurisdiction of the South African courts.

 

8 GET IN TOUCH

Contact details of the PAIA Information Officer of Momentum Metropolitan

Name of the Information Officer

Douw Lotter

Postal Address

PO BOX 7400

Centurion

0046

Physical Address

268 West Ave

Die Hoewes

Centurion

0157

Email Address

[email protected]

 

Contact details of the POPIA Information Officer of Momentum Metropolitan

Name of the Information Officer

Jeanine Norden

Postal Address

PO BOX 7400

Centurion

0046

Physical Address

268 West Ave

Die Hoewes

Centurion

0157

Email Address

[email protected]

 

General contact details of MMH

Postal Address

PO BOX 7400

Centurion

0046

Physical Address

268 West Ave

Die Hoewes

Centurion

0157

Telephone Number

+27 (0) 12 065 0445

Internet site URL

www.momentummetropolitan.co.za

 

9 COMPLAINTS

Should you believe that MMH has utilised your personal information contrary to Applicable Laws, you undertake to first attempt to resolve any concerns with Momentum Metropolitan. 

If you are not satisfied with such process, you may have the right to lodge a complaint with the Information Regulator, using the contact details listed below:


Tel: 012 406 4818

Fax: 086 500 3351 

Email: [email protected]