Mitsubishi Motors Cookie Policy
About cookies
General cookie introduction
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Learn more about who we are, how you can contact us and how we process personal data in our Privacy Statement.
Please state your consent ID and date when you contact us regarding your consent.
Your consent applies to the following domains: https://www.mitsubishi-motors.co.za/
Mitsubishi Motors Cookies: Data Protection Policy
1 PURPOSE
This policy describes the principles governing the processing data by Motus.
2 SCOPE
This policy applies to all personal data processed during Motus business.
3 GLOSSARY
Unless inconsistent with the context, the words and expressions in this Policy have the meanings assigned to them in the Glossary of Terms applicable to all policies, procedures, standards, and guidelines adopted and published by Motus.
4 MOTUS DATA PROTECTION POLICY
- is accountable for and processes personal data in compliance with the conditions and principles governing its lawful processing.
- collects personal data for specific, explicitly defined, and lawful purposes and does not further process personal data in a manner that is incompatible with those purposes.
- only processes personal data that is adequate, relevant, and not excessive for the purpose of the processing.
- processes personal data transparently to the data subject and in a manner that is fair and does not infringe the privacy of the data subject.
- does not process personal data unless it is lawfully justified to do so and where it relies on the justification of consent, such consent is freely given, specific, informed and is an unambiguous indication of the data subject’s wishes, indicated by a clear affirmative action.
- collects personal data directly from the data subject unless it is permitted by law to collect the information from other sources.
- takes appropriate measures to safeguard the integrity and confidentiality of personal data and to prevent its loss or damage, unlawful access, and unauthorised destruction.
- by written contract, will, where reasonably permissible, bind third parties processing personal data on its behalf, to establish and maintain appropriate security safeguards as well as comply with the principles set out in this policy.
- puts in place an incident management process that ensures timely notification to data protection authorities, and, when needed, the data subjects of a compromise to their personal data as required by law.
- processes personal data transparently to the data subject and takes reasonably practicable steps to ensure that the information is accurate and kept up to date.
- permits and facilitates data subjects access their personal data and corrects or deletes information that is inaccurate, as required by law.
- facilitates data subject objections to the processing of their personal information as required by law.
- retains personal data as required by law, or contract, or as may be reasonably required for lawful purposes, but not for any longer than is necessary to achieve the purpose for which the information was collected and processed.
- avoids processing of special personal information unless necessary and in line with the authorisation requirements as required by law.
- will not use personal data for the purpose of unsolicited electronic communication, nor for automatic decision-making, without the consent of the data subject.
- only transfers personal data across borders to jurisdictions that effectively uphold the principles and conditions governing the protection of personal data established in the Republic of South Africa, alternatively if the data subject has consented to the transfer.
- appoints an Information Officer/s authorised and empowered to fulfil the responsibilities stipulated in relevant legislation.
5 POLICY RESPONSIBILITY
- Motus has appointed a POPIA Workgroup to oversee data protection at Motus and its subsidiaries.
- Motus is responsible for maintaining the lawful processing of personal information.
- The CEO of Motus Holdings Limited and each of the Heads of its subsidiaries and Divisions as appointed an Information Officer and delegated to the Information Officer the authority to fulfil the duties and responsibilities required in relevant legislation and regulation.
6 REVIEW AND AUDIT
- This Policy and the procedures and standards supporting the policy statements will be reviewed by the POPIA Workgroup at least once each year.
- Reviews and any revisions of the Policy will be recorded in a Revision History and filed with this Policy.
- Motus internal audit will audit compliance with the Policy and procedures and standards supporting the policy.