Amplify is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights in relation to personal data. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
As used in this privacy statement, “Amplify”, “us”, and “we” refer to the Amplify Group and/or one or more of its subsidiaries that may process your personal information. Each Subsidiary in the Amplify network is a separate legal entity.
In this privacy statement, we refer to information about you or information that identifies you as “personal data” or “personal information”. We also sometimes collectively refer to handling, collecting, protecting or storing your personal information as “processing” such personal information.
Amplify processes personal data for numerous purposes. Our policy is to be transparent about why and how we process personal data.
Please click on the relevant heading below for more information on each of these areas.
- What personal information do we collect about you
- How your personal information is collected
- How we use your personal information
- The basis on which we use your personal information
- Who we share your personal information with
- How we protect your personal information
- International transfers of your personal information
- How long we keep your personal information
- Your legal rights
What personal information do we collect about you
We may collect personal information from you in the course of our business, including when you engage our services, when you contact or request information from us or through your use of our website.
Personal information means any information about an individual from which that person can be identified. This information does not include data where the identity of the person has been removed (anonymous data).
The personal information that we collect, use, process, store and transfer, includes:
- Identity information including your name, the organisation you work for, your title or position and your relationship to a person, and similar information about your personal assistant if applicable
- Contact information including your email address, postal address, and telephone numbers
- Technical information including information from your visits to our website or applications (including IP address and how you use our website) or in relation to materials and communications we send to you electronically
- Marketing and communications information including your preferences in receiving marketing materials from us and your communication preferences
- Information you provide to us for the purposes of attending meetings and events and in response to surveys we send out or sent out on our behalf
- Identification and background information provided by you or collected as part of our business acceptance processes
- Financial information, including payment-related information
- Any other information relating to you which you may provide to us
How is your personal information collected
- We collect information from you and about you as necessary in the course of providing our services including as part of our business acceptance processes
- We collect information about you when you provide it to us, or interact with us directly, including when you register on one of our digital platforms or applications or engage with our personnel
- We collect your personal information while monitoring our technology tools and services, including email communications sent to and from us and our websites
- We may obtain information about you from other sources, including keeping the contact details we already hold for you accurate and up to date by using publicly available sources
How we use your personal information
We use the personal information about you that we collect, including through your use of our website and in the provision of services by us, in a number of ways:
- To provide you with information requested by you
- To provide and improve our website, including monitoring its use
- To provide and improve our services to you and to our clients
- To manage and administer our relationship with you and our clients
- To promote our services, including sending business related updates, publications and details of events
- To fulfil our legal, regulatory and risk management obligations
- For the purposes of recruitment
Use of our website
Our website includes facilities which invite you to provide us with personal information, such as our email queries facilities. The purpose of these facilities is apparent at the point that you provide your personal information, and we only use that information for those purposes.
We use a customer relationship management (CRM) tool to assess the strength of the relationship between individuals in Amplify and our clients or potential clients based on the frequency of email contact between them. We use that information in order to analyse, assess and improve the services that we provide.
We use personal information to understand whether you read the emails and other materials, such as business-related publications, that we send to you, click on the links to the information that we include in them and whether and how you visit our website after you click on that link (immediately and on future visits). We do this by using software that places a cookie on your device which tracks this activity and records it against your email address.
If you receive marketing communications from us and no longer wish to do so, you may unsubscribe at any time by emailing us here: email@example.com.
Meetings and events
We will collect and process personal information about you in relation to your attendance at our offices or at an event (such as a conference or seminar) organised by Amplify or its business partners. We may share your personal information with IT and other service providers, or business partners involved in organising or hosting the relevant event.
We will only use and process special categories of personal information about your dietary or access requirements in order to cater for your needs and to meet any other legal or regulatory obligations we may have.
We collect, use, process and retain personal information in the course of and in connection with the services we provide to our clients. We will process identification and background information as part of our business acceptance (including anti-money laundering, conflict, reputational and financial checks), finance, administration and marketing processes.
We will also process personal information provided to us by or on behalf of our clients for the purposes of the work we do for them. The information may be disclosed to third parties to the extent reasonably necessary in connection with that work.
The basis on which we use your personal information
We use your personal information on the following bases:
- To perform a contract, such as engaging with an individual to provide consulting or other services
- For legitimate business purposes
- To comply with legal and regulatory obligations
Who we share your personal information with
We are an international consultancy firm and any information that you provide to us may be shared with and processed by any entity in our worldwide network.
We may also share your personal information with certain trusted third parties in accordance with contractual arrangements in place with them, including:
- Our professional advisers and auditors
- IT service providers to Amplify
- Third parties engaged in the course of the services we provide to clients and with their prior consent
- Third parties involved in hosting or organising events
If we are required to disclose your personal information to comply with legal or regulatory requirements, we will use reasonable endeavours to notify you before we do this, unless we are legally restricted from doing so.
If in the future we re-organise or transfer all or part of our business, we may need to transfer your personal information to new Amplify entities or to third parties through which the business of Amplify will be carried out.
We do not sell or otherwise make personal information commercially available to any third party, except with your prior consent.
How we protect your personal information
We have put in place appropriate security measures to protect your personal information from unauthorised access, use, disclosure, alteration or destruction. We also limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
International transfers of your personal information
The level protection of personal information in countries outside the South Africa may be less than that offered within the South Africa under the Protection of Personal Information Act. Where this is the case, we will implement appropriate measures to ensure that your personal information remains protected and secure in accordance with applicable data protection laws.
Where our third-party service providers process personal information outside of South Africa in the course of providing services to us, our written agreement with them will include appropriate standard contractual clauses.
How long we keep your personal information
We will only retain your personal information for as long as necessary taking into account the requirements of applicable data protection laws and the purpose for which the personal information is collected and used, including for the purposes of satisfying legal, accounting and regulatory requirements to retain the information for a minimum period, good practice and Amplify’s business purposes.
Your legal rights
The Protection of Personal Information Act South Africa and other applicable data protection laws provide certain rights for data subjects.
- You are entitled to request details of the personal information we hold about you and how we process it.
- You may also have a right to have your personal information rectified or deleted, to restrict our processing of your personal information, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have your personal information transferred to another organisation.
- If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.
Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the purposes set out above or that you may not be able to make use of the services offered by us.
Even after you have chosen to withdraw your consent, we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with meeting our legal and regulatory obligations.