Privacy & Cookie Notice
Application of this notice
This privacy notice applies to you as a customer or as a guest, this is namely a person who accesses or registers on our platforms, regardless of the device used to access it (e.g. a computer, mobile phone, tablet etc.).
This privacy notice does not apply to other parties' sites, products or services, such as sites linked to, from or advertised on Our Site, or sites which link to or advertise Our Site.
What is personal infomation?
Personal Information refers to information about an identifiable person, such as your name and surname, gender, age, date of birth, contact details (phone number and email address), physical location/address, and ID number among other identifiers.
Other information which might be considered Personal Information may include:
“biometric information”: a technique of personal identification that is based on physical, physiological or behavioural characterisation, which allows or confirms the unique identification of a natural person, such as facial images or fingerprint data;
“device and device event information”: IP address, unique device identifier, the nature of the device which you used to access Our Site, the geographic location of your device, hardware model and settings, operating system details, browser type and version, browser language, system activity and crashes;
“log information”: Details of how, when and for how long you accessed and used Our Site and other site traffic and use information, landing pages, which pages you accessed and viewed, the amount of time spent and what you did on those pages, details about games you played, how you interacted with other site users, and exit pages;
“location information”: We may use various technologies to determine your actual location, such as geographical data from your device (which is usually based on the GPS or IP location); and “unique application numbers”: Certain services include a unique application number. This number and information about your installation (e.g. the operating system type and application version number) may be sent to us when you install or uninstall such a service or when that service periodically contacts our servers, such as for automatic updates.
Please Note: Personal Information can at times also be referred to as Personal Data.
How we collect your personal information
We collect your Personal Information in four ways, namely:
- actively from you; (may include but is not limited to: surveys, or when signing up for a product or at any MCG third party with whom we have a contract with);
- passively from your device when you use our platforms;
- passively from social networking sites (subject to your privacy settings); and
- passively from companies in the MultiChoice Group of companies (our “affiliates”) and third-party service providers.
Active collection of personal information
Some areas of Our Site may require you to submit certain information in order for you to register for certain services or benefit from specified features, such as when you register on our platforms, request to receive any newsletters or similar subscriptions or tips/pointers, or participate in a particular activity, such as a game, promotional competition or other promotion (collectively referred to as the (“Value Added Services”). If you contact us, we may keep a record of that correspondence.
If you want to take advantage of any of Our Site sharing features, we will ask you to create a publicly visible profile, indicating, for example, your username, e-mail address and, if you so wish, your photo.
Our Site may also collect Personal Information from you by asking you specific questions and by permitting you to communicate directly with us, for example via e-mail, feedback forms, site comments and forums.
In these situations, we will
- ask you for specific information;
- inform you at each information point what information is required and what information is optional; and
indicate the consequences if you don't give us the relevant information. (You will generally need to provide us with the relevant information in order to take full advantage of our platform features.)
The information we may actively collect from you may include your:
identifying information (e.g. your name, surname, username, unique identifier (if you haven't chosen a username), gender, date of birth, profile picture and physical location);
contact details (e.g. e-mail address and phone number)
Passive collection of personal information from your device
We passively collect some of your Personal Information from the device which you use to access and navigate through our platform(s), using various technological means.
One of the keyways in which we collect information passively is using server logs to collect and maintain log information.
Passive collection of Personal Information from social networking sites (with your permission)
We may allow you to log onto Our Site, or create a profile on Our Site, by using Facebook Connect, Google or Yahoo.
By collecting information from social networking sites we enable you to enrich your profile on Our Site, your game-play and your social experience by enabling you to share your information (e.g. posts, photos, videos, contacts, etc.) which is stored on that site without you having to actively give us all that information – all you need to do is login using your username and password and give us your permission to access and use that information.
There are two kinds of information which we collect from social networking sites, namely basic information and extended information.
Basic information is information which you have put on a social networking site which you have made public in accordance with your privacy settings on the relevant social networking site.
This could include your name and surname, username or user-ID number, your profile picture or its URL, your e-mail address, the physical location of your device, your gender, your date of birth, and any other information which you have decided to share publicly (i.e. the information which you have put on your social networking site profile for anyone to see).
We will access your basic information from a social networking site only:
when you log on to a social networking site from Our Site or if you select the “keep me logged in” function;
with your permission; and
- in line with your privacy settings on the relevant social networking site.
Extended information is information which you have put on a social networking site over and above the basic information. This could include your additional identifying information and contact details, biographical information, educational history, personal preferences, your “friends” or contacts on the social networking site, your “likes” and “dislikes”, information you have “shared”, your recommendations to your friends or other social networking site contacts, your game scores and rankings, and any other information which you have put on, or actions you have done, on a social networking site, and any other information which you permit us, from time to time, to passively collect from a social networking site.
You can decide the layers of extended information which you want to share with us and manage it either through Our Site or the relevant social networking site (e.g. you might decide, depending on your personal preferences, to allow us to post on your wall when you win a game or to send a notification to your Facebook friends on your behalf.
We may offer you the ability to import your address book contacts or to manually enter third parties' contact details to populate your invite list on Our Site (“your contacts”). You may authorise us to send your communications to your contacts on your behalf (e.g. to send your contact an e-mail or notification from you or on your behalf inviting him/her to join your online game sports pool).
Each application on Our Site will have its own default privacy setting. You can manage your settings at the time of giving us your permission or at any time thereafter by clicking on “My Privacy” on the applicable platform, or in any other manner which we make available from time to time.
Your permission will expire if you do not access Our Site for a period of 60 (sixty) continuous days. If it expires, you will need to refresh it when you next log in to Our Site.
We only receive information from social networking sites – we do not give them access to any of your Personal Information.
Passive collection of personal information from our affiliates and third-party service providers
We collect some Personal Information passively from our affiliates and third-party service providers, purely to supplement information which you have already agreed to give us, to supplement your user profile on Our Site to assist us with enhancing your viewing experience.
Why we collect your personal information and how we use it
We use the information we collect to provide, maintain, and improve our services, to develop new ones, and to protect us, our services, and our users. We constantly strive to improve our users' experience, and so we also use the information we collect to offer you information and content which is more appropriately tailored for you.
We may collect and use your Personal Information to:
to carry out contractual obligations;
establish and verify your identity;
to create your user account and ensure that it doesn't duplicate an existing user account on Our Site (if you have an existing user account, we will merge the two accounts on our computer systems) and allow use of Our Site, products and services;
maintain and update our databases;
communicate with you in various ways (determined by you in your privacy settings), such as e-mail, post, telephonically, SMS notifications, instant messaging, or other notifications to your device (e.g. on-screen pop-up messages);
personalise your viewing experience and enhancing our ability to recommend relevant content;
- enable user to user communications;
request feedback on Our Site, products, and servers, address any issues and liaise with users in that regard;
keep a record of our communications with you and your communications with us;
fulfil any contractual obligations we may have to you or any third-party;
provide you with Value Added Services;
to identify and inform you of points of interest or goods and services of interest near to your location, using your location information;
improve the content of Our Site and our products and services;
allow you to participate in any interactive features and sharing features that may be active on Our Site;
combine your Personal Information from a social networking site with the information on Our Site to streamline and complete our records and to make it easier for you to share things with people you know;
improve your user experience and the overall quality of our services;
customise Our Site to your preferences and tailor information and content for you to ensure that it is presented in the most effective manner for you and for your device;
inform you of facts relating to your access to and use of Our Site;
inform you about our products and services which we think may interest you (if you have consented to this);
inform you about competitions, promotions, and special offers from us (if you have consented to this);
carry out marketing, product research and development;
to tailor general advertising on our platforms more appropriately for user groups;
to compile and use statistical information about you and other users and their access to and use of Our Site, browsing habits, click-patterns, preferences, demographics etc which we may use to develop, provide and improve our platforms and our products and services, including recommendations to users and tailoring information and content for users;
to compile, use, disclose and trade with non-personal statistical information about our users and their access to and use of Our Site, browsing habits, click-patterns, preferences, demographics etc. which we and our advertisers may use to develop, provide and improve our platforms and our products and services, including targeted advertising to user groups. Please note that the information referred to in this paragraph is aggregate information about our users which has de-identified users' Personal Information such that it cannot be linked back to identify you. We will not disclose your identifiable Personal Information to anyone without your express permission;
- diagnose and deal with technical issues and customer support queries and other user queries, such as problems with our server, determine the optimal and fastest route for your device to use in connecting with Our Site, and administer, maintain and secure our platforms;
detect, prevent, or deal with actual or alleged fraud, security or the abuse, misuse or unauthorised use of Our Site and contravention of this privacy notice;
comply with the law or with any legal Process; and
other activities not specifically mentioned which are lawful, reasonable, relevant to our business activities, and the minimum necessary and adequate for us to provide our platforms, and our products and services.
We will get your permission before collecting or using your Personal Information for any other Purpose.
Compulsory and optional information
Only the following information is compulsory: Your name, surname, registered e-mail address or mobile number. In order to access any of the value-added services you will need to identify yourself as a MultiChoice subscriber with a Smartcard number, customer number, connect ID and identity/passport number (if you have provided us with this information).
All other information is optional. If you do not agree to share your compulsory information with us, then you will not be able to make full use of the features that are offered to registered users. If you do not agree to share your optional information with us, then you may not be able to enjoy all our platform features and functionality.
How long do we keep your personal information?
We retain all Personal Information which we collect from you (except for the information referred to below) unless there is a valid technical, legal or business reason for us to delete, destroy or de-identify it (“retained information”).
We will not retain the following information if you ask us not to –
your contacts information as contemplated in 'Passive Personal Information from social networking sites (with your permission)' above, unless that contact is a registered user on Our Site who has given us permission to store their information;
- communications which we have sent on your behalf as contemplated in ‘Passive collection of personal information from social networking sites (with your permission) ‘above;
the content of our public communications via Our Site with site users or third parties for as long as the relevant site feature remains active.
We may keep all retained information for as long as you continue to access Our Site and/or make use of our services or products and for five years thereafter:
- If you do not access Our Site and/or make use of our services or products for a consecutive period of two and a half years, we will inform you that your account is dormant; and
- If you do not access Our Site and/or make use of our services or products for a further year after dormancy notification, we will delete, destroy or de-identify all your Personal Information from our records except for information which we store for historical, statistical or research purposes.
Kindly ensure that you regularly review your Personal Information and ensure that it is accurate. This can be done by contacting our call center or updating your Personal Information on Our Site/platform/applications, or submitting a request to the data privacy office by completing the form here.
Notwithstanding the above, and any other provision of this privacy notice, we may keep some or all your Personal Information if and for as long as:
we are required by law, a code of conduct or contractual obligations created as a result of there being a contract between us and you;
we reasonably need it for lawful purposes related to our functions and activities;
we reasonably need it for evidentiary purposes; or
you agree to us keeping it for a specified further period.
Disclosure of your personal information
We will not disclose, for commercial gain or otherwise, your Personal Information other than as set out in this privacy notice or with your permission.
We may disclose or share your Personal Information to or with:
- our affiliates;
our Employees, contractors, ISPs and agents if and to the extent that they need to know that information in order to Process it for us and to provide services for or to us, such as site hosting, development and administration, technical support, financial services such as Processing of payments, delivery services, marketing services (only in respect of Our Site, products and services) and other support services;
in order to protect our rights, property or safety or that of our customers, Employees, contractors, ISPs, agents and any other third party;
- in order to mitigate any actual or reasonably perceived risk to us, our customers, Employees, contractors, ISPs, agents or any other third party;
- any third party who acquires (or proposes to acquire) ownership or control of our assets, shares or management, or that of our affiliates, and Our Site, whether by sale, merger, acquisition or otherwise, and to any third party from who we acquire (or propose to acquire) ownership or control of assets, shares or management, whether by purchase, merger, acquisition or otherwise;
- governmental agencies, exchanges and other regulatory or self-regulatory bodies if we are required to do so by law or if we reasonably believe that such action is necessary to:
comply with the law or with any legal Process;
protect and defend the rights, property or safety of us, our affiliates or our customers, Employees, ISPs, contractors and agents or any third party;
detect, prevent, or deal with actual or alleged fraud, security or technical issues or the abuse, misuse, or unauthorised use of Our Site and/or contravention of this privacy notice;
- protect the rights, property or safety of members of the public (if you provide false or deceptive information about yourself or misrepresent yourself as being someone else, we may proactively disclose such information to the appropriate regulatory bodies and/or commercial entities).
We may use your Personal Information to compile profiles for statistical purposes and may freely trade with such profiles and statistical data, provided that the profiles or statistical data cannot be linked back to you by a third party.
We will get your permission before disclosing your Personal Information to any third party for any other purpose.
When you register on our platforms you may choose whether to receive marketing communications from us. You may also manage it in your privacy settings on Our Site.
You may refuse to accept, require us to discontinue, or pre-emptively block any approach or communications from us if that approach or communication is primarily for the purpose of direct marketing (“marketing preference”).
You may opt out of receiving direct marketing communications from us:
- at the time of registering on our platforms by ticking the relevant “opt-out” box; and
- at any time by requesting us (in any manner, whether telephonically, electronically, in writing or in person) to desist from initiating any direct marketing to you.
If you have opted out in accordance with the above, we will:
- send you written (which may include electronic writing) confirmation of receipt of your opt-out request; and
- not send you any further direct marketing communications.
You may (in terms of the Consumer Protection Act, 2008) register a pre-emptive block against direct marketing communications. If you do so, we will not send you direct marketing communications unless you have expressly consented to receive direct marketing communications from us.
We will not send you direct marketing communications at home at any period during which it is prohibited by law to do so unless you have expressly or implicitly requested or agreed otherwise.
All information you provide to us is stored on our secure servers or those of our trusted partner services.
We implement appropriate, generally accepted technical and organisational measures to protect your personal data against unauthorised or unlawful Processing, accidental loss, destruction, or damage, including encryption where appropriate.
Unfortunately, the transmission of information via the Internet is not completely secure. We will do our best to protect your personal information, but we cannot guarantee 100% security of your data transmitted to our servers using the internet and any transmission is at your own risk.
We take reasonable technical and organisational measures to secure the integrity of information we collect about you, using accepted technological standards to –
- prevent unauthorised access to or disclosure of your Personal Information; and
- protect your personal information from misuse, loss, alteration, or destruction.
- We require you to enter a password when logging in to Our Site.
- We do not require your credit card details, internet banking details or PIN numbers for any purpose. If we need to make a payment to you (e.g. if you win a prize), we will send you an e-mail requesting your banking details and make payment directly into your chosen bank account. We will keep the payment records (for finance, recordkeeping, and audit purposes) on secure servers. We will not disclose your banking details to any third party except to the extent necessary to Process and record payments.
- Where we allocate you or replace a password which enables you to access certain parts of Our Site, we will do so in an automated manner and we do not store it. You are responsible for keeping your password confidential. Please notify us immediately and change your password if you become aware that your password has or may have become compromised or accessed by an unauthorised person.
- From time to time we review our information collection, storage and Processing practices, including physical security measures, to keep up to date with best practice.
- We create a secure back-up for operational and safety purposes.
- We create, protect, and retain systems audit records to maintain integrity and enable the monitoring, analysis, investigation, and reporting of unlawful, unauthorized, or inappropriate systems activity.
- We review and analyze systems audit records on a regular basis to detect significant unauthorized activity with respect to systems. Actions of users can be uniquely traced to those users so they can be held accountable for their actions.
- We maintain up-to-date anti-malware software, has implemented a vulnerability management program with regular scanning for vulnerabilities, subscribes to a vulnerability notification service, has a method for prioritizing vulnerability remediation based on risk, and has established remediation timeframes based on risk rating.
- Once a patch is released, and the associated security vulnerability has been reviewed and assessed for its applicability and importance, the patch is applied and verified in a timeframe which is commensurate with the risk posed to systems.
- Penetration testing and vulnerability scanning is conducted on the systems at least annually. Any remediation items identified as a result of the assessment are resolved as soon as possible on a timetable commensurate with the risk. Upon request, we will provide summary details of the tests performed, findings, and whether the identified issues have been resolved.
- We use commercially reasonable efforts to regularly identify software vulnerabilities and, in the case of known software vulnerabilities, to provide relevant updates, upgrades, and bug fixes.
- We deploy intrusion detection Processes to monitor and respond to alerts which could indicate potential compromise of Personal Data.
- We encrypt Personal Data in our possession or control so that it cannot be read, copied, changed, or deleted by unauthorized personnel while in transit and storage, including when saved on removable media.
- Keys are protected from unauthorized use, disclosure, alteration, and destruction, and have a backup and recovery Process.
- We use antivirus software, firewalls, and cookie management software.
In addition, we also use a data protection and privacy regulation compliance management tool to enhance our compliance with data protection laws and other obligations.
Transborder Transfers of your Personal Information
We may transfer your Personal Information to MCG Subsidiaries and/or affiliates and/or service providers located in third- party countries.
The transborder transfers of your Personal Information are conducted for the legitimate purposes of providing seamless customer service, fulfilling contractual obligations, Processing transactions, offering personalised experiences, and improving the overall quality of services rendered.
MCG commits to having implemented appropriate technical and organizational measures to safeguard customer personal data during transborder transfers and regularly reviews these measures. These measures aim to protect the confidentiality, integrity, and availability of the data and to ensure that the data is Processed securely by the recipients in accordance with the provisions of this privacy notice and applicable data protection laws.
Linking to third party sites
We are not responsible for the privacy practices of a third-party site to which there may be a link on Our Site or to which you may log in from Our Site (e.g. integrated social networking services).
We advise you to read the privacy notice of each site which you visit and to determine your privacy settings in accordance with your personal preferences.
In certain instances, we may give you the option to manage some of your privacy settings on integrated social networking sites from Our Sites (e.g. to enable you to determine which of your Personal Information you would like to share via Our Site).
Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access
You have the right to request a copy of the information that we hold about you. Access to this information may be subject to an administrative fee if your request is manifestly unfounded, excessive, or repetitive.
- Right to rectification
You have a right to insist that we correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten
In certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing
Where certain conditions apply you have a right to restrict the Processing of your data, for instance how we market to you.
- Right to data portability
You have the right to have the data we hold about you transferred to another organisation or provided to you in a machine-readable word format.
- Right to object to processing
You have the right to object or remove your consent for certain types of Processing such as direct marketing.
- Right to raise a complaint
You have the right to complain if you have cause to be concerned about the way we capture, treat, or Process your personal information.
To exercise any of your data subject rights, including to update any personal information, use the “My Privacy” section in DSTV Self-Service, or alternatively use the webform under “Exercise your rights” to submit a request to us.
Changes to this policy
We may change this privacy notice from time to time. If we do so, we will post the revised policy on Our Site and take reasonably practicable steps to ensure that you are aware of the updated privacy notice (including, if we have your email address, e-mailing you notifications of the updated privacy notice).
Effective Date: 1 June 2021
Privacy Notice Version: Version 2.1