Privacy and security

Warning: include(Secretary/Shared/nemLogger.php): failed to open stream: No such file or directory in /var/www/html/NEMDev/nemPrivacySecurity.php on line 5

Warning: include(): Failed opening 'Secretary/Shared/nemLogger.php' for inclusion (include_path='.:/usr/share/php') in /var/www/html/NEMDev/nemPrivacySecurity.php on line 5
Privacy and security

Context

NeM offers meeting management services to client organisations wishing to manage meetings remotely. The services require loading of data relating to attendance at a meeting (such as a shareholder's or property owner's Annual General Meeting) and the management of meetings. However, a meeting is controlled entirely by the client organisation or their agents, and no data is loaded directly by NeM.

PAIA and POPI

The NeM PAIA and POPI handbook can be downloaded here.

Data that is kept

About attendance at meetings:

Data that must be loaded by a client organisation or their agent to support attendance at a meeting includes:

Attendee's name (a person's first name & surname, or an entity's registered entity name, to identify the attendee)
Email address or addresses (for communications about a meeting)
Participation quota (shareholding or property size)

During a meeting, data that will be recorded includes:

Time of arrival at the meeting
Requests to view supporting documents related to the meeting agenda
Each vote that is made and the time of the vote
Requests for email confirmation of an attendee's voting record

About the management of meetings:

In addition, at the discretion of the client organisation, personal data can be loaded about a person's involvement in the management of meetings by the client organisation:

Person's first name & surname
Email address
Role within the client organisation management team
Notification options for notices and messages
Government ID or passport number
Cell number
Land line number
Significant start and end dates
Miscellaneous notes

Data protection

Access to the web site and its server is by means of password-protected SSH access.
Data exchanged between the NeM server and the client organisation, and meeting attendees, is encrypted and subject to auto-renewed SSL certificates. SSL is enforced with https redirect.
Each client organisation is provided its own separate database facility, accessed using encoded database names. Documents relating to meetings are also stored in separate repositories accessed using encoded repository names.
Deletion of attendance and personal data is the responsibility of the client organisation.
The NeM web site does not use "cookies".

Requests for access to information, questions and complaints

Where meeting attendees, client organisation staff or other involved persons wish to request access to information stored on the NeM web site, have questions, or wish to make complaints, they should first refer to the client organisation management team; where requests for information access, questions and complaints are not resolved thereby, reference can be made to admin@nem.co.za where they will be dealt with as required by the Protection of Personal Information Act.