Maverix Limited

Privacy Policy

Document: Marq. Limited Privacy Policy

Version: 1.1

Last updated: 29 August 2023

Introduction

Marq. Limited (we, us, our and the Company) is a distributor of online courses (the "Courses") and coaching and mentoring for management and business leaders (collectively "Services") in Africa.

We take privacy and security of personal data very seriously and we are committed to ensuring that we safeguard the privacy and security of personal data of:

  • those who apply for any job with us ("Candidates");
  • our staff, which includes directors, employees, interns and other workers within our organisation, as well as any such person working within any entity over which Marq. Limited has effective control ("Staff");
  • those who retain our Services ("Clients"); and
  • those who visit our website(s)/application(s) ("Visitors").

(collectively referred to as you, your and yourselves)

This Privacy Policy describes our privacy practices and contains important information for you. It explains:

  • who we are;
  • what personal information we collect about you;
  • how, when and why we collect, store, use, share and process your personal data;
  • how we keep your personal data secure;
  • for how long we keep your personal data;
  • your rights in relation to your personal data; and
  • how to contact us or the relevant supervisory authority should you have a complaint.

Please ensure that you read this policy together with any other related information or policies/notices that we may provide to you from time to time, so that you are aware of how and why we are using your information. Feel free to address any questions or comments you may have regarding this privacy policy to our Data Protection Officer, Ben Rath at dpo@marq.ac.

Marq. Limited acts a Controller, as defined by the Data Protection Act 2017 ("DPA"), with respect to your data. This means that we are responsible for deciding how we hold and use your personal data.

Please note that our website(s)/Application(s) may contain links to other third-party websites that may also gather information about you. Third-party websites operate in accordance with their own privacy policies, and we have no control over any personal data that they may collect, store, use and process. For privacy information relating to these third-party websites, you should consult their privacy policies as appropriate.

This Privacy Policy is divided into three (3) sections, namely:

  1. Section 1: Privacy of Candidates and Staff;
  2. Section 2: Privacy of Clients; and
  3. Section 3: Privacy of Visitors.

Section 1: Privacy of Candidates and Staff

What type of personal data do we collect?

Depending on the relevant circumstances and applicable local laws and requirements, we will collect some or all of the non-exhaustive information listed below:

  • Name;
  • Age/date of birth;
  • Sex/gender;
  • Employment history;
  • Emergency contacts and details of any dependants;
  • Referee details;
  • Immigration status (whether you need a work permit);
  • Nationality/citizenship/place of birth;
  • Contact details including email address;
  • A copy of your driving licence and/or passport/identity card;
  • Your Bank details;
  • Your Financial information (where we need to carry out financial background checks);
  • Your Tax Account Number (or equivalent in your country) and any other tax-related information;
  • Diversity information (racial or ethnic origin, religious or other similar beliefs, and physical or mental health, including disability-related information);
  • Sexual orientation;
  • Information collected during the recruitment process that we retain during your employment;
  • Terms and conditions of your employment;
  • Details of your qualifications, skills, experience and employment history;
  • Details of your marital status, spouse/partner, next of kin and dependants;
  • Criminal background checks;
  • Details of your time and attendance records;
  • Details of your work output, time recording and work-related targets that you have missed or achieved;
  • Details of period of leave taken by you, including holiday, sickness and other absence, and the reasons for such leave;
  • Details of any disciplinary or grievance procedures in which you have been involved, including any warning issued to you and related correspondence;
  • Details of your trade union membership;
  • Performance management information, including appraisals, performance reviews and ratings, training you have participated in and related correspondence;
  • Extra information that you choose to disclose to us;
  • Extra information that your referees choose to disclose to us about you;
  • your IP address, the browser you use, your operating system;
  • the pages of our website(s) and/or application(s) that you have accessed and when you accessed them;
  • details of any documents or other resources that you have downloaded from or uploaded on our websites) and/or application(s); and
  • other relevant information as may be required by us in order to ensure we fulfil our obligations as an employer.

Please note that:

  • the list above is not exhaustive.
  • it is important that the personal data that we hold about you is accurate and current. For this reason, you are hereby kindly requested to keep us informed of any changes in your personal details/data.

How do we collect your personal data?

We collect personal data of Staff and Candidates in the following ways:

  • Personal data that you, the Candidates and Staff, give us;
  • Personal data that we receive from other sources; and
  • Personal data that we collect automatically.

Retention of data

With respect to Candidates, we will retain your data for as long as is necessary to consider your suitability for the desired position.

With respect to Staff, in general we will retain your data for only so long as is necessary for the various objectives and purposes contained in this policy. Where your personal data is retained after your employment has ended, this will generally be for one of the following reasons:

  • so that we can respond to any questions, complaints or claims made by you, or on your behalf, following the end of your employment;
  • so that we are able to demonstrate that your employment and departure from us was fair, and that you were treated fairly at all times;
  • to establish, exercise or defend a legal claim; and
  • in order to comply with legal and regulatory requirements.

Section 2: Privacy of Clients

What kind of personal data do we collect?

Depending on the relevant circumstances and applicable local laws and requirements, we will collect some or all of the non-exhaustive information listed below to enable us to offer tailored Services to you:

  • Your contact details;
  • The contact details of individual contacts at your organisation / firm / company / society ("organisation");
  • Your bank account and/or other financial details;
  • Background information about you, including but not limited to your character traits, personality profiles, business interests, education and your current or past employment;
  • Details relating to your organisation, including but not limited to directorship/trusteeship, shareholding, sector, activities, annual revenue, number of employees and type of organisation;
  • Details of any feedback you give us via any communication channel;
  • Information relating to the Services we provide to you, including but not limited to document submissions, attendance, engagement, questions, comments and statements made by you or to you;
  • Details of any meetings or forums in which you are a participant, whether you are active or not;
  • Your IP address, the browser you use, your operating system;
  • The pages of our website(s)/application(s), or other resources on the website(s)/application(s), that you have accessed and when you accessed them; and
  • Such other data as may be required, in the relevant circumstances, for Know Your Client (KYC) purposes.

Retention of data

We undertake to keep your data for no longer than is necessary for the purposes for which it was collected.

Section 3: Privacy of Visitors

The Personal data we collect from you

We may receive and store certain types of information whenever you interact with our website(s)/application(s). Generally, our website(s)/application(s) may automatically collect usage information, such as the numbers and frequency of visitors to our website(s)/application(s) and its components.

The purpose for which personal data is collected

We may automatically collect information such as your IP address, where you are based, the type and version of the browser you use, details of your operating system, how you came to our website(s)/application(s) (for example whether you were referred from another website or from a search engine), how long you remained on our website(s)/application(s), the number of pages on our website(s)/application(s) that you viewed, how you moved around our website(s)/application(s), the links you followed, and whether any of those links were used to leave our website(s)/application(s).

We process personal data about you where you have provided express informed consent for same or for our legitimate interests of improving Services experience and developing new Services features, as well as for compliance purposes.

Retention of data

We undertake to keep your data for no longer than is necessary for the purposes for which it was collected.

Who do we share your data with

Where appropriate and in accordance with local laws and requirements, it may be necessary for us to share your personal data with others to comply with our contractual obligations to you, to comply with our legal or regulatory obligations to you, or to comply with any contractual, legal or regulatory obligations that we are subject to. These may include:

  • Any of our group companies;
  • Relevant employees within Marq. Limited (this may include employees in overseas offices);
  • Relevant authorities, where we believe in good faith that the law or other regulation requires us to share the data;
  • Third party service providers who perform functions on our behalf;
  • Marketing technology platforms and suppliers;
  • Professional advisers in relation to financial, HR, health and safety and legal issues, including accountants, advisors, experts, barristers, medical professionals, management consultants;
  • Your/our regulator(s);
  • Our and your bank; and

If we share your personal data, we ensure at all times that those with whom it is shared process it in an appropriate manner and take all necessary measures in order to protect it. In doing so we impose contractual obligations on all providers of services to ensure that your personal data is kept secure. We will only ever allow others to handle your personal data if we are satisfied that the measures which they take to protect your personal data are satisfactory.

Transferring your data outside of Mauritius

We may need to transfer your personal data to other countries for the purposes of providing the Services or for the purposes of conducting the processing outlined above. In such circumstances, we will always take steps to ensure that the transfer complies with the DPA and that your personal data will be secure.

Security and Safeguards

We use physical, electronic and administrative safeguards to assist us in preventing unauthorised access, maintaining data accuracy and correctly using personal data. Moreover, we use commercially reasonable efforts to limit access to your personal data to the employees/agents/officers/such other persons who need this information to assist us in delivering the Services.

The personal data that we collect is securely stored within our database. We use standard, industry-wide practices such as firewalls and encryptions for protecting your information. Moreover, we regularly monitor our systems for possible vulnerabilities and attacks.

However, as effective as encryption technology is, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the internet. We therefore recommend that you do not disclose your password(s) to anyone.

In the event that there is a suspected data security breach, you will be notified as and when required under the DPA. Where relevant, we will also inform the Commissioner, as defined under the DPA, of a suspected data security breach where we are legally required to do so.

Further information may be obtained from our Data Protection Officer, Ben Rath, via dpo@marq.ac.

Rights of data subjects

The DPA gives you, the data subject, various rights in relation to your personal data that we hold and process. These rights are exercisable without charge, and we are subject to specific time limits in terms of how quickly we must respond to you. Those rights are as follows:

  • Right to access: The right to obtain from us confirmation as to whether personal data concerning you is being processed, and, where that is the case, access to that personal data and various other information, including the purpose for the processing, with whom the data is shared, for how long the data will be retained, and the existence of various other rights (see below).
  • Right to rectification: The right to obtain from us, without undue delay, the setting right of inaccurate personal data concerning you.
  • Right to erasure: Your right to request that, in certain circumstances, we delete data relating to you.
  • Right to object: The right, in certain circumstances, to object to your personal data being processed by us.

Full details of these rights can be found in Part VII of the DPA.

These rights are not absolute and should be reasonably exercised.

In response to a request, we will ask you to verify your identity if we need to, and to provide information that helps us to understand your request better. We will respond to your request within a reasonable time. If we do not comply with your request, whether in whole or in part, we will explain why.

In order to exercise your rights, please contact us at dpo@marq.ac.

Our Cookies Policy

Cookies are alphanumeric identifiers that we transfer to your computer's hard drive through your Web browser to enable our systems to recognise your browser and tell us how and when pages in our website(s)/applications(s) are visited and by how many people. Our website(s)/application(s) may use session cookies which track your browser session. These do not store any information on your computer but merely allow our website(s)/application(s) to recognise certain specificities of your usage, including whether you are logged in to your account.

Our cookies do not combine information collected through cookies with other personal information to tell us who you are or what your screen name or e-mail address is.

By using our website(s)/application(s) and/or the Services provided, you agree to the above use of cookies.

Safety of Minors below 16

Our website(s)/application(s) are not intended for and shall not be used by a minor below 16 years old ("Child"). We do not knowingly collect and process personal data of a Child. During the registration process for an account and/or during on-boarding process, if you identify yourself as a Child then we will block/prevent you from providing personal data.

If it comes to our attention that we have collected personal data from a Child, we may delete this information without notice. If you have reason to believe that this has occurred please contact us at dpo@marq.ac.

Modifications of this Privacy Policy

We may, in our sole discretion, modify this Privacy Policy at any time and such modification shall be effective immediately upon either posting of the modified privacy policy on our website(s)/application(s) or notifying same to you, via the contact details provided by you. You hereby agree to review our website(s)/application(s)'s Privacy Policy on a regular basis to ensure that you are aware of any modifications. Your continued access or use of the website(s)/application(s)/our Services shall be deemed your conclusive acceptance of the modified Privacy Policy. If you do not cancel your subscription/account and continue to use our website(s)/application(s) and/or take advantage of the Services, you will be considered as having expressly consented to the modifications in our Privacy Policy. If you disagree with the terms of this Privacy Policy or any modified version thereof, you shall close your account with us and/or notify your disagreement to us in writing within fourteen (14) days starting on the date after the amended Privacy Policy has been uploaded on our website(s)/application(s) or notified to you.

Law & Jurisdiction

This Privacy Policy is governed by and interpreted according to the Laws of Mauritius. All disputes arising out of this Privacy Policy will be subject to the exclusive jurisdiction of the Courts of Mauritius.

Invalid Provisions

If any court or competent authority finds that any provision of this Privacy Policy (or part of any provisions) is invalid, illegal or unenforceable, that provision or part thereof shall, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provision of this Privacy Policy shall not be affected.

Making a complaint

If you have any issues as to the collection, acquisition, use, storage, disposal or processing of any personal data relating to you please contact us by addressing an email to dpo@marq.ac.

Notwithstanding our best efforts, inevitably sometimes things do go wrong. If you are unhappy with any aspect of the use and/or protection of your personal data, you have the right to make a complaint to the Data Protection Commissioner by:

END.