Privacy Policy

  1. Who are we?

MPAMOT is a professional engineering and infrastructure advisory company, with its main operating entity MPAMOT (Pty) Ltd, registered in South Africa (hereafter “MPAMOT”). The locations or countries in which we operate can be viewed at

Depending on the circumstances, we can be both a responsible party and/or an operator, as defined in terms of the Protection of Personal Information Act, 4 of 2013 (POPIA), with respect to your personal information as defined in POPIA.

From time to time, we process personal information of our employees, clients, consultants, and/or vendors (business contacts) to enable us to do business with them or provide services to them. In this notice, “you” means you as the individual we are engaging with and whose personal information we may need to collect and process to provide the requested services, or to indicate the company you represent. We may need to collect and process your personal information for the purposes described below.

  1. What personal information is collected?

MPAMOT collects and processes a wide range of personal information as part of its business operations. In accordance with Section 18 of POPIA we hereby expressly inform you that when you engage with MPAMOT (hereafter “MPAMOT Engagement”), you may need to provide MPAMOT with the following, but not limited to, personal information:

  • Full names
  • Identity numbers
  • Registration numbers
  • Financial information, including bank account information
  • Statutory information
  • Physical and postal address particulars
  • Telephone numbers
  • Email addresses
  • Unique identifiers

The above personal information will, depending on the circumstances and purposes for which it is processed pursuant to the relevant MPAMOT Engagement, be:

  • Personal information that you agree to share with us on request, subject to the agreed terms and conditions, or an underlying agreement
  • Personal information that we as the responsible party require to enable legal and regulatory compliance
  • Personal information required for the performance of professional services in terms of a contract to which you are a party
  • Personal information that is necessary and required to protect your legitimate interests or the legitimate interests of another person
  • Personal information that is necessary and required to pursue the legitimate interests of MPAMOT or a third party

We collect data on and may record all telephone calls, internet communication (including IP addresses), all correspondence we have with you irrespective of the medium of communication, details of your MPAMOT Engagement, and any visits to our website, mobile applications and client portals. In addition, we collect and generate information in relation to your profile as a client or vendor of MPAMOT.

We do not collect any special personal information as defined in Section 26 of POPIA, including your religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion (except as is required for identifying a politically exposed person (PEPs) under the Financial Intelligence Centre Act, 2001), health or sexual orientation, or biometric information.

  1. How is your personal information collected?

MPAMOT may make use of both “active processing” and “inactive processing” methods to collect personal information. When MPAMOT makes use of “active processing” to collect your personal information, it has directly been provided with your personal information pursuant to an enquiry in respect of our services, or when you provide personal information to MPAMOT pursuant to a specific MPAMOT Engagement.

In instances where MPAMOT makes use of “inactive processing”, this means that MPAMOT has not actively been provided with your personal information, such as when MPAMOT deploys passive processing means and certain technologies to collect information from you, such as through the uses of cookies, web beacons, embedded scripts, and/or mobile device identifiers. These passive processing means allow MPAMOT to process certain non-personally identifiable information which can perhaps not be linked to you directly.

  1. What do we do with your personal information and why do we collect it?

As a responsible company, employer, professional advisor, and corporate citizen, we only collect and process personal information for the purposes of conducting our business activities, pursuing legitimate interests, conducting legal or regulatory compliance activities as required by law or good business practice, or for the purposes for which the information is provided.

The personal information you provide to MPAMOT in your MPAMOT Engagement is typically processed for the following purpose(s), which are connected to our legitimate business purposes:

  • Assessing prospective clients and projects, including risk and creditworthiness
  • Showing compliance with the relevant statutory obligations, including government reporting and specific local law requirements
  • Handling or defending complaints, disputes, or claims
  • Performing professional services and duties
  • Promoting MPAMOT’s services, including details of events and seminars
  • Recruitment and employment opportunities
  • Undertaking research relating to professional services activities
  • Sharing information with MPAMOT’s related companies, credit agencies, government agencies, and legal and professional service providers, where appropriate

This notice applies to all data (including all personal information) past, present, or future submitted by you to MPAMOT or which we otherwise obtain pursuant to undertaking our normal business activities.

  1. Who do we share your personal information with?

MPAMOT conducts business across the globe and primarily holds information and data in South Africa. It may therefore transfer personal information or data to MPAMOT offices or to affiliates and to data centres in any country, but only for the abovementioned lawful purposes and always subject to MPAMOT’s Privacy Policy and the provisions of Section 72 of POPIA.

For project or business purposes it may be necessary to share your personal information with select business contacts on a need-to-know basis. We give you the assurance that we will consistently apply our Privacy Policy to our business contacts and establish a lawful justification, which may include consent, for the sharing of personal information with any third party. We will conclude written agreements with them to ensure your personal information remains secure and confidential, and that it is only used for the agreed purpose.

To assess and determine the risk profile of prospective employees, clients, business partners, and/or projects, we may share your personal information with our preferred verification agencies. The list of current agencies used is available on request from the information officer.

  1. Where do we store your personal information?

MPAMOT has implemented reasonable technical and organisational information security measures to protect personal information.

All your personal information is stored securely by MPAMOT. In storing your personal information, we may transmit or transfer personal information outside South Africa, and, as such, personal information may be stored on servers located in foreign countries that have different data protection laws in place. Any MPAMOT entities operating outside of South Africa subscribe to the MPAMOT Privacy Policy and we are comfortable that should any of these foreign countries not protect personal information to an extent required under POPIA, the POPIA standard will apply and will be enforced by MPAMOT.

Despite all our attempts to keep your personal information safe and secure, unauthorised access remains a possibility. MPAMOT will not take responsibility for anyone outside of MPAMOT’s control breaching its security measures. You must review the conditions of use and security of any third-party websites made available through hyperlinks on its website before use.

  1. How long do we store your personal information?

MPAMOT will store or retain your personal information for the period required in accordance with MPAMOT’s legitimate interest to do so or for the period necessary to comply with our legal and regulatory obligations related to the storage of specific types of records and/or information.

  1. What are your rights?

You have rights when it comes to your personal information but bear in mind that there may be various considerations in deciding how to deal with any requests you may have. As required by POPIA we have a process through which you can engage with us to request access to information. We will review or process the request and provide a response in accordance with the protocols set forth in MPAMOT’s PAIA Manual.

Your rights include:

  • Right of access – you can ask us for a copy of the personal information we store
  • Right to know – you can ask us what personal information is or was shared with any of our business contacts or any third party
  • Right to change – you can ask us to update your personal information or delete any personal information that is no longer accurate or relevant
  • Right to object – you can object to our processing of your personal information
  • Right to report – you can lodge a complaint with the information regulator if you are of the view that we are not complying with POPIA. The contact details of the Information Regulator are:

The Information Regulator (South Africa)

JD House 27 Stiemens Street Braamfontein Johannesburg, 2001
PO Box 31533
Braamfontein, Johannesburg, 2107

You agree that the laws of the Republic of South Africa shall apply exclusively to any legal dispute.