PRIVACY POLICY

Introduction

Rise Against Domestic Violence SA NPC ("we," "us," "our") is dedicated to safeguarding the privacy and personal information of all individuals who engage with us. This Privacy Policy explains how we comply with the Protection of Personal Information Act (POPIA) in South Africa.

It outlines how we protect the personal data of clients, volunteers, employees, and other stakeholders, particularly given the sensitive nature of domestic violence, harassment, and related matters.

Information Officer

Information Officer:
Zenda-Lee Williams
Email: zen@riseagainstdomesticviolence.co.za
Contact: 081 589 4308

Deputy Information Officer:
Ryan Williams
Email: ryan@riseagainstdomesticviolence.co.za

Both are directors of RISE Against Domestic Violence SA NPC.

For detailed governance procedures regarding data protection, please refer to our organizational governance framework at: https://www.riseagainstdomesticviolence.co.za/governance

Information We Collect

We may collect personal information, including:

Personal identifiers: Name, contact details (phone, email, address), identity numbers.

Sensitive data: Details related to incidents of domestic violence, health information, family circumstances, legal documents, and other information needed to provide our services.

Demographic information: Age, gender, and other non-identifying details.

Usage data: IP addresses, browser type, access times, and referring websites.

Cookies and tracking data: Information collected via our website to help improve performance and user experience.

How We Collect Information

We collect personal information through:

• Intake forms submitted via our website or digital platforms

• WhatsApp communications including our WhatsApp Community, support groups (Women's Support, Men's Support, Legal Advice), and direct messages

• Email correspondence with survivors, volunteers, and partner organisations

• All communication channels used to coordinate assistance between survivors, volunteers, and partners

Purpose of Data Collection

We only collect personal information to support our mission of providing assistance, volunteer one-on-one sessions, legal support, and resources to individuals affected by domestic violence and harassment. Specifically, we use your data to:

• Offer volunteer one-on-one sessions and support services

• Provide legal guidance and related services

• Facilitate peer support through WhatsApp groups and our WhatsApp Community

• Communicate important updates or opportunities

• Ensure the safety of clients and staff

• Share resources and information about domestic violence support

• Respond in emergencies related to domestic violence

• Manage communication and outreach, including WhatsApp groups and newsletters

• Coordinate with volunteers and partner organisations to deliver services

• Collect anonymised data for research, training, and service improvement

• Improve our services and website functionality

• Fulfil legal or regulatory requirements

We do not sell, trade, or lease your personal information to third parties.

Legal Basis for Processing

We process your personal information based on:

Your consent: Where you have given explicit consent through intake forms, WhatsApp acceptance, or verbal agreement documented by our team.

Legitimate interests: To support our mission and provide essential services.

Legal obligations: To comply with laws, particularly those around safety, reporting, and protection under POPIA, the Domestic Violence Act 116 of 1998, and the Children's Act 38 of 2005.

Protecting Your Information

We take privacy and security seriously. We use secure storage systems, encryption, access controls, and anonymisation wherever possible. All staff and volunteers are trained to handle sensitive information with strict confidentiality and sign confidentiality agreements as part of their onboarding.

Digital Platforms and WhatsApp Privacy

Most of our services are delivered via WhatsApp, including our WhatsApp Community and dedicated support groups. You should be aware:

• WhatsApp data collection: Meta (WhatsApp's parent company) collects metadata about messages, though message content is encrypted

• Group administration: Group admins have access to participant information and message history

• Message retention: Messages remain in group chat history unless manually deleted; when you leave a group, previous messages remain visible to other members

• Screenshot policy: We request all group members respect confidentiality and refrain from screenshotting or sharing others' information outside the group

• Volunteer access: Only authorised volunteers assigned to specific groups have access to communications within those groups

By joining our WhatsApp groups or Community, you acknowledge these platform-specific privacy considerations.

When We May Share Your Information

Your information will only be shared under these circumstances:

Service providers and partners: Trusted organisations such as Humanitas (therapy services) and SLSJ Law Clinic who help deliver our services and comply with our privacy standards. Information is shared only to the extent necessary to provide assistance.

Volunteers: Authorised volunteers providing legal guidance, peer support, or coordinating services may access your information strictly for the purpose of assisting you.

Legal obligations: When required by law, including mandatory reporting under the Children's Act 38 of 2005, court orders, subpoenas, or other legal processes.

Emergencies: If disclosure is necessary to prevent serious harm to you or others, we may share data with emergency services, SAPS, or relevant authorities.

We will not share your information with third parties for marketing purposes or any purpose unrelated to survivor support.

Children's Privacy Protection

We take special care when handling information involving minors (individuals under 18 years of age).

• Parental or guardian consent is obtained where required by law

• Special protections are applied to data of child survivors

• We comply with mandatory reporting obligations under the Children's Act 38 of 2005 when a child is at risk of harm

• Access to children's information is restricted to essential personnel only

Data Security, Storage, and Retention

We apply robust security measures to protect personal data from unauthorised access. Our website and online platforms follow best practices to reduce the risk of breaches. Information shared through WhatsApp or other channels is only accessed by authorised personnel.

Where data is stored:

• WhatsApp communications (encrypted by WhatsApp)

• Secure cloud storage systems with encryption

• Intake forms and case files on password-protected systems

How long we keep data:

• Active case files: Duration of assistance plus 5 years

• Support group messages: Retained as long as groups remain active; deleted upon group closure or after 90 days of inactivity

• Legal guidance records: 7 years (in line with legal practice requirements)

• Volunteer records: Duration of service plus 3 years

• General correspondence: 2 years unless ongoing case involvement

When data is no longer required, we securely delete or anonymise it.

Volunteer access termination: When a volunteer leaves RISE, their access to all platforms, groups, and case files is immediately revoked.

Data Breach Notification

In the event of a data breach that poses a risk to your privacy or safety:

• We will notify the Information Regulator of South Africa within a reasonable timeframe as required by POPIA

• We will notify affected individuals directly if the breach may result in harm

• We will take immediate steps to contain the breach and prevent further unauthorised access

• We will review and strengthen our security measures to prevent future incidents

Use of Anonymised Data

We may use anonymised information for research, training, advocacy, reporting, and content creation on our social media platforms. This data will never contain personally identifiable details and is solely used to improve our services, raise awareness about domestic violence, and educate the public.

Your Rights under POPIA

Under POPIA, you have the right to:

• Access, update, or correct your personal information

• Withdraw consent where we rely on it (note: this may limit our ability to provide services)

• Request deletion of your data if we no longer need it for the purpose it was collected

• Object to processing of your information in certain circumstances

• Lodge a complaint with our Information Officer or with the Information Regulator if you believe your data rights have been violated

To exercise these rights, contact our Information Officer.

How to Lodge a Complaint

If you believe your privacy rights have been violated, you may:

1. Contact our Information Officer directly (details at the top of this policy)

2. Lodge a complaint with the Information Regulator of South Africa:

   • Website: https://www.justice.gov.za/inforeg/

   • Email: inforeg@justice.gov.za

   • Phone: 012 406 4818

   • Physical Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

Contact Us

If you have questions about this Privacy Policy or your personal information, please reach out to us:

Information Officer: Zenda-Lee Williams

Information Officer: Zenda-Lee Williams
Email: zen@riseagainstdomesticviolence.co.za (note: correct the typo in your actual email)
Contact Number: 081 589 4308

Deputy Information Officer: Ryan Williams
Email: ryan@riseagainstdomesticviolence.co.za

Changes to this Policy

We may update this Privacy Policy from time to time. We encourage your to review it periodically. Any updates will be posted here with “Last “Updated” date.

Last Updated: [12 February 2025]