- “SODIAM”, “we”, “us”, and “our” (and other similar terms) to refer to the public limited company SODIAM and all the companies under its control (subsidiaries, temporary companies, etc.).
- “Personal data” to refer to any information relating to an identified or identifiable natural person (i.e. one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors).
- “You” and “your” (and other similar terms) to refer to our customer or anyone with an interest in one/several of our services and products, individuals associated with our customers, our partners and suppliers, employees, job applicants and visitors to the websites operated by SODIAM (including but not limited to Sodiamsales.com and Sodiam.co.ao).
- Other terms have the meanings set out in the applicable data protection laws (in particular the General Data Protection Regulation (EU) 2016/679).
2. Who is responsible for your personal data?
SODIAM is the data controller responsible for your personal data. Our contact details are provided below.
3. What personal data do we collect and process?
We collect and process the following personal data from you:
- Identity and Contact Data, including your name, address, telephone number, email address, date of birth, language, professional background, copies of passport and other personal data relevant to our services;
- Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention;
- Business Information, including information provided in the course of the contractual or customer relationship between you or your organisation and us, or otherwise voluntarily provided by you or your organisation;
- Profile and Usage Data, including your preferences in receiving marketing information from us, your preferences regarding our services that you follow, your preferences on our social media pages and websites including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs);
- Technical Data, including information collected during your visits to our website, the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform; and
- Physical Access Data, including but not limited to videos and photographs, relating to details of your visits to any premises for attending inspection and/or participating to a sale.
4. How do we collect your personal data?
In the majority of circumstances, we will collect personal data (i) from our customers or anyone with an interest in our services, (ii) from our partners and suppliers, (iii) from people wishing to receive our communications and (iv) from our employees. We may also have to collect your personal data (v) from third parties.
The circumstances in which we can collect personal data about you are the following:
- In connection with the services we provide (e.g. diamond inspections and sales);
- When you offer to provide, or provides services to us;
- When you correspond with us by phone, e-mail or other electronic means, or in writing, or when you provide other information directly to us, including in conversation with our employees or with our partners and suppliers;
- When you browse, complete a form on our website or social media pages;
- When you attend meetings or sign up to receive our communications;
- By making enquiries from your organisation or other organisations with whom you have dealings;
- When you provide your data to our partners and suppliers; and
- As an employee or a job applicant.
Where we need to collect personal data by law or in order to process your instructions or perform our services and you fail to provide that data when requested, we may not be able to carry out your instructions or perform the contract we have or are trying to enter into with you. In this case, we may have to cancel our engagement or contract you have with us, but we will notify you if this is the case at the time.
5. How will we use your personal data and on what basis?
We will use your personal data in such a manner as we believe is reasonably necessary only for the following purposes and on the following legal basis:
- The processing is necessary for the performance of a contract you are party to or in order to take steps at your request prior to you entering into a contract with us:
- Information: to answer your questions or to provide you information related to our services in relation to diamond inspections and/or sales;
- Partners and suppliers: to conclude all the contracts in connection with our services;
- Customers: to fulfil their demands and to offer our services in relation to diamond inspections and/or sales;
- Administration: to agree payment arrangements, and to collect our fees and costs owing to us;
- Employees: to manage our staff; and
- Job applicants: to process applications for employment.
- The processing is necessary in order for us to comply with our legal obligations:
- Maintaining records: for example, we must hold your personal data on a suppression file to ensure there is a record of your objection to direct marketing; and
- Compliance with accounting, tax and social security requirements.
- Where you have given consent to the processing of your personal data:
- To send you our communications, to give you news about any events we are organising or participating in, and/or other information about us and the services that we or another provides that we believe may be of interest to you; and
- To collect information about your preferences to personalise and improve the quality of our communications with you.
- The processing is necessary for the pursuit of our legitimate commercial interests:
- To administer and manage our relationship with you, including accounting, auditing, and taking other steps linked to the performance of our business relationship;
- To carry out background checks, where permitted and where the processing is necessary for the purpose of preventing fraud and money laundering;
- To perform analytics (such as trends, sales intelligence, marketing effectiveness);
- To analyse and improve our services and communications and to monitor compliance with our policies and standards;
- To ensure our network and information security and prevent or detect security threats, frauds or other criminal or malicious activities;
- For insurance purposes;
- To exercise or defend our legal rights or to comply with court orders;
- To communicate with you to keep you up to date on the latest developments, announcements, and other information about our services, events, initiatives; and
- To collect information about your preferences to personalise and improve the quality of our communications with you.
6. Who else may have access to your personal data?
On occasion, we may need to share your personal data with third parties. We will only share personal data where we are legally permitted to do so.
We share your personal data:
- With our partners, including diamond producers, and service providers to enable us to provide our services to you. Our arrangements with external service providers currently cover the provision of support services including accountants, auditors, public notaries, IT and business development consultants;
- With courts, law enforcement authorities, regulators, Government officials or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process; and
- When disclosures are required by law or regulation: in certain circumstances, please note that we may be required to disclose personal data under applicable law or regulation, including to law enforcement agencies or in connection with proposed or actual legal proceedings.
7. Security of your personal data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We put in place strict confidentiality agreements, including data protection obligations, with our third-party service providers.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Your rights
You have various rights with respect to our use of your personal data:
- Access: The right of access gives you the right to obtain a copy of your personal data. It helps you to understand how and why we are using your data, and check we are doing it lawfully. There are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information.
- Rectification: You have the right to have inaccurate personal data rectified and to have incomplete personal data completed. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or has changed, so that we can keep your personal data up to date. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
- Erasure: You have the right to have your personal data erased. This right is not absolute (for example, we may retain your personal data for a longer period because of our legal obligations) and only applies in certain circumstances (for example if your personal data is no longer necessary for the purposes for which it was collected, or when your personal data have been unlawfully processed).
- Restriction: You have the right to restrict the processing of your personal data in certain circumstances. This means that you can limit the way that we use your personal data where you have a particular reason for wanting the restriction. This may be because you have issues with the content of the information we hold or how we have processed your data.
- Portability: You have the right to request that some of your personal data is provided to you, or to another data controller, in a structured commonly used, machine-readable format. This right to data portability only applies when our lawful basis for processing this information is consent or for the performance of a contract and we are carrying out the processing by automated means (i.e. excluding paper files).
- Objecting: You have the absolute right to object to the processing of your personal data if it is for direct marketing purposes. In others specific circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data.
- Automated individual decision-making: You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. The right is not absolute and only applies in certain circumstances. You will be specifically informed if we make such automated individual decision.
- Complaints: We are committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint with a supervisory authority in the country of your habitual residence, of your place of work or of an alleged infringement of the data protection laws. You also have the right to seek a remedy through the courts.
You may, at any time, exercise any of the above rights, by contacting us using the contact details provided below. If we have doubt about your identity, we may request you to provide us with a proof of your identity, i.e. a copy of your passport, or any other valid identifying document.
9. Withdrawal of consent
When personal data is processed on the basis of your consent, you may withdraw consent at any time.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.
In the event that you no longer want to receive any marketing communications from us, please use the unsubscribe option (which is in all of our marketing emails to you) or contact us using the contact details provided below. Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our services.
10. How long do we keep your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
12. Links to other websites
Our website and social media pages may link to other, unaffiliated third-party websites and/or social media pages. Please note that we are not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third-party websites. You must always carefully review the privacy and confidentiality policy of any third-party website that you may visit in order to understand how the operators of that website may collect, store and use your personal data.
14. Contact details
Rua Rainha Ginga 87, 7th floor
Edifício Endiama/De Beers
1072 Luanda, Angola
Tel: + 244 / 924 156 986
E-mail: info @ sodiamsales.com