Last updated: 16 August 2023

1 Responsibility

1.1 DOMISA Financial Services (PTY) Ltd, trading as DOMISA Treasury (DOMISA), respects your rights to privacy. This Privacy Policy governs the manner in which DOMISA Treasury deals with personal information collected by us from users of thewww.domisa.co.zawebsite as well as during the course of offering products and services via other channels.

1.2 DOMISA collects information only by lawful and fair means.

1.3 If you are a customer of DOMISA, this Policy should be read in conjunction with DOMISA's Terms & Conditions.

1.4 By interacting with DOMISA, submitting information to DOMISA, or signing up for any services offered by DOMISA, you are deemed to agree and consent to us (as well as our related body corporates, representatives and/or agents) collecting, using or disclosing and sharing amongst ourselves your Personal Information in the manner set forth in this Privacy Policy.

2 Collection of Personal Information

2.1 DOMISA collects the following kinds of Personal Information:

• your identity particulars, including your name, gender, address (and previous addresses), date of birth, phone number, mobile number, bank account information, name of employer and financial information. If you choose to add a Beneficiary on our website, DOMISA will ask you for your Recipient’s Personal Information including the Recipient’s name, phone number, financial information (bank information) and physical address;
• details of services or products you acquire from DOMISA or which you enquire about, together with any additional information necessary to deliver those services or products and respond to your enquiries;
• information regarding transactions you conduct utilizing DOMISA’s services;
• any credit information that may be obtained in the course of obtaining the identity particulars described above;
• Personal Information you provide to DOMISA in response to customer surveys;
• any additional Personal Information you provide to DOMISA online, by telephone, by email or otherwise to DOMISA representatives, or via your agents; and
• where you are a customer of DOMISA, the contents of telephone conversations between you and DOMISA representatives.
  • DOMISA is required to collect certain Personal Information under the Anti-Money Laundering and Counter-Terrorism Financing Laws (AML/CTF/PF Laws). For all corporate customers (including without limitation, registered domestic and foreign companies, registered associations, registered co-operatives, trusts, partnerships, government bodies or other statutory bodies (Corporate Customers), DOMISA is required under the AML/CTF/PF Laws to collect Personal

Information of individuals (being a natural person or persons) who ultimately own or control (whether directly or indirectly) the Corporate Customer (Beneficial Owners). DOMISA is required to collect Personal Information of Beneficial Owners to assist DOMISA to verify information about the beneficial ownership and control of DOMISA’s Corporate Customers.

• If DOMISA does not collect required Personal Information, then DOMISA may not be able to provide you with its services or products, or enter into contracts or undertake transactions with you.
• DOMISA will collect your Personal Information only from you unless it is unreasonable or impracticable to do so. When you give us Personal Information of Recipients, you represent that you are authorized to do so and agree to inform any Recipients of the contents of this Privacy Policy as it relates to them. For Corporate Customers, DOMISA may collect Personal Information of Beneficial Owners from any individual authorized to act on behalf the Corporate Customer and who has represented to DOMISA that he or she has authority to provide Personal Information of Beneficial Owners to DOMISA (Authorized Individual). Authorised Individuals providing Personal Information of Beneficial Owners to DOMISA are assumed to have informed any Beneficial

Owners of the contents of this

Privacy Policy

• DOMISA collects your Personal Information from you, or via your agents, in ways including the following:

• through your access and use of the DOMISA website;
• during conversations between you and DOMISA representatives;
• when you complete an application, order form or a contract;
• when you conduct transactions using DOMISA’s services; and
• when you send information in emails or correspondence to DOMISA;
  • Where you are a customer of DOMISA, DOMISA may be subject to compliance with its obligations under law and may access third party electronic databases necessary to assist it to identify you and such databases could contain credit information. DOMISA may therefore collect information about you that it has obtained from businesses that provide information about the credit worthiness of individuals, including consumer credit reports from a credit reporting body.
  • DOMISA will take reasonable steps to inform you if it collects Personal Information about you from someone else.

3 Purposes of collection, holding, use and disclosure of Personal Information

3.1 DOMISA collects, holds, uses and discloses your Personal Information (including credit information) for the following purposes:

• to provide its services and products to you and undertake associated business processes and functions;
• for administration, planning and account management;
• where you are a customer of DOMISA, to identify you;
• to monitor, develop and improve the quality of its services;
• if you are registered with DOMISA, to send you information that is relevant to the provision of its services;
• to answer or process your enquiries or complaints, and provide information or advice;
• to send direct marketing to you in relation to the products, services and benefits DOMISA provides to keep you informed of new developments DOMISA believes may be of interest to you. Direct marketing may be sent to you in a variety of ways including, via email, via SMS, via social media or online.  You may opt-out of receiving direct marketing at any time through the unsubscribe function that will be made available to you with each direct marketing communication that DOMISA sends.  Alternatively, you may opt-out of receiving direct marketing by logging into your DOMISA account online or by emailing us at info@domisa.com or calling us on +27 21 205 1980.
• to comply with any law, rule or regulation (for example, the AML/CTF/PF Laws) or binding determination, or to cooperate with any governmental authority; and
• any other purpose disclosed to you at the time DOMISA collects your Personal Information.

3.2 If DOMISA sends you information that is relevant to the provision of DOMISA’s services, and at any time you do not wish to receive that information, you may send DOMISA an email opt-out and request that you not be included in any future mail-outs at:info@domisa.com.

4 Disclosure of Personal Information

4.1 DOMISA will share your Personal Information with third parties only in the ways that are described below:

1. to DOMISA’s contractors or service providers for the purposes of conducting its business and providing its services or products to you, including IT systems administrators, couriers, payment processors, electronic network administrators, and professional advisors such as accountants, lawyers and business advisors;
2. to DOMISA’s Authorized Dealer banks in order to process certain transactions on your behalf, for example, by disclosing your name and address;
3. to any partners, agents or intermediaries who are a necessary part of the provision of

DOMISA’s products and services;

1. to international intermediaries to complete your transactions;
2. to credit reporting bodies if you are a customer of DOMISA for the purpose of identifying you, in which case the information will be limited to your identity particulars, including your name, gender, address (and the previous two addresses), date of birth, name of employer;
3. to any government regulatory bodies that normally require it or may request it;

vii. in order for DOMISA to satisfy its regulatory obligations under relevant AML/CTF/PF Laws, for example in order to satisfy the obligation that DOMISA take reasonable steps to verify the identity of its customers, DOMISA may disclose your Personal Information to its external credit providers; and

1. as may be required under any other law;
2. in the event that we sell or buy any business or assets, in which case we may disclose your Personal Information to the prospective seller or buyer of such business assets; and i. to our related bodies corporate.

4.2 Any of the recipients referred to in paragraph 4.1 may be located overseas. The location of any such overseas recipient will depend on the country to which your transaction relates.

5 Information retention, quality and security

DOMISA may hold Personal Information (including credit information and credit eligibility information) in electronic and/or hard copy format.

Retention

5.1 Personal Information shall be retained only for as long as may be needed for the fulfilment of the purpose(s) for which the information is collected, used or disclosed, or as required by the Act, any other law or a court order. You should be aware that DOMISA is obliged under relevant AML/CTF Laws to retain information relating to personal identity for 5 years.

5.2 Subject to any legislative requirements, DOMISA will destroy, erase, or make anonymous your Personal Information when it is no longer needed as referred to in paragraph 5.1.

Quality

5.3 DOMISA will take reasonable steps in the circumstances to ensure that your Personal Information is accurate, complete, and up-to-date, to minimise the possibility that inappropriate information may be used to make a decision about you.

Security

5.4 DOMISA will take reasonable steps to maintain the security of your personal information. DOMISA has in place a range of security safeguards to protect your Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification, regardless of the format in which it is held.

5.5 The methods of protection may depend on the sensitivity of the information and the format in which it is contained. Security measures employed by DOMISA include:

• technological measures including SSL encryption for all data transfers over the Internet;
• physical measures such as locked filing cabinets and restricted access to offices;
• strategic measures such as limiting access to a "need-to-know" basis; and
• DOMISA ensures that its staff are aware of the importance of maintaining the confidentiality of personal information.

6 Access and correction

6.1 You may request access to any Personal Information (including credit information) that DOMISA holds about you at any time by contacting DOMISA at: info@domisa.com. There may be circumstances which preclude DOMISA from providing access to some or all of your Personal Information. For example, those circumstances could include:

• the information may impact on the privacy of other individuals;
• the information is subject to litigation privilege;
• DOMISA is prohibited by law from providing you with access; or
• the disclosure could reasonably be expected to threaten the safety, physical or mental health or life of an individual.

 6.2 If DOMISA decides that it cannot grant you access to your Personal Information, or grant access in the manner requested by you, it will set out the reasons for its decision in writing.

7 Contacting DOMISA

If you have any questions or concerns about this Policy or the collection, use or handling of your personal information, you may contact DOMISA on +27 21 205 1980 or at info@domisa.com. Domisa Financial Services (PTY) Ltd, 1 Albert Rd, Tamboerskloof, Cape Town 8001.

8 Availability and changes to this Policy

13.1 This Policy is available on the DOMISA website. DOMISA may change this Policy from time to time. Any updated versions of this Policy will be posted on the website. If DOMISA makes any material changes DOMISA will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. DOMISA encourages you to periodically review this page for the latest information on DOMISA’s privacy practices.

13.2 You may request DOMISA to provide a copy of the information in this Policy in an alternative form, such as in hard copy.