pbVerify renews data protection promise

Featured

Blog picSA’s number one data bureau has renewed its status as an official credit bureau, reinforcing customers’ trust in our services.

We are living in the Information Age, and there is an intense air of nervousness and reluctance when it comes to the sharing of personal information. And rightly so – given the proliferation of data breaches and brazen data misuse by marketing companies across the globe.

As SA’s leading data bureau, pbVerify fully understands these concerns and continually takes decisive measures to address them, ensuring our customers’ data remains private and secure at all times.

To this end, pbVerify recently cemented its status as an official credit bureau in terms of Section 43 of the National Credit Amendment Act, 19 of 2014, serving as a stamp of surety and our promise to you, our customer, that your data is safe with us.

In a nutshell, a credit bureau is as company that holds information on credit-active individuals, and uses that data to advise businesses and consumers as to their credit risks associated with a given application or transaction, using complex algorithms.

pbVerify’s status as an official credit bureau, in line with the National Credit Act, validates the fact that we are a professional business, bound by and compliant with all local and international data policy and privacy policy regulation. It also verifies that we have a failsafe disaster recovery system, so both ourselves as a service provider, and our customers, can have total peace of mind when it comes to the protection of the valuable data we deal with.

You can rest assured, your data – including identity data – is secure with us and will stay with us. We will never trade customer information with another company, nor share it for marketing purposes.

pbVerify offers a range of Credit Risk Management and Credit Check products for businesses and consumers.

For more information on pbVerify’s suite of B2B and B2C products click HERE.

To view pbVerify’s NCR Credit Bureau certificate click here: NCRCB343 Certificate – Valid 2018-2019

What is a Credit Bureau?

To manage credit risk and for the sake of general financial health, it is vital that you have a grasp on your credit history. As a consumer, it is important that you understand your credit score and report, as well as the bodies that compile that information, i.e. credit bureaus.

The National Credit Regulator (NCR) describes a credit bureau as “A company that gathers information and updates each consumer’s credit history. A credit bureau creates a record of a consumer’s credit information indicating how the consumer manages his/her credit.

“The credit bureau supplies these records to credit providers, such as banks, retailers and other credit providing companies. The information indicates each consumer’s payment record. It is also used to detect fraud, corruption or theft.”

What rights do I have?

When it comes to the accessing of credit history by a credit provider, you have the right:

  1. To be informed that the credit provider intends to report negative information on you to a credit bureau before the credit provider actually reports you.
  2. To receive a copy of your credit record from a credit bureau when you request it.
  3. To challenge information kept by the credit bureau if you are unhappy with the information.
  4. For your information to be kept confidential, and for your information to be used only for purposes allowed by the National Credit Act.

Click HERE to learn more about credit bureaus and the National Credit Act.

 

REFERENCES 

  1. National Credit Regulator – National Credit Act pamphlet
  2. Fin24 – Five massive data breaches affecting South Africans
  3. Business Live – All your personal information is up for sale to debt counsellors for 55c

Data protection: SA companies need to take a global stance

Featured

how-to-comply-with-the-data-protection-act-457501399With the implementation of the EU’s data protection laws just around the corner, local entities need to study up on how it could affect them.

D-day for implementation of the European Union’s (EU) General Data Protection Regulation (GDPR) is just three months away – and South African organisations are by no means off the hook.

If you are a South African entity that handles individuals’ personal data, you will be acutely aware of our country’s data protection law – the Protection of Personal Information (POPI) Act – but have you considered how the looming GDPR affects the way you manage clients’ personal information?

The fact of the matter is, if you are a locally-based business that offers goods or services to EU customers, you also deal with personal information or data relating to EU citizens’ – and you are just as responsible for complying with the GDPR as any EU business.

Leon van der Merwe, head of digital at customer communication firm PBSA, points out that any entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

GDPR vs POPI

Van der Merwe says it is crucially important for local companies with dealings abroad to do their homework and familiarise themselves with the GDPR’s ground rules. “Companies could be fined heavily under GDPR regulations if they fail to provide evidentiary and auditable processes, as well as adequate IT security, to protect personal data.”

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection EU citizens.

Non-compliance with the GDPR comes with a hefty fine of up to €20 million (about R290 million) – or 4% of annual sales.

Similar to SA’s POPI Act, the GDPR is all about data protection. Data includes things like a person’s name, email address and phone number, as well as information collected by website cookies like internet browsing habits.

Breaching rules laid out in the POPI Act comes with a R10 million fine and/or a jail sentence.

Van der Merwe summarises the parallels between the two data-protection directives: “POPI and GDPR are similar, in that they both aim to strengthen the protection of personal information. They differ in their approach, in that the GDPR takes a wider, more global perspective that includes anyone, anywhere either controlling or processing – or both – data relating to EU citizens.”

Auditable business processes

A big part of compliance, when it comes to both the POPI Act and the GDPR, specifically involves audit trails – something PBSA’s digital signature and workflow product, SignFlow, is heavily centred on.

For evidentiary purposes and in order for any company to assert GDPR compliance, the automated management of an audit trail is imperative.

Van der Merwe says SignFlow is can assist customers in their strategy to automate and digitise processes in a responsible and compliant manner. “Business Process Automation is at the forefront of our technology development at SignFlow, including tools like DocFlow, CaseFlow and our digital customer on-boarding tools.”

At the core of SignFlow, he says, is Public Key Infrastructure (PKI). “PKI manages users’ private keys, and signs and secures documents using Public Key Cryptography. Not only does this make documents tamper-evident after they’ve been signed, but the entire operation is conducted in a secure network over encrypted secure socket layers between the public, personal devices and private servers.”

Unlike paper files and systems managing email attachments, this portal fully controls and audits the workflow and communication channels between interacting parties. “This greatly reduces the risk of data leaks,” says van der Merwe.

“The system enhances non-repudiation, creating a digital trail of undeniable events that prove intent and identity.”

With GDPR set to come into effect on 25 May 2018, and the high stakes attached to non-compliance, South African companies simply cannot afford not to take a global view on data protection. “The protection of personal information goes far beyond just the POPI Act for local companies dealing with international customers,” says van der Merwe.

 

[REFERENCES]

  1. Digiday – For the GDPR-curious: WTF is the Article 29 Working Party?
  2. The Digiday Guide to GDPR (PDF)
  3. The Sun – What is GDPR, what does it stand for, when is the deadline in 2018 and how can you check if a business is compliant?
  4. Michalsons – What does the GDPR mean for the POPI Act?
    POPI commencement date or POPI effective date starts the clock
  5. Wikipedia – General Data Protection Regulation
  6. IOL – Protection of Personal Information Act soon to become a reality
  7. ITWeb – Unpacking the POPI Act: The ins and outs of protecting personal information

PBSA upgrades to Relay inserter range

Featured

Relay 3000 & 4000The customer communication firm has just launched a new suite of mail folding and inserting machines that will fit any size business’ needs.

Being a company that believes in moving with the times – and bringing its customers only state-of-the-art technology – PBSA has upgraded its folding and inserting machines to the Relay range from global technology company Pitney Bowes.

The move gives pbOffice – the division of PBSA that provides automation solutions to serve mailing, marketing and communication applications for small and medium-sized enterprises – the ability to better serve its customers by being able to more accurately align machine specifications to specific application needs.

Quieter to operate and more aesthetically pleasing, the new Relay inserter range is more office-friendly. More importantly though, the Relay ranges drives higher performance, increasing productivity and allowing you to focus your time and energy on driving your business.

The Relay range of inserters comes with a number of vital features and scores of benefits. These state-of-the-art machines come with guarantees of:

  1. Data protection for your customers: This is an invaluable benefit, especially given the country’s personal information laws (does the term POPI Act ring any bells?).
  2. More productivity, less wasted time & money: Relay inserters offer a proven, easy-to-use platform that delivers fast, accurate and affordable mail assembly.
  3. 100% Accuracy – every time: The Relay range of inserters was specifically designed to deliver accurate, reliable processing of mail – so you can be confident your mail is not only getting out on time, but the right information is getting to the right customer. Every time.
  4. Ease of use: Even if you’re not technically inclined, you can be up and running with your Relay inserter in no time, ensureing your monthly mail gets out quickly and easily.
  5. Customisation: You shouldn’t have to tailor your mail programmes to the limitations of your equipment. With the Relay range of inserters, you have the ability to process various sizes of letters with the option of processing flat-sized envelopes or mailers.

For more information and model specifications relating to the various machines offered by pbOffice, click on the links below:

For more information on pbOffice products and services call 010 300 4893.