policy logo

Riskflow Group


The Institute:

Tel: +27(0) 11 704 0648
Fax: +27(0) 11 462 3714

Postal Address:
P O Box 1104
South Africa

Physical Address:
Block 9B
Northgate Office Park
Corner Aureole and Profit Avenue
Northworld, 2162
South Africa

Who We Are

In this policy, “Riskflow”, “Riskflow Group” or “we” refers to one or more of the companies in the Riskflow Group that operate in South Africa.

Our Privacy Policy explains:

  1. Who We Are
  2. What Data We Need and Why
  3. How We Get the Data
  4. What We Do & Don’t Do With Your Data
  5. Responsibilities & Rights of Both Parties
  6. Amendments

Your privacy is important to us, please do take the time to get to know our practices – and if you have any questions contact us.

We’ve tried to keep it as simple as possible, but if you’re not familiar with terms like cookies, IP addresses, pixel tags and browsers, then read about these key terms first.

What Data We Need and Why

There are many different ways you can use our services and when you share information with us, fwe can make those services even better.

The decision to provide us with certain customer information via our website is always up to you. It should however be noted that in financial dealings, withholding certain information may limit the services we are able to offer.

The type of customer information you will be asked to provide will vary according to the product or services required.

We collect and process your personal information mainly to provide you with access to our services and products, to help us improve our offerings to you and for certain other purposes explained below.

The type of information we collect will depend on the purpose for which it is collected and used. We will only collect information that we need for that purpose.

We may collect information about the services that you use and how you use them, for instance your auto-log in preferences, or whether you log in from your iPad, Tablet, Desktop, Mac, etc. This information includes, but is not limited to:

We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Riskflow may associate your device identifiers or phone number with your Riskflow Account; Device information is also collected to render the website and App in the best, most compatible format for your device.

When you use our services or view content provided by Riskflow, we may automatically collect and store certain information in server logs. This may include:

Details of how you used our service, such as your search queries;
Telephony log information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls;

Internet protocol address;
Device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL; Cookies that may uniquely identify your browser or your Riskflow Account.

How We Get the Data

We will not collect or use your information without obtaining your consent. In instances where we do not purchase information from information providers, we will ensure that the third party has obtained valid consent before concluding the purchase. In respect of all marketing activities related to our services or products, consent to collect or use your information will be obtained from you, the customer. Should you choose to not provide consent, then consent will be implied (e.g. if you are given an opportunity to withhold consent to share specific information, but choose not to do so, it implies that you have chosen to share this information).

We collect information directly from you where you provide us with your personal details, for example when you purchase a product or services from us or when you submit enquiries to us or contact us. Where possible, we will inform you what information you are required to provide to us and what information is optional.

We also collect information about you from other sources as explained below.

With your consent, we may also supplement the information that you provide to us with information we receive from other companies in the Riskflow Group in order to offer you a more consistent and personalized experience in your interactions with Riskflow.

Website usage information is collected using “cookies” which allows us to collect standard internet visitor usage information.

What We Do & Don’t Do With Your Data

We will use your personal information only for the purposes for which it was collected or agreed with you, for example:

To provide our products or services to you, to carry out the transaction you requested and to maintain our relationship;

For underwriting purposes;
To confirm and verify your identity or to verify that you are an authorised user for security purposes;
For operational purposes, and where applicable, credit scoring and assessment and credit management;
For the detection and prevention of fraud, crime, money laundering or other malpractice;
To conduct market or customer satisfaction research or for statistical analysis;
For audit and record keeping purposes;
In connection with legal proceedings.

We will also use your personal information to comply with legal and regulatory requirements or industry codes to which we subscribe or which apply to us, or when it is otherwise allowed or required by law (for example to protect Riskflow's interests).

Given our aim to provide you with ongoing financial services, we would like to use your information to keep you informed about other financial products and services which may be of particular interest to you.It is important to note that where your information is provided for marketing services, it is only done so with your consent as described above. You may opt out at any time if you don’t want to receive any further communications of this nature.You may also give and withdraw consent.

We may disclose your personal information to our service providers who are involved in the delivery of products or services to you. We have agreements in place to ensure that they comply with these privacy terms. When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure. We may need to transfer your personal information to another country for processing or storage, mainly via our web service servers but this might also be a person-to-person transfer. We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.

We may share your personal information with, and obtain information about you from:

Third parties for the purposes listed above, for example credit reference and fraud prevention agencies, law enforcement agencies;
Other companies in the Riskflow Group when we believe it will enhance the services and products we can offer to you, but only where you have not objected to such sharing;
Other third parties from whom you have chosen to receive marketing information.

We may also disclose your information:

Where we have a duty or a right to disclose in terms of law or industry codes;
Where we believe it is necessary to protect our rights.

Responsibilities & Rights of Both Parties

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorised access and use of personal information. We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your personal information is secure.

Our security policies and procedures cover:

You have the right to request a copy of the personal information we hold about you and specify what information you would like. We will take all reasonable steps to confirm your identity before providing details of your personal information.

Please note that any such access request may be subject to a payment of a legally allowable fee.You have the right to ask us to update, correct or delete your personal information. We will take all reasonable steps to confirm your identity before making changes to personal information we may hold about you.


We would appreciate it if you would keep your personal information accurate.

Please note that we may amend this Notice from time to time without notice. Please check this website periodically to inform yourself of any changes.

If you have questions about this Notice or believe we have not adhered to it, or need further information about our privacy practices or wish to give or withdraw consent, exercise preferences or access or correct your personal information, please contact us at the details supplied on our website.