This Policy describes Mongogo´s collection, use and/or disclosure of personal information. It governs the behavior of employees and agents acting on Mongogo´s behalf when dealing with personal information. It provides procedures for an individual´s access to and correction of personal information.
Personal information includes information about an identifiable individual, presented in any form, such as: age, name, ID number(s), income, ethnic origin, opinions, evaluations, social status, disciplinary actions, credit records, loan records, medical records.
Personal information does not include the name, title or business address or telephone number of an employee of an organization.
Mongogo is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization´s compliance with the following:
Accountability for Mongogo´s compliance with these rules rests with the person or persons designated as Privacy Officer, even though other individuals within the organization may be responsible for the day-to-day collection and processing of personal information. In addition, other individuals within the organization may be delegated to act on behalf of management or the Privacy Officer.
The Privacy Officer may be contacted by email. Any communication with the Privacy Officer must be in writing and sent via email.
Mongogo is responsible for personal information in its possession or custody, including information that has been transferred to a third party for processing. Mongogo shall use contractual or other means to provide a comparable level of protection while the information is being processed by a third party.
Mongogo implements policies and practices in order to give effect to these rules.
Why Mongogo, collects private information
Mongogo collects private information in order to provide service(s) and/or products to its customers; to maintain commercial relations and to communicate with its customers (which shall include, but not be limited to: billing, collection, advertising, promotion, account verification); to identify customer needs and/or preferences; to meet legal and regulatory requirements; and to administer and manage its business operations
The purpose for gathering personal information will be given either orally, electronically or in writing prior to or at the time of collection of the personal information.
Persons collecting personal information shall be able to explain to individuals the purposes for which the information is being collected, or shall refer the individual to a designated person at Mongogo who shall explain the purposes.
When personal information that has been collected is to be used for a purpose not previously identified, the new purpose shall be identified prior to use. Unless the new purpose is required by law, Mongogo shall obtain the consent of the individual before information is used for that new purpose.
Individual’s consent is required.
The knowledge and consent of the individual are required for the collection, use or disclosure of personal information, except where inappropriate.
Personal information can be collected, used, or disclosed without the knowledge and consent of the individual. Reasons for this may include an emergency or for security or for the detection and prevention of fraud or for law enforcement purposes. In other instances, information may be publicly available. Moreover, Mongogo may provide personal information to its lawyer or agent to collect a debt, comply with a subpoena, warrant or other court order, government institution requesting the information upon lawful authority, or as may be otherwise required by law.
Mongogo will, as a rule, seek consent for the use or disclosure of the personal information at the time of collection. In certain circumstances, consent with respect to use or disclosure may be sought after the information has been collected but before use.
Mongogo shall make a reasonable effort to ensure that the individual is advised of the purposes for which the information will be used. To make the consent meaningful, the purposes shall be stated in such a manner that the individual can reasonably understand how the information will be used or disclosed.
Mongogo does not require an individual to consent to the collection, use, or disclosure of information that, in its opinion, be required to fulfill its obligations and other legitimate purposes.
The form of consent sought by Mongogo can vary, depending upon the circumstances and the type of information disclosed. Mongogo as a general rule deals only with adults but where appropriate, will accept an authorized representative’s consent.
Implied consent concerning personal information will generally be appropriate. The use of services or products by a customer or the acceptance of employment by an employee shall be considered implied consent to collect, use and disclose personal information for all identified purposes. Exceptional circumstances may occur where express consent may be appropriate.
Anyone may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Mongogo shall inform that individual of the consequences of such withdrawal, if any. In order to withdraw consent, an individual must provide notice to Mongogo in writing.
Limited personal information
The collection of personal information shall be limited to that which is necessary for the purposes previously identified. Information shall be collected by fair and lawful means.
Mongogo may also collect personal information from such third parties as credit bureaus, employers or personal references or other third parties that represent that they have the right to disclose the information.
Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
Mongogo may collect, use or disclose personal information without the individual´s knowledge or consent in certain circumstances as described herein.
Mongogo may disclose a customer´s personal information to:
(a) a person involved in the development, promotion, marketing or enhancement of Mongogo services;
(b) a credit collections agency;
(c) emergency services in an emergency situation;
(d) a person, who, in the reasonable estimation of Mongogo, is an agent of the customer;
(e) any other third party, upon receiving the consent of the customer or as required by law.
Mongogo may disclose an employee´s personal information in the following circumstances:
(a) in the administration of that employee´s benefits;
(b) in providing references to prospective employers, upon receiving the consent of the employee;
(c) as may be required by law.
Certain Mongogo employees may be given access to customer and/or employee information in so far as their duties require access for business purposes. Mongogo employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
Mongogo shall retain personal information for only as long as required to fulfill the identified purposes or as required by law.
Personal information that is no longer required to fulfill the identified purposes shall be destroyed, erased or made anonymous according to the guidelines and procedures established by Mongogo.
Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
The extent to which personal information shall be accurate, complete, and up-to-date will depend upon the use of the information, taking into account the interests of the individual. Information shall be sufficiently accurate, complete, and up-to-date to minimize the possibility that inappropriate information may be used to make a decision about the individual.
Mongogo shall not routinely update personal information unless such a process is necessary to fulfill the purposes for which the information was collected. Personal information that is used on an ongoing basis, including information that is disclosed to third parties, should generally be accurate and up-to-date, unless limits to the requirement for accuracy are clearly set out.
Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Mongogo shall protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification. The nature of the safeguards will vary depending on the sensitivity of the information that has been collected, the amount, distribution and format of the information, and the method of storage.
Mongogo protects all personal information regardless of the format in which it is held. The methods of protection include:
(a) physical measures, such as locked filing cabinets and restricted access to offices;
(b) organizational measures, such as security clearances and limiting access on a "need to know" basis;
(c) technological measures, such as the use of passwords and encryption.
Mongogo makes their employees aware of the importance of maintaining the confidentiality of personal information. Mongogo employees are governed by a non-disclosure agreement prohibiting disclosure or use of any confidential or personal information for any purposes other than the stated business purposes.
Mongogo shall use care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information.
Mongogo shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.