Who we are
Our website address is: https://leisurely.co.za, which is owned and operated by Deadline Media CC.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
If you contact us regarding your experience with using any of our products, we may disclose your personal information as required of by law or governmental audit.
We may disclose personal information if required by a subpoena or court order; to comply with any law; to protect the safety of any individual or the general public; to prevent violation of our terms of service.
Your contact information
We will only retain your personal information for as long as it is necessary to fulfill any purpose mentioned above or if retention of the record is required or authorised by law; or if you have consented to the retention of the record.
During the period of retention, we will continue to abide by our non-disclosure obligations and will not share or sell your personal information.
How we protect your data
We protect your personal information using computer safeguards such as firewalls and data encryption to protect personal information, and we authorise access to personal information only for those employees who require it to fulfil their job responsibilities.
What data breach procedures we have in place
Where a privacy data breach is known to have occurred (or is suspected) any member of staff who becomes aware of this must, within 24 hours, alert a Member of the Executive in the first instance.
The Information that should be provided (if known) at this point includes:
When the breach occurred (time and date)
Description of the breach (type of personal information involved)
Cause of the breach (if known) otherwise how it was discovered
Which system(s) if any are affected?
Which directorate/faculty/institute is involved?
Whether corrective action has occurred to remedy or ameliorate the breach (or suspected breach)
A template can be found at Annexure A to assist in documenting the required information.
Assess and determine the potential impact
Once notified of the information above, the Member of the Executive must consider whether a privacy data breach has (or is likely to have) occurred and make a preliminary judgement as to its severity. The Privacy Coordinator should be contacted for advice.
Criteria for determining whether a privacy data breach has occurred
Is personal information involved?
Is the personal information of a sensitive nature?
Has there been unauthorised access to personal information, or unauthorised disclosure of personal information, or loss of personal information in circumstances where access to the information is likely to occur?
Criteria for determining the severity
The type and extent of personal information involved
Whether multiple individuals have been affected
Whether the information is protected by any security measures (password protection or encryption)
The person or kinds of people who now have access
Whether there is (or could there be) a real risk of serious harm to the affected individuals
Whether there could be media or stakeholder attention as a result of the breach or suspect breach.
The executive will determine whether there are reasonable grounds to suspect that an Notifiable Data Breach has occurred.
If there are reasonable grounds, the Executive must prepare a prescribed statement and provide a copy to the Information Regulator as soon as practicable (and no later than 30 days after becoming aware of the breach or suspected breach).
If practicable, Leisurely will also notify each individual to whom the relevant personal information relates. Where impracticable, Leisurely must take reasonable steps to publicise the statement (including publishing on the website).
What third parties we receive data from
We receive no data from third parties, apart from users of this site.
What automated decision making and/or profiling we do with user data
Any data, which is collected from usage patterns as indicated above is used purely in an editorial decision-making process so that we can streamline the site to better offer the content our readers enjoy and to provide data to advertisers for the general purposes of user numbers.