Thomas More College

Online Privacy Policy

1. About the Online Privacy Policy

Thomas More College strives to ensure that our use of Personal Information of data subjects is lawful, reasonable, and relevant to our business activities, with the ultimate goal of improving our offerings and your experience.

This notice applies to Thomas More College, its subsidiaries and business units. Reference to “Thomas More College, “TMC”, “we”, “us” or “our” in this notice means Thomas More College and any of its subsidiaries.

Thomas More College respects privacy and is committed to protecting the privacy of visitors to this site. Thomas More College seeks to employ best practice when it comes to the collection and processing of personal information in accordance with data protection or privacy legislation.

Where we provide links to websites of other organisations, this Privacy Notice does not cover how that organisation processes personal information. If you follow a link to any website, please read the privacy notice of the website you visit before you submit any personal information to such website. Thomas More College is not responsible for information captured and processed on any website linked to our website.

This Online Privacy Notice sets out what we will do with any Personal Information we collect from or about you, or that you provide to us, when you use our services, including our websites and student portals (which we also collectively refer to in this Privacy Notice as the Website) or when you enrol at our school. Please read this Privacy Notice carefully to understand our views and practices regarding your Personal Information and how we will treat it.

It is important that you read this Privacy Notice together with our website terms and conditions and any other document or agreements which describes the manner in which we may provide in specific circumstances when we are collecting or processing personal information about you. This will enable you to properly understand the manner in which Thomas More College will process your Personal Information. This Privacy Notice supplements our website terms and condition and any such other documents and agreements, and this Privacy Notice is not intended to override them.

If you are a consumer, as defined in the Consumer Protection Act 68 of 2008 (Consumer Protection Act) we have a duty to point out certain important terms to you. The paragraphs which contain these important terms and reasons why they are important are set out below.

  • Limitations of risk, legal responsibilities and liability. Clauses 8 and 11 are important because they limit and exclude obligations, liabilities and legal responsibilities that we may otherwise have. As a result of these clauses, your rights and remedies against us and other persons and entities are limited and/or excluded. These clauses also limit and exclude your right to recover or make claims for losses, damages, liability or harm you or others may suffer. Clause 8 and 11 state that you know and accept that the Internet is not absolutely secure and there is a risk that your Personal Information will not be secure when transmitting over the Internet.
  • Assumption of risk, legal responsibilities and liability to you. Clause 11 is important because you take on risk, legal responsibilities and liability. As a result of this clause, you may also be responsible for claims and other amounts. You will also be responsible for, and you accept, various risks, damages, harms, and injury which may be suffered by you and others as stated in this clause. In terms of this clause, you waive your rights and as a result we may not have to perform our duties and you may not become aware of information that you may need to protect yourself.
  • Acknowledgement of fact by you. Clause 5 is important because it contains statements which are acknowledgments of fact by you. You will not be able to deny that the statements are true. We may take action against you and may have claims against you as a result of these statements. You will not be able to take any action against us if you suffer harm as a result of these statements.


2. The Personal Information that we collect about you

Thomas More College may collect, receive, record, organise, collate, store, update, change, retrieve, read, process, analyse, use and share your Personal Information in a way set out in this Privacy Notice. When we do one or more of these actions with your Personal Information, we are “Processing” your personal information.

Personal Information” refers to private information about an identifiable person (which includes natural persons as well as juristic persons, such as companies or trusts). Personal information does not include information that does not identify a person (including in instances where that information has been de-identified). The type of personal information that we collect about you may differ on the basis of the services that you receive from Thomas More College.

We may process different kinds of personal data about you which we have grouped together as follows:

  • Identity Data, which includes information concerning your name, username or similar identifier, marital status, title, date of birth, gender, race and legal status, as well as copies of your identity documents, photographs, identity number, registration number and qualifications.
  • Contact Data, which includes billing addresses, delivery addresses, email addresses and telephone numbers.
  • Financial Data, which includes bank account and payment card details, insurance information, and financial statements.
  • Transaction Data, which includes details about payments to and from you.
  • Service Data, which includes information concerning your interactions with Thomas More College as well as your performance in Thomas More College administered educational courses.
  • Security Data, which may include records of your access to our facilities, as well as CCTV camera footage of you on or nearby our premises.
  • Technical Data, which includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website.
  • Usage Data, which includes information about how you use our Website, products and services; and
  • Marketing and Communications Data, which includes your preferences in receiving marketing from us and our third parties and your communication preferences.

If any of the information you provide to us contain special personal information such as health, religion, ethnic or race information, your consent is the lawful basis on which we rely to process such information unless any other lawful basis exist allowing us to process such information. If any information you provide us contains the processing of personal information of children (minors), for instance information given to us about a child during a complaint resolution process, this processing of personal information of children may only be carried out with the prior consent of the competent person such as a parent or legal guardian, unless lawful basis exist allowing us to process such information without the aforementioned consent.

We do not provide services directly to children, and our site is not available for use by any person under the age of 18 years without consent and supervision from a competent person such as parent or a legal guardian. This Privacy Notice also applies in a case where a child makes use of our website with the consent from a competent person.

Use of our website by a child without the relevant consent from a competent person is prohibited.

Thomas More College may also process, collect, store and/or use aggregated data, which may include historical or statistical data (“Aggregated Data“) for any purpose. Aggregated Data could be derived from your personal information but is not considered personal information as this data will not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we will treat the combined data as personal information which will be used in accordance with this Privacy Notice.

3. How we collect your personal information

We collect your personal information in three ways, namely:

  • through direct or active interactions with you;
  • through automated or passive interactions with you; and
  • from third parties.

Direct or active collection from you

We may require you to submit certain information in order for you to access certain portions of the Website and to enable us to provide certain services to you (e.g. providing further requested information, applying for a vacancy, enrolling in the school, ordering etc.) or to conclude an agreement with us, or to fulfil our statutory obligations. We also collect information directly from you when you communicate directly with us, for example via e-mail, telephone calls, feedback forms, site comments and forums. If you contact us, we may keep a record of that correspondence. The information we may actively collect from you may include any of the information listed in section 2 of this Privacy Notice.

Passive collection from your Access Device (RFID)

We passively collect some of your personal information from devices that you use to access and navigate through the Website or to access any network administered by Thomas More College (each an “Access Device“), using various technological means. The information which we passively collect from your Access Device may include your Identity Data, Contract Data, Security Data, Technical Data, Usage Data, Marketing and Communications Data, and any other information which you permit us, from time to time, to passively collect from your Access Device.

Information collected from third parties

Thomas More College may receive personal information about you from various third parties and public sources and will treat that information with due care.

4. How the information collected is used

Personal information provided to Thomas More College by you will only be used for the purposes stated when the personal information is requested

We may use your personal information:

  • to provide our services to you, as well as any goods that you may purchase from us (including goods you purchase from our website/online tuck shop/stock shop);
  • to administer our various education programmes;
  • to operate our facilities;
  • to comply with our statutory obligations, including submissions to the Companies and Intellectual Property Commission, as well as interacting with regulatory authorities;
  • to conduct business case analysis;
  • to conduct Thomas More College’s recruitment exercises, including referrals, and hiring processes, including the capturing of a job applicant’s details and the providing of status updates to such a job applicant. In this context Thomas More College will conduct criminal record and credit checks;
  • to retain and make information available to you on the Website;
  • to provide you with marketing that is relevant to you, or to direct information concerning Thomas More College;
  • maintain and update our customer, or potential customer databases;
  • to establish and verify your identity on the Website;
  • diagnose and deal with technical issues, customer support queries and other user queries;
  • operate, administer, maintain, secure and develop the Website and the performance and functionality of the Website;
  • to protect our rights in any litigation;
  • detect, prevent or deal with actual or alleged fraud, security or the abuse, misuse or unauthorised use of the Website and/or contravention of this Privacy Notice or any of the terms and conditions that apply to the use of the Website;
  • communicate with you and keep a record of our communications with you and your communications with us;
  • inform you about any changes to the Website, the Privacy Notice or other changes which are relevant;
  • to create user profiles and analyse and compare how you and other users make use of the Website, including (without limitation) habits, click-patterns, preferences, frequency and times of use, trends and demographics;
  • to analyse and compare the kinds of Access Devices that you and other users make use of and where you are using them; and
  • for any other purposes relevant to our business activities, provided they are lawful.

Demographical and statistical information about user behaviour may be collected and used to analyse the popularity and effectiveness of Thomas More College websites. Any disclosure of this information will be in aggregated and anonymised form and will not identify individual users.

Thomas More College will restrict its processing of your Personal Information to the original purposes for which it was collected, unless Thomas More College reasonably considers that it is required to be processed for another purpose and that purpose is compatible with the original purpose. If you would like us to explain how the further processing for the new purpose is compatible with the original purpose, please contact us

5. Sharing of your personal information

We will not intentionally disclose, for commercial gain or otherwise, your Personal Information other than as set out in this Privacy Notice or without your permission.

Thomas More College may share your Personal Information under the following circumstances:

  • to our agents, advisers, service providers and suppliers which have agreed to be bound by this Privacy Notice or on terms which offer the same level of protection as this Privacy Notice;
  • to our employees, suppliers, service providers and agents if and to the extent that they need to know the information in order to provide the services for or to us for which they have been appointed, such as hosting, development and administration, technical support and other support services relating to the Website or the operation of the Thomas More College business. We will authorise any information processing done by a third party on our behalf, amongst other things by entering into written agreements with those third parties governing our relationship with them and containing confidentiality and non-disclosure provisions;
  • in order to enforce or apply any other contract between you and us;
  • in order to protect our rights, property or safety or that of our customers, employees and prospective employees, contractors, candidates and prospective candidates, suppliers, service providers, agents and any other third party;
  • in order to mitigate any actual or reasonably perceived risk to us, our customers, employees and prospective employees, contractors, candidates and prospective candidates, agents or any other third party; and
  • to governmental agencies, exchanges and other regulatory or self-regulatory bodies if required to do so by law or if we reasonably believe that such action is necessary to:
    • comply with the law or any legal process;
    • protect and defend the rights, property or safety of Thomas More College, or our customers, employees and prospective employees, contractors, pupils and prospective pupils, suppliers, service providers, agents or any third party;
    • detect, prevent or deal with actual or alleged fraud, security or technical issues or the abuse, misuse or unauthorized use of the Website and/or contravention of this Privacy Notice; and
    • protect the rights, property or safety of members of the public. If you provide false or deceptive information about yourself or misrepresent yourself as being someone else, we may proactively disclose such information to the appropriate regulatory bodies and/or commercial entities.


6. Cross border transfer

Information that we collect from you may be collected in, or transferred to, a destination outside of South Africa. Such destination may not have comparable data protection legislation, and such collected information may also be processed by staff operating outside South Africa who work for us or by one of our contractors. However we will ensure that there is either binding corporate rules or a binding agreement in place to ensure your information is processed in line with South African privacy legislation and this Privacy Notice.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal information outside of South Africa or the destination in which we collected the personal information.

7. How we store information collected

Personal information is held only as long as is necessary to provide the services to you or as may be required in terms of legislation (including prescription periods), business requirements and whichever period is the longest. The details of this is available on request to the Thomas More College Information Officer in the form of the Thomas More College Data Retention Notice.

Personal information that you provide to us will be stored electronically on our servers or those of our service providers, as well as in hard copy format (at times), with reasonable organisation and technical safeguards in place to protect this personal information. However, we do work with third party contractors, some of whom host and operate certain features of the website.

If you subscribe for data, news, announcements, alerts or any such information to be emailed to you from Thomas More College, we will hold your details on our database until such time as you chose to unsubscribe from this service. You may do this at any stage by selecting the appropriate option in the alerts section of this site.

We may keep and process some or all of your personal information if and for as long as:

  • we are required or permitted by law or a contract with you to keep it;
  • we reasonably need it for lawful purposes related to our functions and activities;
  • we reasonably need it for evidentiary purposes; or
  • you agree to us keeping it for a specified further period.

To determine the appropriate retention period for personal information, Thomas More College will consider, among other things, the quantity, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means. Thomas More College will always comply with applicable legal, regulatory, tax, accounting or other requirements as they pertain to the retention of personal information.

8. Quality and protection of your personal information

We make every effort to keep the personal information we hold updated, complete and accurate. It is your duty to provide Thomas More College with your most up to date personal information and you can do so in the following ways: 

Thomas More College strives to ensure the security of personal information we hold by taking reasonable measures to prevent destruction, unlawful access and loss of personal information. Any compromise of data integrity or confidentiality will be reported to you by written notice.

Even by taking the above measures when processing personal information, we do not guarantee that your personal information is 100% secure.

Please contact us by email at the aforesaid email address if you:

  • Require access to any of your personal information we have on our database; or
  • Wish to notify us of any change, modification or correction; or
  • Would like to have your personal information removed from our records.

We will require suitable proof of identity from you before we can action any of the above requests.

9. How we use ‘Cookies’

In so far as our web pages use ‘cookies”, a cookie is a small file of letters and numbers that we place on your computer or mobile device. These cookies allow us to distinguish you from other users and assist us to provide you with a good experience when browsing our website. It also allows us to improve our website.

10. Access to information

The Promotion of Access to Information Act, 2000 gives you the right to access information held about you. For further information about this right and how to exercise it, please see Thomas More College PAIA Manual available at 

11. You give us some of your rights

You agree that where the law requires us to make you aware of something (to inform or notify you) or to do something else, we do not have to do this. This only applies as far as the law allows this.

For example, sometimes the law says that we have a duty to make you aware of some information or other matters, unless you agree that we do not need to do these things (this is called a waiver of rights). Because you agree to this, we will not have this duty anymore and will not need to make you aware of the information or other matters.

12. Our rights

Please note that, under certain circumstances, you may have rights under data protection laws in relation to your personal information. You may have the right to:

  • Request access to your personal information (commonly known as a “data subject’ access request”). This enables you to receive a copy of the personal information that Thomas More College has about you. We may refuse your request for access or disclosure of your personal information if any of the grounds permitted in law applies
  • Request correction of the personal information that we hold about you. This enables you to ensure that any incomplete or inaccurate data that Thomas More College holds about you is corrected. To exercise this right, you should contact us via email and inform us that your data is incomplete and/or inaccurate. You will need to point out what you believe is inaccurate or incomplete and explain to us how we should correct or complete it as well as provide us with the evidence of inaccuracies where available. On receipt of your request we will, as soon as reasonably practicable, correct or complete your personal information.
  • Request erasure of your personal data. This enables you to request that Thomas More College delete or remove personal information where there is no lawful basis for us continuing to process or retain it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to the processing thereof where we may have processed your information unlawfully or where we are required to erase or de-identify your personal information to comply with applicable law. Thomas More College may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Withdraw consent at any time where we are relying on consent to process your personal information. This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at any time you withdraw your consent. Please note that we may continue to process your personal information in certain instances where we are not relying on your consent.
  • Right to object. You have a right to object in accordance with applicable data protection or privacy legislation, at any time, from us processing or using your personal information and we may no longer process your personal information. Should you require to exercise your right to object, you should inform us that you do not want us to process your personal information and state the reasons why we should stop using such personal information to which you object. Should we not have any lawful basis for processing the information you object to, we would stop using such personal information objected to successfully, unless data protection or privacy legislation or other agreements with you provide us with a lawful basis for or justifies us in continuing to process such information, and we will inform you of the result of your objection.


13. Direct marketing

Through your engagement with us you may be requested whether you agree to receive marketing communications from us. You may refuse, accept, require us to discontinue, or pre-emptively block any approach or communications from us if that approach or communication is primarily for the purpose of direct marketing (“direct marketing communications“).

You may opt out of receiving direct marketing communications from us at any time by requesting us (in the manner set out in the communication or by contacting us at the contact details set out in clause 17) to desist from initiating any direct marketing to you. If you have opted out, we may send you written (which may include electronic writing) confirmation of receipt of your opt out request, and not send you any further direct marketing communications. Please note that you may continue to receive communications from us that are not marketing related.

14. Consumer Protection Act and Protection of Personal Information Act

If any party of this Privacy Notice is regulated by or subject to the Consumer Protection Act or the Protection of Personal Information Act, No. 4 of 2013 (“POPIA“), it is not intended that any part of this Privacy Notice contravenes any provision of the Consumer Protection Act or POPIA. Therefore, all provisions of this Privacy Notice must be treated as being qualified, to the extent necessary, to ensure that the provisions of the Consumer Protection Act and POPIA are complied with.

No provisions of this Privacy Notice (or any contract governed by this Privacy Notice):

  • does or purports to limit or exempt us or any person or entity from any liability (including, without limitation, for any loss directly or indirectly attributable to our gross negligence or wilful default or that of any other person acting for or controlled by us) to the extent that the law does not allow such a limitation or exemption;
  • requires you to assume risk or liability for the kind of liability or loss, to the extent that the law does not allow such an assumption of risk or liability; or
  • limits or excludes any warranties or obligations which are implied into this Privacy Notice (or any contract governed by this Privacy Notice) by the Consumer Protection Act or POPIA (to the extent they are applicable) or which we give under the Consumer Protection Act or POPIA (to the extent they are applicable), to the extent that the law does not allow them to be limited or excluded.


15. Governing Law

To the maximum extent possible, South African law applies to this Privacy Notice.

If any provision of this Privacy Notice is found to be illegal, void or unenforceable due to applicable law or by order of a court of a competent jurisdiction it shall be deemed deleted and the continuation in full force and effect of the remainder of the provisions will not be prejudiced.

16. Changes to our online Privacy Notice

Any changes we may make to our Online Privacy Notice in the future will be posted on this page.

17. Contact

Any queries or concerns about privacy on this website should be sent by email to / 

Last updated:  June 2021