Privacy Statement

Privacy Statement

Last revised: 01 October 2020

Introduction is provided by Deloitte Tip-offs Anonymous (Pty) Ltd ("Deloitte").

This Privacy Statement applies only to the specific webpages of which are provided by Deloitte. Such webpages only are referred to below as “this Website”.

Deloitte Tip-offs Anonymous (Pty) Ltd is an entity established under the laws of South Africa with company registration number 1998/020207/07, fully owned by Deloitte South Africa which is the Deloitte Touche Tohmatsu Limited member firm in South Africa (also referred to below as “we”, “us” or “our”).This Privacy Statement explains how we protect visitors’ information gathered via this Website.

By using this Website you are agreeing to the use of your information as described in this Privacy Statement.

If you have any questions regarding this Privacy Statement, please contact our Information Protection Office using the contact us link.

Applicable Data Protection Laws

When processing personal information, we comply with the relevant data protection laws in the jurisdictions in which we operate, including the South African Protection of Personal Information Act 4 of 2013 (POPIA). Where applicable, we also comply with additional data protection laws, such as the European General Data Protection Regulation (GDPR).

Information collection

Deloitte manages a whistle-blowing hotline service on behalf of its clients with whom we hold formal written agreements. The service enables client stakeholders to report criminal, irregular or unethical activity and serves as a mechanism for the detection and prevention of such activity (“the Purpose”). As a user of this Website, you are not required to submit any personal information to be able to use this Website or to fulfil the Purpose.

Where you elect to use this Website to provide personal information relating to yourself or to others, Deloitte will process such personal information strictly as it relates to the Purpose in the performance of our obligations to our clients and in accordance with applicable legislation.

The personal information that we may collect or receive, includes, but is not limited to:

  • Name(s)
  • Contact details
  • Location details
  • Gender
  • Employment details
  • Identity/passport numbers
  • Financial details
  • Complaint details

We do not specifically collect sensitive personal information, such as data relating to race or ethnic origin, religious beliefs, political beliefs or trade union association, physical or mental health, or sexual orientation, except where this is provided to us in fulfilment of the Purpose.

Log information, cookies, and web beacons

This site does not collect internet log information such as your IP address, browser type and language, access times or referring website addresses. To ensure that this Website is well managed and to facilitate improved navigation, we use cookies (small text files stored in a user’s browser), which are session based and only last for the specific session for which you use the Website. The information collected is not stored beyond the individual session and would therefore not compromise privacy. This Website does not make use of web beacons (electronic images that allow this Website to count visitors who have accessed a particular page or to access certain cookies).

How do we use personal information collected to provide services to our clients?

Personal information is used to provide clients with the agreed services, namely the provision of a whistle-blowing hotline service. We have an agreement with each of our clients that governs the services. We use information only for the fulfilment of the Purpose and to comply with a legal or professional right or duty. Where you elect to remain anonymous or partially anonymous, we do not share with our clients any of your personal information which you may have provided.

Information security

We have in place reasonable commercial standards of technology and operational security to protect the information provided by users via this Website from unauthorized access, disclosure, alteration, or destruction. We use a range of physical, operational and technological security measures to protect this information. These measures include:

  • Staff education and training to ensure our staff are aware their privacy obligations when handling your personal information;
  • Administrative and technical controls to restrict access to personal information to only those of our staff who need access;
  • Technological security measures, including firewalls, encryption and anti-virus software;
  • Physical security measures, such as staff security passes to access Deloitte premises, laptop cable locks and security monitoring.

Disclosure of information to third parties

We may disclose personal information to:

  • Other entities in the Deloitte Network or third parties that we engage to assist us in providing professional services to our clients or in the operation of our business (i.e. our subcontractors, advisors and suppliers).

These entities and third parties may sometimes be located in other countries. A current list of Deloitte Offices around the world is available in the Deloitte Global Office Directory.

These disclosures may involve the transfer of personal information to countries or regions without data protection requirements that are similar to those in your area of residence. Where we disclose personal information to other entities in the Deloitte Network, or to third party service providers, we take the necessary steps to ensure that those recipients protect the information from unauthorised access, modification or disclosure, and from misuse, interference and loss.

We may also be required to disclose personal information to law enforcement, regulatory or government agencies, or to other third parties:

  • To comply with legal or regulatory obligations or requests; or
  • Where there is a legal or professional right or duty to disclose.

By providing information through this Website, you are consenting to the disclosures described above.

Access to information

Visitors who would like to request access to their information or to update their details should contact us via email – In all cases we will treat requests to access information or change information in accordance with applicable legal requirements

Changes to our Privacy Statement

We may modify or amend this Privacy Statement from time to time at our discretion. When we make changes to this Statement, we will amend the revision date at the top of this page, and such modified or amended Privacy Statement shall be effective as to you and the information you provide to us as of that revision date. We encourage you to periodically review this Privacy Statement to be informed about how we are protecting your information.

Children's privacy protection

We understand the importance of protecting children's privacy in the interactive online world. This Website is not designed for or intentionally targeted at children 18 years of age or younger. It is not our policy to intentionally collect or maintain information about anyone under the age of 18.

Visitors' questions

If you have any questions or concerns regarding your privacy while using this Website, please direct them to our Information Protection Office on