IMX Group Privacy Policy

Definitions and interpretation
“Board” means the board of directors of IMX GROUP.
“Personal Information” represents information relating to a person and, where applicable, a juristic individual, including information defined in POPI.
“POPI” means the Protection of Personal Information Act 4 of 2013.
“IMX GROUP Community” includes IMX GROUP students, employees, contractual educators, consultants and suppliers.
“IMX GROUP”, means International Minerals Exchange, IMX Hub Pte Ltd, registration number 202442144W, trading as the International Minerals Exchange (“IMX”)

Scope
IMX GROUP respects the privacy of the IMX GROUP community. The purpose of this Privacy Policy is to set out IMX GROUP’s information collecting and processing practices in compliance with POPI.
IMX GROUP is committed to protecting the privacy of its students, faculty, and staff. This Privacy Policy’s objective is to outline IMX GROUP’s data collection and processing methods in accordance with POPI. The IMX GROUP community’s Personal Information is collected and processed within the terms of this Privacy Policy.
IMX GROUP may alter this according to legal and other circumstances.

Processing of personal information
IMX collects and processes your personal information primarily to contact you directly to start your education process.
IMX collects information directly from you, where you provide us with your details.
IMX will, where possible, inform you what information is required and what information is optional.
IMX website usage information may be collected using “cookies”, which allows us to collect standard internet visitor usage information.
IMX GROUP will only collect or process Personal Information for purposes compatible with the reason it is necessary. The specific purpose for which Personal Information is collected and processed will be lawful, as evidenced by the context in which the Personal Information is sought.
IMX GROUP will only collect and process Personal Information in a manner that is adequate, relevant and not excessive in the purpose it is collected and processed. As shown by the context in which Personal Information is sought, the precise purpose for which Personal Information is acquired and processed will be authorised.
Personal information will only be processed for a purpose compatible with that for which it was collected unless you have agreed to an alternative purpose in writing or IMX GROUP is permitted to do so in terms of national legislation of general application dealing primarily with the protection of Personal Information.
IMX GROUP will preserve records of all Personal Information obtained, as well as the particular reason for which it was gathered, for one year from the date such Personal Information was last used unless IMX GROUP is obliged by law to keep such records for a more extended period of time.
IMX GROUP will not release any person’s Personal Information to a third party unless the person whose Personal Information is being requested has given IMX GROUP prior written consent or IMX GROUP is compelled by law to do so.
When IMX GROUP obtains approval to share a person’s Personal Information with a third party, IMX GROUP will keep a record of the Personal Information shared. The third-party to whom the Personal Information was revealed, the cause for such disclosure, and the date of such disclosure shall all be included in the record. IMX GROUP must retain this record for 1 (one) year from the date the Personal Information was revealed unless IMX GROUP is obliged by law to keep such records for a longer period of time.
IMX GROUP will destroy or delete any Personal Information that IMX GROUP no longer requires for the purpose it was initially collected or subsequently processed.

How we use your information
IMX will only use your personal information for the purposes for which it was acquired and for which you have given your consent. In addition, your information may be kept for legal or research purposes if necessary.
As an example:
Gather contact information;
Confirm and verify your identity or verify that you are an authorised user for security purposes;
Detection and prevention of fraud, crime or money laundering;
Conduct market research or statistical analysis;
Audit and record keeping;
Legal proceedings.


Disclosure of information
IMX may disclose your personal information to our service providers involved in delivering products or services to you. We have agreements with service providers to follow the Protection of Personal Information Act’s privacy regulations.
IMX may disclose your information:
where we feel it is important to safeguard our interests;
where we have a legal or industry-wide obligation or right to disclose.

Records management and security
The office of the records manager (“the Records Manager”) is in charge of implementing this policy.
IMX GROUP’s managing director will function as the Records Manager ex officio unless the board decides otherwise.
The Records Manager must take reasonable steps to ensure that Personal Information is identified, classified, preserved, stored, secured, and disposed of in such a way that its integrity is not jeopardised and that unauthorised access to or disclosure of such Personal Information is avoided.
Notwithstanding the foregoing, neither IMX GROUP nor the Records Manager shall be liable under any circumstances for any loss or damage sustained due to unlawful access to or dissemination of any Personal Information.

Information security
We are legally required to provide adequate protection for the personal information we hold and prevent unauthorised access and use of personal information. IMX continuously reviews security controls and related processes to ensure that your personal information remains secure.
Security policies and procedures cover:
Computer and network security;
Access to personal information;
Secure communications;
Physical security;
Security in contracting out activities or functions;
Retention and disposal of information;
Acceptable usage of personal information;
Governance and regulatory issues;
Monitoring access and usage of private information;
Investigating and reacting to security incidents.
When contracting with third parties, IMX imposes appropriate security, privacy and confidentiality obligations on them to ensure that the personal information that we remain responsible for is kept secure.

Client access to information
Clients have the right to request a copy of the personal information we hold about them. To do this, we provide a contact form on our website. Before supplying details of your personal information, IMX will need a copy of your ID card to authenticate your identity. Please keep in mind that any such access request may be subject to a legally permissible fee.

Correction of information
Clients have the right to request IMX to update, correct or delete their personal information. IMX will require a copy of the client’s ID document to confirm the identity before changing the personal information held.

Contacting IMX
Should a client have any queries about this notice, require further information about IMX privacy practices, wish to withdraw consent, exercise preferences or access or correct their personal information, they may contact us through the contact form listed on our website.