T: +27 310720500 | E: enquiries@masimochem.com

T: +27 310720500 | E: enquiries@masimochem.com

PRIVACY POLICY CUSTOMERS, SUPPLIERS AND SERVICE PROVIDERS

1. Purpose

This Privacy Policy describes the processes, procedures and guidelines applied by Masimoc Chemicals South Africa PTY LTD, its subsidiaries, and its operated or controlled joint ventures (hereinafter referred to as the Group) during the collection, retention, use, disclosure and other Processing of Personal Information, including special personal information, in terms of the Protection of Personal Information Act 4 of 2013 (POPI). It explains how we protect and use your Personal Information and how you can exercise your right to privacy.

2. Definitions

Our People

includes the Group’s directors, employees and contractor staff (eg. labour hire, temporary or agency staff, secondees).

Personal Information

Is any information (including an opinion) about an identified or identifiable person, and it includes but is not limited to:
- Your name and surname;
- Your identity number;
- Your marital status, race, gender, and age;
- Your address, contact details and bank details;
- Your financial records; and
- Copies of any private or confidential correspondence between you and the Group, its administrators or any service provider.

Processing

Means any operations concerning Personal Information, including the collection, receipt, recording, organization, collation, storage, updating, modification, retrieval, alteration, consultation, use, dissemination by means of transmission, distribution or making available in any other form, merging, linking as well as blocking, degradation, erasure or destruction of information.

3. Objectives

The objectives of this Policy are to:
- explain how we protect and use your Personal Information; and
- record the procedures and practices adopted by the Group relating to the Processing of Personal Information.

This Policy regulates the Processing of Personal Information by the Group and adopts the principles set out in POPI for the lawful Processing of Personal Information.

This Policy is not, however, a comprehensive statement of all the provisions of POPI and should not be taken as such. All provisions of POPI must be complied with by the Group and Our People regardless of whether or not they are addressed in this Policy.

4. Scope

This Policy applies to the Processing of Personal Information by Masimo Chemicals South Africa PTY LTD. It applies to all third parties with whom we interact, including but not to limited to the following persons:
- Our service providers, customers and suppliers and their representatives;
- Visitors to our website; and
- Any person handling Personal Information which is either managed by the

5. Related Documents & Policies

Records Retention Policy available on PAIA Manual of the Group available on MCSA Intranet.

6. Policy

Records Retention Policy available on PAIA Manual of the Group available on MCSA Intranet.

6.1. Overview

The Group collects Personal Information from a range of individuals in the context of our business activities including the Personal Information of Our People; job applicants; representatives of our suppliers; customers, contractors and joint venture partners; shareholders; and visitors to our operational and office sites.

We collect, manage, use and otherwise Process Personal Information in accordance with applicable privacy laws and we understand that the Personal Information of the people with whom we deal with is important. That is why protecting Personal Information and being clear about what we do with it is a key part of our business.

6.2. How do we collect Personal Information?

Broadly speaking, we collect Personal Information about you in the following ways:
- Information that you provide voluntarily
At times, the Group may ask you to voluntarily supply Personal Information. For example, we may ask you to provide your contact details when you submit enquiries to us through the Contact Us page on our website or ask to receive information from us.

We may also collect Personal Information during the course of our business interactions with you, including from any communications you send us.
- Information that we obtain from third party sources
In some cases, we may collect Personal Information about you from publicly available sources or from a third party, such as through your representatives, contractors who provide services to us, or other third parties who are entitled to share that information. In addition, where you have expressed an interest in career opportunities within the Group, we may obtain Personal Information provided to us by human resource practitioners and personnel agencies which we make use of from time to time.

6.3. What Personal Information do we collect about you and why?

The Personal Information we may collect and why and how we use it depends on our relationship with you.

Personal Information can extend to any information where you can be identified directly or indirectly, in particular by reference to an identifier (for example, a name or email address, or an online identifier such as a unique device identification number).

POPI requires that Personal information “is collected for a specific, explicitly defined and lawful purpose related to a function or activity of the responsible party.”

The table set out in Appendix A of this Policy sets out a list of the types of information we collect and explains why we collect and use it.

We may collect other Personal Information from time to time where you provide it to us, as necessary for our business requirements, or in order to comply with applicable laws. Where it is lawful and practicable for us to allow it, you have the right not to identify yourself when dealing with us. However, if you don’t provide us with your Personal Information, it may impact on our ability to provide you with access to certain features on our website or provide you with a specific product or service, or otherwise engage in business with you.

Please note that other third party websites and social media may be accessible via hyperlinks from the Masimo website. These websites are owned and operated by third parties. The Group has no control over the content of those other websites and social media platforms, and these websites will not be subject to our Privacy Policy. We encourage you to review the separate privacy policies for these websites and platforms before using them to understand how such third parties collect, manage and use your Personal Information. The Group cannot be responsible for your use of such third party websites and features.

Sensitive/Special.Personal.information
Under privacy laws, certain categories of Personal Information are considered particularly sensitive or special and therefore need additional protection. This includes information about racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, trade union membership, health or medical conditions, genetic or biometric information, sexual orientation, or criminal convictions and offenses. The Group will only collect, manage and use your sensitive / special Personal Information where we have obtained your explicit consent or where we have other lawful grounds to do so under applicable law.

6.4. How do we hold Personal Information?

We may hold your Personal Information in electronic or in hard copy form. We may keep this information at our own premises, or at sites managed by our services providers.

We are committed to keeping your Personal Information safe, confidential and secure. We use a range of physical, electronic and procedural safeguards to do this. We update these safeguards from time to time in order to address new and emerging security threats. We also train Our People on privacy matters as appropriate, and seek to limit access to Personal Information to those of our People who need to know that information.

6.4.1. Retention of Personal Information

We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a product or service you have requested, or to comply with applicable legal, tax or accounting requirements). The Group shall only retain and store your Personal Information for the period for which the information is required to serve the primary purpose for its collection, or a legitimate interest or the period required to comply with applicable legal requirements, whichever is longer. We apply our standard document retention and disposal procedures and processes to records that include Personal Information. These procedures and processes take account of document retention requirements imposed by law in the jurisdictions where we operate. For more information on our document retention practices please contact us using the details below contained in this Policy.

6.5. How do we disclose Personal Information?

Your Personal Information may be disclosed between related entities within the Group worldwide and used by those entities for the purposes for which we are entitled to use it.
In appropriate circumstances, we may disclose your Personal Information to the following categories of third parties:
- Auditors, legal and other professional advisers and share registries;
- Information Technology and other service providers;
- Our other business partners and their agents;
- Government and law enforcement authorities;
- Financial institutions; - Prospective buyer or seller of all or part of our business, assets or shares in one of our companies;
- Human resource practitioners and personnel agencies which we make use of from time to time (including relevant to Personal Information provided to us for the purpose of considering you for a career opportunity in the Group);
- Other third parties where disclosure is required by law; and
- To any other person with your consent to the disclosure.

We take reasonable steps to protect the confidentiality and security of your Personal Information when it is disclosed to a third party, and seek to ensure the third party deals with your information in accordance with our instructions, applicable privacy laws, and only for the purpose for which it is disclosed.

6.6. Will my Personal Information be disclosed or transferred overseas?

In some cases, the third parties to whom the Group may disclose your Personal Information may be located outside your country of residence (for example, in a cloud service, system or server), and may be subject to different privacy regimes. This includes our own related entities.

The Group does business in many countries across the world and we may need to share information throughout our network for operational purposes. This means that when we collect your Personal Information we may process or transfer it to a country other than the country in which you are located.

Where required by applicable law, when we disclose Personal Information overseas, we will take appropriate safeguards to protect your Personal Information to ensure that the recipient will handle the information in a manner consistent with this Policy and all applicable privacy laws.

6.7. What rights do I have and how can I exercise them?

You have the right to:
- ask what Personal Information we hold about you;
- request access to the Personal Information that we hold about you;
- ask us to update, correct or delete any out-of-date or incorrect Personal Information we hold about you;
- object to the processing of your Personal Information.

If you wish to exercise any of these rights or you have any queries regarding the Personal Information that we hold about you, you can contact us at the details provided below.

To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity.

If you want us to delete all Personal Information we have about you, we may need to terminate the agreements we have with you. We can refuse to delete your information if we are required by law to retain it or if we need it to protect our rights.

6.8. Who can I contact if I have a question or a complaint?

If you have a question, concern or complaint regarding the way in which we handle your Personal Information, or if you believe that the Group has failed to comply with this Policy or breached any applicable laws in relation to the management of that information, you can make a complaint.

Any question, concern or complaint should be made in writing to:

Information Officer : dhiveshan@masimochem.com

By Mail:

The Information Officer
20 Ncondo Place
Ridge- Suite 302
Umhlanga Rocks
5134

7. Review of the policy

The Audit Committee will review this Policy, as appropriate, to ensure the effectiveness of this Policy. The Audit Committee will discuss any revisions that may be required and recommend any such revisions to the Board for consideration and approval.

Policy Governance

Policy Sponsor: Chairman of the Masimo Chemicals
Date Authorised by the Board:
Date approved by the Audit Committee:
Version No. 01
Last Revision Date: July 2021
Responsibility for document management: Masimo Chemicals South Africa PTY LTD compliance officer.

OUR COMMITMENT:

In order to follow these principles, the Masimo companies will:

  • Proactively identify, evaluate and mitigate the HSEQ risks in the business.

  • Measure HSEQ performance and promote a continuous improvement culture.

  • Take reasonable care that our activities do not adversely affect the health and safety of people or the environment.

  • Ensure that employees are provided with adequate training, information and supervision to allow them to deliver on our HSEQ expectations and objectives.

  • Promote the reporting of incidents and ensure that learnings are shared to improve performance.

  • Require contractors and service providers to comply with this policy.

  • Hold every employee accountable for their commitment to our principles.