This Policy explains how we obtain, use and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act, No. 4 of 2013 (“POPIA”).

At Tri-Star Construction (Pty) Ltd, its subsidiary and affiliate companies (including this website, (“the Company”, “we”, “our” or “us”) we are committed to protecting your privacy and to ensure that your personal information is collected and used fairly, reasonably, properly, lawfully and transparently based on legitimate grounds in a manner that does not adversely affect you.

Please read this Policy before you make use of our website or provide us with any personal information. By providing us with your personal information, you consent to us processing your personal information, which we undertake to process strictly in accordance with this Policy.

About the Company

Tri-Star Construction (Pty) Ltd, a private, management-owned business that has evolved into a successful, sustainable, multi-disciplined, and reputable construction company.

Definition of personal information

According to POPIA ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.

The information we collect

We collect and process your personal information mainly to contact you for the purposes of understanding your requirements, and delivering services accordingly.  For this purpose we will collect contact details including your name and organisation.

We collect information directly from you where you provide us with your personal details.  Where possible, we will inform you what information you are required to provide to us and what information is optional.

Website usage information may be collected using “cookies” which allows us to collect standard internet visitor usage information.

This Policy does not apply to the information practices of third party companies who we may engage with in relation to our business operations (including their websites, platforms and applications) which we do not own or control; or individuals that we do not manage or employ. These third party companies and sites may have their own privacy policies and terms and conditions and we encourage you to read them before using them.


This part of the Policy will only be applicable to the extent that you have applied for employment. If you apply for employment with us, we also may collect personal information including details contained in letters of application and curriculum vitae or resume, previous employment background, education history, work-related licenses, certifications, or other professional credentials, languages and other relevant skills. You may also voluntarily choose to provide other relevant information as part of your application. If you intend to provide us with personal information of a reference or any other third party as part of your application for employment, it is your responsibility to obtain consent from that third party prior to providing the personal information to us.

How we use your information

We will generally use your personal information only for the purposes for which it was collected or required to operate and manage our normal operations and agreed with you.  In addition, where necessary your information may be retained for legal or research purposes.

Some examples of these purposes include one or more of the following non-exhaustive purposes:

  • To gather contact information;
  • To confirm and verify your identity for security purposes;
  • For the detection and prevention of fraud, crime, money laundering or other malpractice;
  • For employment-related purposes such as recruiting staff, administering payroll, background checks, etc
  • To conduct market or customer satisfaction research or for statistical analysis;
  • For internal and external audit and record keeping purposes;
  • In connection with legal proceedings.

We will only use your personal information for a specific, lawful and clear purpose and will ensure that we will make you aware of such purpose(s) as far as reasonably possible and where required.

We will take reasonable steps to ensure that all your personal information is kept as accurate, complete and up to date as reasonably possible depending on the purpose for which it is collected or processed.

We may not always request you to verify and update your personal information unless this is necessary, we do, however, trust that you will notify us from time to time in writing of any updates required in respect of your personal information.

We may store your personal information in hardcopy format and/or in electronic format using our own secure on-site servers or other internally hosted technology. Your personal information may also be stored by third parties, by means of cloud services or other technology, with whom we have contracted with, to support our operations.

Disclosure of information

We may disclose your personal information to third parties such as our service providers who are involved in the delivery of services to you. We have agreements in place to ensure that they comply with the privacy requirements as required by this Policy and POPIA.

We may also disclose your information:

  • Where we have a duty or a right to disclose in terms of law or industry codes;
  • Where we believe it is necessary to protect our rights.

Should we need to collect personal information by law or under our obligations as an employer or service provider, and you fail to provide the personal information when requested, this may have a negative effect on you and we may be unable to perform our duties as an employer, in terms of the applicable law or in terms of providing the services to you.

Information Security

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We will, on an on-going basis, continue to review our security controls and related processes to ensure that your personal information remains secure.

Our security policies and procedures cover:

  • Physical security;
  • Computer and network security;
  • Access to personal information;
  • Secure communications;
  • Security in contracting out activities or functions;
  • Retention and disposal of information;
  • Acceptable usage of personal information;
  • Governance and regulatory issues;
  • Monitoring access and usage of private information;
  • Investigating and reacting to security incidents.

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.

We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to.


A breach refers to any incident where reasonable grounds exist to believe that your personal information has been accessed or acquired by any unauthorised person. A breach can happen for many reasons, which include: (a) loss or theft of data or equipment on which personal information is stored; (b) inappropriate access controls allowing unauthorised use; (c) equipment failure; (d) human error; (e) unforeseen circumstances, such as a fire or flood; (f) deliberate attacks on systems, such as hacking, viruses or phishing scams; and (g) alteration of personal information without permission and loss of availability of personal information.

We will address any breach in terms of POPIA. We will notify you (if you are affected) and the regulator (unless the applicable law or a Government authority requires that we delay notification to you) in writing in the event of a breach. We will provide such notification as soon as possible after we have become aware of any breach in respect of your personal information.

Your Rights: Access to information

You have the right to request a copy of the personal information we hold about you in terms of POPIA and the Promotion of Access to Information Act, No. 2 of 2000 (“PAIA”). Our PAIA manual can be found at To do this, simply contact us at the numbers/addresses as provided in our PAIA Manual, follow the steps set out therein and specify what information you require.  We will need a copy of your ID document to confirm your identity before providing details of your personal information.

Please note that any such access request may be subject to a payment of a legally allowable fee and such further conditions as set out in our PAIA manual.

We will try out utmost to respond to each written request received by you for a copy of the personal information not later than 30 (thirty) days after receipt of your request. In certain circumstances, we may, however, extend the original period of 30 days once for a further period of not more than 30 (thirty) days. You have the right to make a complaint to us in respect of this time limit by contacting us at the numbers/addresses as provided in our PAIA Manual.

Correction of your information

You have the right to ask us to update, correct or delete your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

How long will We retain Your Personal Information?

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Policy unless a longer retention period is required or permitted by law.

Changes to this policy

We reserve the right to amend this Policy on occasion and will use reasonable efforts to notify you of any such amendments.

How to contact us

If you have any queries about this notice; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact us at the numbers/addresses as provided in our PAIA Manual.

If you are unsatisfied with the manner in which we address any complaint with regard to our processing of your personal information, you can contact the office of the regulator at