1.1 Bentel Group (PTY) LTD is a cluster of companies that render various Property and Facility Management Services. We are committed to keeping your personal information secure and confidential.
1.2 This privacy statement explains how we process the personal information we collect from you and informs you of your rights in terms of the Protection of Personal Information Act, No. 4 of 2013 (POPIA). This privacy statement has been brought to your attention and is important to you, as you have the right to be notified that your personal information is being collected.
1.3 In the relevant agreement or terms and conditions pertaining to those services, you may provide us with your consent to process your personal information and agree that we may process it for the purposes as described in such agreement or terms and conditions. Important: If you use our services, you agree that we may process your personal information as explained.


2.1 Bentel Group (PTY) LTD will be the responsible party and or operator with regards to your personal information. As the operator and/or responsible party, we will ensure that your personal information is safeguarded in compliance with the requirements of POPIA.
2.2 This privacy statement applies to all companies within Bentel Group (PTY) LTD. These companies are listed below:
  • Aubsel Investments (PTY) LTD Trading as Victory Park
  • XTLS Investments 143 (PTY) LTD Trading as River Walk
  • City Square Trading 43 (PTY) LTD Trading as Retail Crossing West Rand
  • Raslouw Lifestyle Centre (PTY) LTD
  • Hiemstra Bentel Developments (PTY) LTD Trading as Park Place East
  • Brian Bart Properties (PTY) LTD Trading as Palms Centre
  • Roelan Trading 123 (PTY) LTD Trading as Northmead Square
  • Dusty Moon Investments 193 (PTY) LTD Trading as Lifestyle Crossing West Rand
  • Hiemstra Bentel Developments Trading as East Rand Retail Park
  • XTLS Investments 43 (PTY) LTD Trading as Cosmo Mall
  • Bentel Group (PTY) LTD Trading as Carletonville Mall
  • Roelan Trading 45 (PTY) LTD Trading as The Atrium

2.3 All questions or complaints about the processing of personal information can be directed to the Information Officer at


3.1 Personal information as defined in POPIA means information relating to an identifiable, living natural person, and where it is applicable, an identifiable, existing juristic person. Personal information is “processed” when we collect, use, store, update, make available, disclose, receive, destroy, or otherwise deal with your personal information.
3.2 Depending on the type of business we conduct with you or the relationship you have with us, we may process the following types of personal information:
  • Name
  • Marital Status
  • Nationality
  • Age
  • Language preference
  • Date of birth
  • Identification number, passport number, tax number (Identifying numbers)
  • Physical Address
  • Race (for employment purposes or as otherwise required by applicable law)
  • Gender
  • Information relating to education, financial, criminal or employment history of person
  • Email address
  • Telephone number

3.3 We do not process special personal information in the ordinary course of business although special personal information such as alleged criminal history may be processed during enhanced due diligence screening for anti-money-laundering purposes and sanction screening. We will only process other special information with your written consent or have another valid justification to do so.
3.4 Bentel Group (PTY) LTD will only process the personal information of children when the law permits this. In the normal course of business, a competent person such as a parent or guardian will consent to the processing of the personal information of the child.


4.1 For us to provide clients with services they have requested, we need to collect, use, and disclose the personal information of clients, their representatives, controlling persons of entities, business contacts, staff of clients and to carry out the obligations in terms of that contract. Contact information is processed so that we can report to clients and keep clients informed of the status of any instructions.
4.2 We may collect personal information to pursue our legitimate interests such as to compile reports, to comply with requests for information from any internal or external auditor, or any regulatory or supervisory body, or to correspond with you.
4.3 We have regulatory obligations, including compliance with anti-money laundering legislation, to process the personal information of all clients. This includes verifying your identity or the identity of your beneficial owner and/or controlling persons.
4.4 You have the right to refuse to provide us with your personal information in which case it is likely that we will not be able to provide you with a relevant service or would have to terminate our business relationship with you. The supply of certain items of personal information, especially those collected to comply with regulation, is legally mandatory.
4.5 We may further process your personal information if it is compatible with the purpose for which it was collected, for instance to:
4.5.1 Evaluate your application form.
4.5.2 Evaluate your current and future needs and to suggest further services to you.
4.5.3 Evaluate and improve the effectiveness of our services.
4.5.4 For operational purposes.
4.5.5 Verify your identity for security purposes.
4.5.6 Process your marketing preference (where you have unsubscribed from certain direct marketing communications, keeping a record or your personal information and request to ensure that we do not send such direct marketing to you again).
4.5.7 Meet regulatory and legal requirements or industry codes which we may be subject to, for example comply with a lawful request for information received from a local or foreign law enforcement agency, court, government, or tax collection agency.
4.5.8 Use in connection with legal proceedings.
4.5.9 Conduct our internal audit (including security) functions which allow us to monitor our systems and processes. This is done to protect us and you from fraud, identity theft and unauthorised access.
4.5.10 Conduct statistical and any operational, auditing, legal, marketing and record-keeping requirements.
4.5.11 Detect and prevent any fraud and money laundering and/or in the prevention of crime (which includes ongoing screening and due diligence against any sanction list we may determine in our sole discretion).
4.5.12 Perform any risk analysis or for the purposes of risk management to you or our business in general.
4.5.13 Assess and resolve any complaints.
4.5.14 Trace your contact information through a tracing agent if you are uncontactable and/or comply with any regulation or conduct standard relating to unclaimed assets.


5.1 Directly from the Data Subject: We will not collect your personal information without your consent, except where it is required or permitted by law. We collect most of the personal information we process directly from the Data Subject or an authorised representative of the Data Subject, for example when an application form, offer to lease is completed.
5.2 From third party sources: We also collect or process personal information we obtain from third party sources or sources in the public domain. This may include, but is not limited to:
5.2.1 client due diligence tools, and through identity verification and bank verification processes.
5.2.2 credit and fraud checks.
5.2.3 tracing agents.
5.2.4 sanction screening tools (which may include any sanction list we may determine in our sole discretion).
5.2.5 collection of personal information by requesting information on source of funds.
5.2.6 consumer credit information as defined in the National Credit Act, Act No. 34 of 2005 from registered credit bureaux; and
5.2.7 personal information as required for the purposes of forensic investigations of whatsoever nature.
5.3 During the course of our business relationship with a Data Subject and while performing a financial service to that Data Subject, we may obtain financial information from product providers where we invested on behalf of that Data Subject, such as the value of the investment with such product provider.


6.1 The services we provide are of such a nature that it is often necessary that personal information needs to be shared with or transferred to third parties to perform our services to clients. We also need to transfer personal information to third parties from time to time for legal or regulatory purposes. We may disclose your personal information to third parties for reasons set out in this privacy policy or where it is not unlawful to do so.
6.2 We will also share personal information for the purpose of client due diligence undertaken in compliance with anti-money laundering legislation. We may share personal information within Bentel Group (PTY) LTD for purposes of enhanced due diligence processes in compliance with anti-money laundering legislation to establish whether a client exists and has been verified.
6.3 We may, depending on the type of service, transfer personal information to a local or foreign regulator (including but not limited to the Financial Sector Conduct Authority, Reserve Bank, South African Revenue Service, the Financial Intelligence Centre), an auditor, a tax administrator, a legal advisor, a service provider providing administrative support services or accounting services to you or us, a forensic investigation service (internal or external). We will ensure that such third parties are restricted by obligations or confidentiality to only use the information for the required purpose and that they will apply strict security measures to the personal information we share with them.


7.1 This privacy policy only applies to those companies within Bentel Group (PTY) LTD that are incorporated in the Republic of South Africa and operate in the Republic of South Africa. Your personal information will therefor primarily be processed in the Republic of South Africa.
7.2 Our systems and the systems of our service providers and operators may use technology or services outside of the Republic of South Africa. Your personal information may also be processed for cloud storage purposes or using any of our websites, be transferred or processed outside of the Republic of South Africa.
7.3 We will, however, use all reasonable endeavours to ensure that the contracts entered with third parties contain the necessary appropriate safeguards if personal information is processed outside the Republic of South Africa.


8.1 You may object to us processing your personal information for marketing purposes. You can unsubscribe from direct marketing by following the steps set out in the direct marketing you received or contacting the relevant contact centre, as the case may be for the particular service.
8.2 We do not share personal information for marketing purposes.


9.1 You have the right to have your personal information processed in accordance with the conditions for the lawful processing of personal information as set out in POPIA. You also have the right as set out below which we need to make you aware of. Right of Access
9.2 In terms of section 23 of POPIA, you are entitled to request us to:
9.2.1 confirm, free of charge, whether or not we hold personal information about you; and
9.2.2 provide a record or a description of the personal information we hold, including information about the identity of all the third parties, or categories of third parties who have, or have had, access to the personal information.
9.3 You will need to provide us with adequate proof of identity before we respond to a request. If you request a record, we will respond within a reasonable time. We may charge a fee under applicable law for providing copies of records to you. Right to request correction or deletion
9.4 You may request us, in terms of section 24 of POPIA, to correct or delete personal information in our possession or under our control that is inaccurate, excessive, irrelevant, out of date, incomplete, misleading, or obtained unlawfully. You may also request us to destroy or delete a record of personal information about you that we are no longer authorised to retain.
9.5 We will as soon as reasonably practicable correct, destroy or delete, as the case may be – unless we are required or entitled under applicable laws to keep the information and inform you that we have done so.
9.6 If we do not believe that the information requires correction, we will provide you with credible evidence in support of the information. If we cannot reach a reasonable agreement with you, you may request us to attach to the information we hold the request for correction so that it can be read together. Right to object to processing
9.7 Where we process your information to protect your legitimate interest or to pursue the legitimate interest of a third party to whom the information is supplied or our own legitimate interest, you may object at any time to the processing of your personal information for these purposes, on reasonable grounds relating to your situation, unless applicable law provides for such processing.
9.8 You may also object at any time to the processing of your personal information for purposes of direct marketing or the receipt of direct marketing through unsolicited electronic communication. Remedies for Data Subjects
9.9 You have the right to complain to the Information Regulator as set out in paragraph 13 below.


10.1 We generally only keep your personal information on our records for as long as we need it to provide you with services and to meet legal requirements related to record-keeping.
10.2 We keep your personal information for as long as:
10.2.1 the law requires us to keep it.
10.2.2 a contract we have with you requires us to keep it.
10.2.3 you have consented to us keeping it.
10.2.4 we reasonably require it to achieve purposes set out in our contract with you or this policy.
10.2.5 we require it for our lawful business purposes.
10.3 We may also keep your personal information for historical, statistical or research purposes if appropriate safeguards are in place. We may keep your personal information for longer if there are litigation or an investigation, or any tax or regulatory query.
10.4 If we must keep information for longer periods than set out above (for example if it cannot be safely destructed), we will only process it for purposes of storage or for purposes of proof. We will also restrict access and processing of such information.


In the event of a security compromise or breach where your personal information has been accessed or acquired by an unauthorised person, we will notify you directly as soon as possible in terms of POPIA.

An automated decision is when your personal information is analysed to form a profile of a person or category of persons to make a decision without human intervention. We do not make use of automated decision making.


13.1 You may complain to the Information Regulator. Any person may submit a complaint to the Information Regulator in the prescribed manner and form alleging interference with the protection of the personal information of a Data Subject. A Data Subject may also submit a complaint in respect of a determination of an adjudicator.
13.2 The address of the Information Regulator is as follows:

The Information Regulator 27 Stiemens Street,

Complaints email:
General enquiries email:

This privacy policy is dated as from June 2021, we may update the privacy policy from time to time. The current privacy policy will be available on our website or at our office upon request.