Important: By accessing or using any LegendTags system, platform, or resource, you agree to comply with this Acceptable Use Policy. Non-compliance may result in suspension of access or legal action.
1. Purpose
This policy defines the acceptable use of LegendTags systems, data, and technology resources to ensure security, integrity, and compliance with applicable laws and internal standards. It is intended to protect both LegendTags and its users from misuse, unauthorised access, and security threats.
2. Scope
This policy applies to all of the following individuals who access or use LegendTags systems and information:
- Directors and executive management
- Employees (full-time, part-time, and temporary)
- Contractors, consultants, and third-party service providers
- Any other individual granted access to LegendTags systems or data
This policy applies to all LegendTags systems, platforms, networks, devices, and data — whether accessed on-site or remotely.
3. Acceptable Use
All users of LegendTags systems and resources must:
- Access systems only for legitimate, authorised business purposes.
- Maintain the confidentiality of all business, customer, and personal data.
- Comply with all applicable South African laws, regulations, and internal policies, including POPIA and FICA.
- Use resources responsibly and efficiently, without waste or abuse.
- Protect login credentials and not allow others to access systems on their behalf.
- Report any suspected security concerns, incidents, or policy violations promptly.
4. Prohibited Activities
The following activities are strictly prohibited on all LegendTags systems and platforms:
- Unauthorised Access: Accessing systems, accounts, or data without explicit authorisation.
- Credential Sharing: Sharing login credentials, passwords, or access tokens with any other person.
- Data Misuse: Using, copying, or transmitting data for purposes outside of your authorised role.
- Malicious Software: Introducing viruses, malware, ransomware, spyware, or any harmful code into LegendTags systems.
- Illegal Activities: Using systems for any activity that violates South African law or international regulations.
- Unethical Conduct: Using systems in a manner that is unethical, fraudulent, deceptive, or harmful to LegendTags, its customers, or third parties.
- Circumventing Security: Attempting to bypass, disable, or undermine any security controls, firewalls, or monitoring systems.
- Unauthorised Disclosure: Sharing confidential business or customer information with unauthorised parties.
- System Interference: Disrupting, overloading, or otherwise interfering with the performance or availability of LegendTags systems.
5. Access Control
Access to LegendTags systems is managed on a role-based, need-to-know basis:
- Access rights are granted according to an individual's role and responsibilities.
- Users must not attempt to access systems or data outside the scope of their authorised role.
- Users are responsible for safeguarding their login credentials at all times.
- Access must not be shared, transferred, or delegated to any other individual.
- Access rights will be reviewed periodically and revoked upon change of role or termination.
6. Data Protection
All personal and business data processed through LegendTags systems must be handled in accordance with applicable data protection laws, including the Protection of Personal Information Act (POPIA):
- Personal data must only be collected, stored, and used for the purposes for which it was obtained.
- Sensitive information — including financial data, identity documents, and customer records — must not be disclosed without proper authorisation.
- Data must be stored securely and not transmitted via unsecured channels.
- Any accidental disclosure or suspected data breach must be reported immediately as set out in Section 8 below.
For more information on how LegendTags handles personal data, refer to our Privacy Policy.
7. Monitoring
LegendTags reserves the right to monitor the use of its systems, platforms, and data to:
- Ensure compliance with this policy and applicable laws.
- Detect and investigate suspected misuse, fraud, or security incidents.
- Protect the integrity, availability, and confidentiality of its systems and data.
By using LegendTags systems, users acknowledge and consent to such monitoring. Monitoring will be conducted in accordance with applicable privacy laws.
8. Reporting
Any suspected misuse, policy violation, security breach, or concern must be reported immediately to LegendTags management. Prompt reporting enables swift action to minimise risk and harm.
9. Enforcement
Violation of this Acceptable Use Policy may result in one or more of the following consequences, depending on the severity and nature of the breach:
- Formal warning or disciplinary action in accordance with LegendTags HR procedures.
- Immediate suspension or permanent revocation of system access.
- Termination of employment, contract, or business relationship.
- Civil or criminal legal action where applicable under South African law.
- Reporting to relevant regulatory or law enforcement authorities.
