This form must be completed by an authorised representative of the company and the individual user who will be granted administrator, supervisor, or authorised access to ProfileMe systems, dashboards, or user information.

By completing this form, the company and the individual acknowledge their respective responsibilities for the lawful, secure, and appropriate use of personal information accessed through the ProfileMe platform.

Access Governance & Acceptable Use

The company and the individual user agree that:
• Access will be granted strictly on a role-based, least-privilege, and need-to-know basis
• Access will be used only for lawful and authorised business purposes
• Access credentials will not be shared, transferred, or misused
• Access rights will be reviewed regularly and revoked immediately when no longer required
• Any suspicious activity, unauthorised access, or potential data breach will be reported to ProfileMe without delay
• ProfileMe reserves the right to suspend or revoke access where misuse, risk, or non-compliance is identified

Confidentiality & Data Handling
The company and the individual user acknowledge that:
• All personal and business information accessed via ProfileMe is confidential
• Such information may not be copied, disclosed, distributed, or used outside authorised purposes
• Personal information must be handled in accordance with applicable data protection laws and internal company policies
• Misuse of data may result in access removal, disciplinary action, or legal consequences

Data Protection & Legal Responsibilities
The company acknowledges and agrees that:
• The company acts as the Responsible Party (Controller) for personal information accessed via ProfileMe
• ProfileMe acts as the Operator (Processor), processing data on behalf of the company in accordance with applicable data protection laws
• The company is responsible for ensuring that all processing of personal information complies with POPIA, GDPR, and applicable regulatory requirements
• The company must implement appropriate technical and organisational safeguards to protect personal information within its own environment

Data Export & Local Storage Responsibility
The company and the individual user acknowledge and agree that:
• Any data exported, downloaded, or extracted from ProfileMe is removed from ProfileMe’s controlled and secured environment
• Once exported, such data is stored and processed within the company’s own systems, devices, or environments
• The company assumes full responsibility for the security, storage, handling, and use of such data
• The individual user is responsible for ensuring that any exported data is handled securely and not stored on unauthorised or unsecured devices or locations
• ProfileMe has no control over, and accepts no responsibility for, any personal information once it has been exported or downloaded from the platform

Indemnity
The company agrees to indemnify ProfileMe against any loss, damage, claim, or liability arising from:
• The misuse, unauthorised access, or unlawful processing of personal information by the company or its users
• Any breach, exposure, or compromise of data occurring outside of the ProfileMe platform, including data that has been exported or downloaded

POPIA & Regulatory Acknowledgement
The company and the individual user acknowledge that:
• Personal information must be processed lawfully, fairly, and securely in accordance with POPIA, GDPR, and applicable regulatory requirements
• Appropriate safeguards must be maintained to prevent unauthorised access, loss, or disclosure of personal information
• Any failure to comply with these obligations may result in legal, regulatory, or disciplinary consequences