South Africa’s Protection of Personal Information Act (POPIA) is one of the newest additions to the growing trend of data privacy legislation following the lead of, for example, Europe’s General Data Privacy Regulation (GDPR). Though there are key differences between GDPR and POPIA, they are both built on the same guiding principles of accountability, transparency, security, data minimisation and the rights of data subjects. POPIA gives data subjects much more control over their personal information.

Personal information is any information that relates to a living, identifiable natural person or an existing juristic person (e.g. a company). In order to process such information, one must comply with the information processing conditions contained in POPIA.

POPIA was made effective by parliament on 1 July 2020. All companies were afforded a grace period of one year from the commencement date to ensure compliance with the act which becomes official and effective from 1 July 2021.

We are committed to ensuring the privacy and integrity of your information. We take your privacy and the protection of your personal information very seriously, and we will only use your personal information as stated in our Privacy Statement and applicable data protection legislation. It is important that you take all necessary and appropriate steps to protect your personal information yourself (for example, by ensuring that all passwords and access codes are kept secure).

We have implemented reasonable technical and operational measures to keep your personal information secure.