POPIA (Protection of Personal Information Act) outlines the conditions under which personal information may be processed, including the collection, storage, use, and dissemination of personal data. The act defines personal information broadly to include any information that can identify a natural or legal person, such as names, addresses, identification numbers, email addresses, telephone numbers, employment history, financial information, and biometric data.
POPIA Compliance should be achieved by any organization that collects, processes, stores, or shares personal information of South African citizens, regardless of where the organization is located. This includes organizations that are based outside of South Africa but conduct business with South African citizens or residents. The law applies to both private and public sector organizations, including businesses, non-profit organizations, government agencies, and any other entity that processes personal information.
Under POPIA, individuals have the right to know what personal information is being collected about them, why it is being collected, and who will have access to it. They also have the right to request that their information be deleted or corrected, and to object to the processing of their data for marketing purposes. Non-compliance with POPIA can result in fines, legal action, and damage to an organization's reputation.
Our streamlined certification process has been crafted to support your company in achieving certification within a timeframe of just 7 to 30 days
It streamlined a lot of processes. Very pleased. We thought it would be a horrendous amount of work, but were greatly surprised and pleased instead.
The process improvement training was fantastic. Since our focus was more on process improvement than certification it really helped the team.
Did exactly what was required without going overboard. A manageable system. Worked with existing systems. It was easy to step up and improve.