Information Systems

Protection of Personal Information (PoPI) Act

POPI refers to South Africa’s Protection of Personal Information Bill which seeks to regulate the Processing of Personal Information. Personal Information broadly means any information relating to an identifiable, living natural person or juristic person (companies, CC’s etc.) and includes, but is not limited to:

·         contact details: email, telephone, address etc.

·         demographic information: age, sex, race, birth date, ethnicity etc.

·         history: employment, financial, educational, criminal, medical history

·         biometric information: blood type etc.

·         opinions of and about the person

·         private correspondence etc.

Processing means broadly anything done with the Personal Information, including collection, usage, storage, dissemination, modification or destruction (whether such processing is automated or not).

Some of the obligations under POPI are to:

·         only collect information that you need for a specific purpose

·         apply reasonable security measures to protect it

·         ensure it is relevant and up to date

·         only hold as much as you need, and only for as long as you need it

·         allow the subject of the information to see it upon request

Why should I comply with POPI?

POPI promotes transparency with regard to what information is collected and how it is to be processed. This openness is likely to increase customer confidence in the organisation. View the act here


Contact Information

Postal:                         PO Box 35506,           Menlo Park 0102,        Pretoria,           South Africa

Offices:                       Unit 313 The Block,   7 Aurora  Drive,          Umhlanga Ridge,        Durban,

Telephone:                   27 (0) 31 566 2641      Fax:     27 (0) 86 610 5574      e-Mail:             [email protected]