The Protection of Personal Information Act (POPIA) is South Africa’s data protection law. The purpose of the Act is to protect people from harm by protecting their personal information.
The Protection of Personal Information Act involves three parties:
- The data subject: the person to whom the information relates.
- The responsible party: the person who determines why and how to process.
- The operator: a person who processes personal information on behalf of the responsible party.
POPIA places various obligations on the responsible party, which is the body ultimately responsible for the lawful processing of the personal information.
Is smeMetrics POPIA compliant (certified)?
At smeMetrics, we care deeply about the security of your personal information provided to us to manage your smeMetrics account. You can read more about what smeMetrics has done to comply with data protection laws, including POPIA in our FAQs for Data Protection Compliance.
It is not possible to be certified as the Information Regulator has not yet set up a system allowing organisations the ability to obtain a POPIA certification.