Instantly Create a Privacy Policy for your Website
Instantly Create a Privacy Policy for your Website
The Protection of Personal Information Act (POPI) requires every South African website to display a privacy policy on their websites and is also called to comply with these regulations.
After learning more about POPIA over at popia.co.za, we came to understand how important this Act really is. We are all FOR Protecting Personal Information from being sold and misused.
This is our effort to fully support this cause.
Generate a POPIA Compliant Privacy Policy For Your Website
Use the form below to instantly create your website’s privacy policy.
Spoiler Alert: It could take less than 5 minutes if you have the information handy.
Please Note: You will be able to edit and make changes to the policy if need be. You also need to read and ensure your business complies with the regulations set out in the policy.
Got Questions?
The questions are good!
Please read our frequently asked questions below about POPIA and this process. if you still have any questions, please check the resources at the bottom of this page.
Have the following information ready and it should take less than 5 minutes to create your privacy policy:
- Business Registered Name and Registration number.
- Business Addresses and Contact Information.
- Contact Information for your appointed Information Officer (personnel that will handle personal information requests)
- Indicate if your website uses any third-party applications to perform certain functions.
- You will be able to make changes to the policy in case anything needs to be edited afterward.
The Purpose of POPIA is to ensure Personal Information remains private, whilst providing you with more control and access to your information. You have the right to know how and what information is being collected, processed, stored, and shared and with only authorised persons.
For your website to be POPIA compliant you will need to publish your privacy policy on your website. You will also need to add a notice, to notify your website visitors about your privacy policy. Most websites use a cookie banner.
The policy is the most important part and the place to start compliancy but apart from this you will appoint and register your information officer.
Key steps to compliance are listed below.
Yes. It is important that you read, understand, agree, and comply with your own privacy policy to ensure that your business complies. Please see the resources section below to learn more.
Your website’s compliance is only one step to ensuring your business complies with POPIA Regulations. Please see the section below on the Key Steps to Compliance.
We work exclusively with WordPress websites, we could potentially help you to convert your Website to WordPress in order for you to be able to handle future minor updates to your website.
Existing WordPress websites can benefit from our Quick Care Plan package which includes crucial software updates, or get regular updates by subscribing to a WordPress Care plan.
POPIA – The Key Steps to Compliancy
Below are the key steps to ensure you comply with POPIA regulations. Please refer to the resources section at the bottom of this page for more information on POPIA.
This person will take on the responsibility to ensure POPIA Compliancy and handle all Privacy requests and is to cooperate with the Information Regulator of South Africa should any investigations arise. Your Information officer will have to be registered at the Information Regulator by completing the pdf below. This completed PDF can be emailed to inforeg@justice.gov.za Link to PDF: InfoRegSA-eForm-InformationOfficersRegistration-2021
Personal Information can be processed and is most often required to fulfill a service or deliver a product. But, it may only be processed on a lawful basis and shared only with relevant third parties if this is required to perform a service or deliver a product. Informing your clients and website visitors on how and what personal information is collected and processed is required. You should also ensure the information you hold is not excessive, yet complete and up to date.
(Data Subject is the cold term used in the policy to describe any website visitor, client, or lead) A Data Subject has the right to access its personal information. You should not withhold access and respond to these requests.
In the event of a Security breach, you are to Notify the Information Regulator of this breach. You will also need to notify your Data Subjects that you have reason to believe that their personal information has been accessed by an unauthorised party. This will ensure your Data Subjects can take the necessary steps to protect themselves.
(A Data Operator is any person that you entrust your Data Subject’s Personal Information to work with on your behalf.) As an example, if you are a Bold Mark creative Client, you should get an operator agreement from us to ensure we process any of your Data Subject’s Personal Information in accordance with POPIA.
There are some exceptions to this rule. You may only transfer Personal Information to a foreign entity or person if you are required to do so in order t perform a service or contract provided that this information is adequately protected and handled in accordance with POPIA.
Keeping a record of how you process personal information, and for what reasons. This will help you demonstrate compliance to the Regulator.
Resources & Further Reading
www.popia.co.za
This website is the Protection of Personal Information Act in the form of an easy-to-navigate web form. Browse the website to easily find answers to:
- What do the terms in the Policy mean?
- When did the act come into effect?
- What is the Purpose of POPIA?
- Enforcement.
- and much more not covered here.
www.justice.gov.za
This is the website of the Information Regulator South Africa, where you will find lots of information about:
- How to contact the Information Regulator?
- Learn more about The Information Regulator
- Register your Information Officer Online
- Code of Conduct.
- and much more not covered here.