POPIA Compliance
Introduction
Incoclox is committed to ensuring compliance with the Protection of Personal Information Act (POPIA) to protect the personal information of our clients. This document outlines our POPIA compliance framework.
POPIA Principles
We adhere to the following POPIA principles in managing personal information:
Accountability: We take responsibility for ensuring compliance with POPIA.
Processing Limitation: We process personal information lawfully and minimally, only for the purposes it was collected.
Purpose Specification: We collect personal information for specific, explicitly defined, and legitimate reasons.
Further Processing Limitation: Any further processing of personal information is compatible with the original purpose of collection.
Information Quality: We ensure that personal information is accurate, complete, and up-to-date.
Openness: We maintain transparency about our data practices.
Security Safeguards: We secure personal information against risks such as loss, unauthorized access, destruction, or damage.
Data Subject Participation: We allow data subjects to access, correct, or delete their personal information.
Data Subject Rights
Under POPIA, data subjects have the right to:
Be Informed: Know what personal information is being collected and how it will be used.
Access: Access their personal information held by Incoclox.
Correction and Deletion: Request correction or deletion of their personal information.
Objection: Object to the processing of their personal information.
Withdraw Consent: Withdraw consent for the processing of their personal information.
Data Protection Officer (DPO)
Incoclox has appointed a Data Protection Officer responsible for overseeing POPIA compliance. The DPO can be contacted at:
Email: info@incoclox.co.za
Phone: +27 73 221 8183
Address: Menlyn Central Towers, 7th Floor, Pretoria, South Africa
Data Breach Notification
In the event of a data breach, we will:
Notify the Regulator: Inform the Information Regulator of the breach as soon as reasonably possible.
Notify Affected Data Subjects: Inform affected individuals if their personal information has been compromised.
Training and Awareness
We provide regular training and awareness programs for our employees to ensure understanding and compliance with POPIA requirements.
Review and Update
We review our POPIA compliance framework regularly and update it as necessary to ensure ongoing compliance with data protection laws.
Effective Date: June 6, 2024