POPI Rights and Responsibilities

/, Privacy/POPI Rights and Responsibilities

We will look at the POPI Rights for each of the 4 Parties:

The Data Subject  (the person to whom personal information relates:  Client, Employee, Vendor or Partner),

The Operator (the individual or company performing processing on the Personal Information),

The Responsible Party  (Your Organisation, gathering and processing Personal Information), and

The Information Regulator  (Pansy Tlakula Appointed on 7 September 2016)

The Regulator will:

1.Establish an effective date (likely 12 months)

2.provide education to the public regarding their rights

3.monitor our performance and enforce  penalties where we are not compliant as an organisation (Up to R10 million and imprisonment)

4.handle complaints from the data subjects we keep  Personal information of

5.facilitate cross-border cooperation

Organisations need to:

  1. Take full  Accountability for all Personal Information in your care
  2. Limit Processing of Personal Information to only the minimum
  3. Ensure that the Purpose of gathering or processing Personal information is Specified
  4. Prohibit the Further Processing of any Personal Information
  5. Ensure that all Personal Information kept is complete, accurate, not misleading (Information Quality )
  6. Maintain Openness regarding the Personal Information you have gathered/are storing.
  7. Ensure that you have the necessary Security Safeguards in place to keep all Personal Information confidential
  8. Keep the person who’s Personal Information you are storing, involved with status, updates and usage of his/her information

Individuals have the following rights which can impact organisations:

  1. Individuals have a right to know that their Personal Information is being collected or accessed
  2. Individuals can request access to their Personal Information
  3. Individuals can object to storage of their Personal Information
  4. Individuals can object to direct marketing
  5. Individuals must give explicit permission for direct  marketing
  6. Individuals have a right to not have decisions made based on automated profiling
  7. Individuals can complain to the Regulator if dissatisfied with your Organisation
  8. Individuals can institute civil proceedings against organisations for irresponsible management of their Personal Information– if needed

Contact us for further information: +27 10 005-5359 or  admin@metaprivacy.co.za

By | 2017-11-29T14:57:52+00:00 April 29th, 2017|