Question 1

What is POPIA?

Accepted Answer

POPIA stands for the Protection of Personal Information Act 4 of 2013. It is South Africa's primary data protection legislation, regulating how organisations collect, store, use, and share personal information. POPIA came into full effect on 1 July 2021.

Question 2

Does POPIA apply to my business?

Accepted Answer

POPIA applies to any person or organisation (public or private) that processes personal information of South African residents, regardless of whether the organisation is based in South Africa. If your website collects names, email addresses, or any other personal data from South African users, POPIA applies to you.

Question 3

What does the POPIA Compliance Audit Tool check?

Accepted Answer

Our tool automatically scans your website for: HTTPS security, privacy policy presence, cookie consent banners, PAIA Manual links, Information Officer details, tracking scripts (Google Analytics, Meta Pixel, etc.), and opt-out language. It also includes a 7-question self-assessment covering consent mechanisms, IO registration, breach notification procedures, data retention policies, cross-border transfers, and children's data processing.

Question 4

What is an Information Officer under POPIA?

Accepted Answer

Under POPIA, every organisation that processes personal information must designate an Information Officer (IO). The IO is responsible for ensuring the organisation complies with POPIA, handling data subject requests, and liaising with the Information Regulator. The IO must be registered with the Information Regulator of South Africa.

Question 5

What is a PAIA Manual?

Accepted Answer

A PAIA Manual is a document required under the Promotion of Access to Information Act (PAIA). It describes the types of records held by an organisation and how members of the public can request access to those records. Private bodies with more than 50 employees are required to compile and publish a PAIA Manual.

Question 6

Is the POPIA Compliance Audit Tool free?

Accepted Answer

Yes, the POPIA Compliance Audit Tool on popiacompliancecheck.co.za is completely free to use. Simply enter your website URL and email address, complete the self-assessment, and receive a detailed compliance report at no cost.

Question 7

What happens to my data when I use the audit tool?

Accepted Answer

Your email address and website URL are processed in-memory to generate your compliance report and are not stored in a persistent database. A copy of your report is emailed to you and a summary is sent to the POPIA COmpliance Check team for follow-up purposes. We do not sell or share your data with third parties. See our Privacy Policy at https://www.popiacompliancecheck.co.za/privacy-policy.html for full details.

Question 8

What are the penalties for non-compliance with POPIA?

Accepted Answer

Non-compliance with POPIA can result in administrative fines of up to R10 million, criminal prosecution with imprisonment of up to 10 years, civil claims from affected data subjects, and significant reputational damage. The Information Regulator of South Africa is empowered to investigate complaints and enforce compliance.

Is Your Website
POPIA Compliant?

Why POPIA Compliance Matters

Frequently Asked Questions

Need Expert POPIA Guidance?

Is Your WebsitePOPIA Compliant?

Why POPIA Compliance Matters

Frequently Asked Questions

Need Expert POPIA Guidance?

Is Your Website
POPIA Compliant?