This does not ensure POPIA Compliance

  • I took the time to read through the act and let me tell you, this plugin does not ensure POPIA Compliance, and does not make your website POPI Compliant! To be POPIA Compliant, you require much more than just adding a cookie banner to your site, in fact, I don’t even think you need one. There is a whole list of other requirements that this plugin does not satisfy!

Viewing 1 replies (of 1 total)
  • Plugin Contributor Mathieu Paapst

    (@paapst)

    Hi @veronicaibarra
    Thank you for your review.

    In 2021, after consulting with our legal team and with our users and open source collaborators in South Africa, we implemented the POPIA legislation. This means that we created South Africa as a new region within our Privacy Suite, showing a specific cookie banner and?cookie policy?only to people that live in South Africa. That cookie banner asks for consent before first and third-party analytics?cookies?are set.?
    We have updated the wizards that create your privacy statement, processing agreements, and data leak reports. They now contain references to the wording and definitions of POPIA. And of course, we modelled it so they contain the latest rights and obligations following POPIA and the guidelines from the Information Regulator South Africa.? The Protection Of Personal Information Act also requires that you as a website owner must search for consent from a parent or guardian if you wish to collect?personal information?from a child. So as a bonus, we added a?privacy statement for children.?

    In your review, you asked the question of whether a website should need a cookie banner. Let me just point you to the website of the specialized South African law office that explains very clearly that POPIA does apply to cookies in South Africa https://www.michalsons.com/blog/cookie-law-south-africa/15264
    Do you have reason to believe that they are wrong?

    Now with regards to the list of other popia requirements. Section 18 of POPIA states that a responsible party must take reasonably practicable steps to ensure that a data subject is aware of how an organization will process their personal information. The twelve disclosures that are required by POPIA are actually all part of the documents Complianz generates. On top of that section 18(h) of POPIA requires you to inform a data subject of “any further information” relevant to your organization’s processing of personal information. Therefore we also included seven optional disclosures. Are there any specific requirements that you are missing?

Viewing 1 replies (of 1 total)
  • The topic ‘This does not ensure POPIA Compliance’ is closed to new replies.