Skynamo, PoPIA and your personal information (South Africa)

Posted on July 5, 2021 by - Build a better business, Build a better business, Sales & Technology (how tech is helping, trends)

POPIA data privacy in South Africa

Mandatory compliance with South Africa’s data protection law, the Protection of Personal Information Act (POPIA), has come into effect.

POPIA ensures that we use your data only for the purposes for which you shared it with us. It places various legal obligations on responsible parties (in this case Skynamo) to make sure only employees who need to handle your information do.

Skynamo commits to complying with regulations for all data we collect contractually from customers, as well as data individuals provide via online forms or manually at live events.

 

How will Skynamo go about staying POPIA compliant?

Skynamo believes that organizations must treat compliance as an ongoing business process. Compliance is not a ‘once-and-done’ box to tick but a commitment that must be actively upheld.

South Africa is gradually moving towards stricter protections, with a ‘soft’ version of POPIA coming into effect on 1 July 2021. As far as we are aware one cannot be POPIA certified, as there is no audit and certification body. Once this becomes a possibility or requirement, we will seek certification.

 

Where can I learn more about steps Skynamo has taken to be POPIA compliant?

Our Skynamo and POPIA document is available here. It’s an organic resource that will change over time as we improve our understanding of how POPIA impacts our internal processes and those of our customers.

We view this document as an ongoing discussion that explains the steps we have taken—and plan to take. It ensures we continue to comply with POPIA. You will find the contact details of the appointed Information Officer, responsible for overseeing Skynamo’s data protection program and ensure POPIA compliance, in this document.

 

Successful POPIA compliance relies on broader measures being in place

Compliance to POPIA and ensuring that the actual protection of personal data ultimately relies on an organisation’s broader data security measures.

Skynamo has implemented and will maintain appropriate technical and organisational measures, internal controls, and information security routines. These measures protect customer data from accidental loss, destruction, or alteration, as well as from unauthorized access, disclosure, or unlawful destruction.

Skynamo became one of a relatively small number of tech providers, globally, who is ISO 27001 certified. This means Skynamo adheres to strict security controls and policies for the protection of personal data. In order to remain certified, Skynamo undergoes an annual maintenance review. It assesses whether our security procedures are still updated according to International Organization for Standardization (ISO) standards.

 

Please consult the Skynamo and POPIA document for more information and answers to your most urgent questions here.