On the 1st of July 2021, mandatory compliance with South Africa’s data protection law, the Protection of Personal Information Act (POPIA), came into effect.
POPIA aims at ensuring that your data, in our hands, is used only for the purposes for which you shared it with us. It places various legal obligations on responsible parties (in this case Skynamo) to make sure only employees who need to handle your information do.
Skynamo is committed to comply concerning all data collected contractually from customers, and all other data collected from individuals who supply it to us via online forms or manually at live events.
How will Skynamo go about staying POPIA compliant?
Skynamo believes that organisational compliance is a business process and must be continually addressed. It is not a ‘once and done’ box to be ticked, but a commitment to meet.
South Africa is gradually moving towards stricter protections, with a ‘soft’ version of POPIA coming into effect on 1 July 2021. As far as we are aware one cannot be POPIA certified, as there is no audit and certification body. Once this becomes a possibility or requirement, we will seek certification.
Where can I learn more about steps Skynamo has taken to be POPIA compliant?
Our Skynamo and POPIA document is available here as an organic resource that will change over time as we improve our understanding of how POPIA impacts our internal processes and those of our customers.
This document should be viewed as an ongoing discussion document that explains what steps we have taken (and are planning to take) to ensure our current and continued observance of POPIA. You will find the contact details of the appointed Information Officer, responsible for overseeing Skynamo’s data protection program and ensure POPIA compliance, in this document.
Successful POPIA compliance relies on broader measures being in place
Compliance to POPIA and ensuring that the actual protection of personal data ultimately relies on an organisation’s broader data security measures.
Skynamo has implemented and will maintain appropriate technical and organisational measures, internal controls, and information security routines intended to protect customer data against accidental loss, destruction or alteration, unauthorised disclosure or access, or unlawful destruction.
Skynamo became one of a relatively small number of tech providers, globally, who is ISO 27001 certified. This means Skynamo adheres to strict security controls and policies for the protection of personal data. In order to remain certified, Skynamo undergoes an annual maintenance review assessing whether our security procedures are still updated according to International Organization for Standardization (ISO) standards.
Please consult the Skynamo and POPIA document for more information and answers to your most urgent questions here.