What you need to know about PoPIA

From 1 July 2021 the Protection of Personal Information Act (PoPIA) came into effect. This has important responsibilities for all organisations that collect and keep information on customers, members, employees etc. and this includes the Sarpbac Retirement Fund.

The Act outlines its broad objectives as follows:

  • Promote the protection of personal information processed by public and private bodies.
  • Provide for codes of conduct.
  • Introduce certain conditions that will establish minimum requirements for the processing of personal information.
  • Provide for the rights of persons regarding unsolicited electronic communications and automated decision making, amongst others.

PoPIA has eight principles, they are:

  • Accountability – Sarpbac is accountable for overseeing their PoPIA compliance and care for the personal information in their care.
  • Processing limitation – the Fund must only collect, use and keep the personal information they need.
  • Purpose specification – the Fund must specify valid reasons for why they need to collect certain information.
  • Further processing limitation – the Fund may not use personal information for any other reason than originally specified.
  • Information quality – the Fund must ensure the personal information they process is complete, accurate and up to date.
  • Openness – the Fund must be clear and transparent about all personal information processing.
  • Security safeguards – the Fund must put security measures in place to ensure personal information is kept secure.
  • Data subject participation – the Fund must be able to share personal information in its possession to anyone formally asking about their own personal information.

If you have any questions about your own personal information held by Sarpbac, you are welcome to contact the Help Desk by emailing [email protected] or phone 021 686 4281.