The protection of Personal Information Act 4 of 2013 (‘PoPIA’), which deals with the way South African organisations collect, collate and store personal information of individuals and what may be lawfully processed. The law came into effect on the 1st of July 2020. When it comes to the protection of personal information, the PoPIA is meant to protect the client.
As FruitLips (Pty)Ltd (FruitLips) we would like to confirm that when it comes to clients Personal Information (PI) and data, we take this responsibility serious. We use PI’s with consent and for the purpose as set out in the intent of mandates with clients.
The mandates include:
- Maintenance of a financial database to invoice clients, service providers and suppliers.
- Inclusion of information of employees.
- Continuous communication to market and sell products to potential clients.
FruitLips do not sell PI’s to third parties and take all reasonable steps to secure PI’s in the FruitLips systems.
The file (name of link on the website) has more information on how FruitLips keep your personal information safe and how to protect yourself concerning the digital presence. More information on the act is provided.
WHAT IS PoPIA?
PoPIA was enacted in November 2013 to enhance the Constitutional right to privacy that we all enjoy and to ensure the safeguarding of personal information processed by public and private bodies. It sets out eight conditions which are requirements for the processing of personal information. Key sections of the PoPIA came into force on 1 July 2020, and responsible parties (such as FruitLips) that process personal information of natural and juristic persons (data subjects) have until 1 July 2021 to ensure full compliance.
As an entrusted party and responsible party, FruitLips is trusted with personal information of clients, suppliers, potential clients, service providers and employees. FruitLips is therefore obligated to process this information in compliance of the law.
WHAT IS DEFINED AS PERSONAL INFORMATION?
Personal information is information relating to an identifiable living, natural person or existing juristic person, that relates to race, gender, sex, marital status, sexual orientation, age, physical, mental, spiritual, economic, cultural or social identity; health, educational of financial history; as well as identifying numbers and addresses including biometrical information belonging to either an identifiable living, natural person or an existing juristic person.
THE 8 CONDITIONS FOR LAWFUL PROCESSING OF PERSONAL INFORMATION:
- Accountability – FruitLips are accountable for personal information it processes and hold in its possession.
- Processing limitation – personal information must be processed in a lawful and reasonable manner and the purpose for the processing of information need to be lawful, adequate, relevant, and not excessive.
- Purpose specification – the purpose for processing personal information must be specific, explicitly defined, and lawful.
- Further processing limitation – the reason for processing personal information further must be compatible with the original purpose of collection as defined per mandate.
- Information quality – FruitLips is required to take practical steps to ensure that the personal information processed is complete, accurate, not misleading and updated.
- Openness – personal information needs to be processed in a way that allows the data subject to know what is happening to their personal information.
- Security safeguards – FruitLips needs to ensure that there are sufficient security safeguards in place to secure the integrity and confidentiality of the personal information in possession.
- Data subject participation – data subjects have a right to access personal information and to correct and update personal information
Personal privacy is very important to FruitLips and will ensure reasonable effort to ensure that personal information provided or collected is kept secure and confidential.
When it comes to protecting yourself about your digital presence, tips are given:
- Don’t click on links in messages from unknown sources.
- FruitLips will never call clients, potential clients, suppliers, or service providers and ask for user ID’s and/or passwords.
- Be aware and do not respond to phishing e-mails. If you receive a suspicious e-mail that appears to be from FruitLips, forward it to firstname.lastname@example.org.
- When responding to an e-mail, ensure that the actual response e-mail address is the same as the e-mail address of the sender. Beware of near-identical e-mail addresses.
- Be aware if you share your ID with third parties, that FruitLips cannot be held responsible for data breaches of information leakages experienced by those service providers.
- Make sure that you have up-to-date antivirus software installed on all devices.
- Ensure that security vulnerability is not exploited on any device by updating regularly to prevent criminals from exploiting security vulnerabilities on any device.
- If SMS of e-mail notifications for a FruitLips transaction you did not perform, urgently phone FruitLips on 0229145050 (office hours) or e-mail to email@example.com.
- FruitLips welcome any questions or objections and direct these to 022-9145050 or e-mail to firstname.lastname@example.org.
FruitLips (Pty)Ltd (Internal Compliance)