How will the PoPi Act affect your Website?

POPI (Protection of Personal Information) is now a reality for all South African organisations. Failing to comply with this new stringent Privacy law will result in severe jail sentences and multi million Rand fines.

Is your business website PoPi compliant yet?

Our short POPI Act Summary
The Protection of Personal Information Act (or POPI Act) is South Africa’s equivalent of the EU GDPR. It sets some conditions for responsible parties (called controllers in other jurisdictions) to lawfully process the personal information of data subjects (both natural and juristic persons). The POPI Act does not stop you from processing and does not always require you to get consent from data subjects to process their personal information. Whoever decides why and how to process personal information is responsible for complying with the conditions. There are eight general conditions and three extra conditions. The responsible party is also responsible for a failure by their operators (those who process for them) to meet the conditions.

The POPI Act is important because it protects data subjects from harm, like theft and discrimination. The risks of non-compliance include reputational damage, fines and imprisonment, and paying out damages claims to data subjects. The biggest risk, after reputational damage, is a fine for failing to protect account numbers.

The biggest impact is on organisations that process lots of personal information, especially special personal information, children’s information, and account numbers. The most affected industries are financial services, healthcare, and marketing.

Some of the obligations under PoPi are to:

  • Obtain consent to collect and process personal information online;
  • Specify how you will be using and protecting that information;
  • Only collect information that you need for a specific purpose;
  • Apply reasonable security measures to protect it;
  • Ensure it is relevant and up to date;
  • Only hold as much as you need, and only for as long as you need it;
  • Automatically audit access to and usage of that information;
  • Allow the subject of the information to see what information you have and prove how you have used it on request.

It is much easier to start with a new website and build your PoPi compliance in from the beginning before you begin to collect information from your visitors. It is also easier to use online forms to manage information than attempting to comply with manual paper information collection points in your business.

Attempting to retrofit your website and your databases after the fact is a lot more difficult! Not impossible, as it can be done, but this can become very time consuming and expensive process.

DiG has the knowledge and the expertise to build PoPi compliant websites and online information management systems for your business as we have been aware of this legislation and have been actively seeking to develop solutions for Privacy Protection from before PoPi was enacted back in 2014.

What is the POPI Act timeline?
POPI commences on 1 July 2020. Giving you a 12 month grace period to get your organisation POPI compliant by the POPIA deadline of 1 July 2021. POPIA will be regulated by a new Information Regulator while within your organisation, your Information Officer is the key person to ensure compliance.

POPI Act Summary for Executives
If you’re looking for a POPI Act summary to give your board or governing body, we can help you to prepare a short handout and even present the executive briefing.

Need assistance with POPI compliance?
We are currently helping our clients comply with the POPI Act.

Empower yourself with practical knowledge by joining a Data Protection Programme, attending a POPI Act workshop, or a POPIA webinar.
Get assistance by finding out how we can help you with privacy and data protection.
Raise awareness in your organisation by arranging for us to facilitate your own private in-house POPI Act workshop with our associates at Victor Legal.
Increase your knowledge by reading it online.
Increase your awareness by reading a longer summary of the Protection of Personal Information Act or POPIA.
What are your next steps?
The POPI commencement date is 1 July 2020 which makes the deadline for organisations to comply 1 July 2021.


The team members of DiG have also been closely associated with the KEPT project and Victor Legal. So who better than DiG to look to for a new website or to retrofit your online business processes than DiG?

 [quix id='63' name='Let us help you ']

What's so special about us?

There are so many companies and individuals offering websites out there, so why should you use DiG to create and manage your online business presence?

Yes we have years of coding and design knowledge and we are very good at building websites, but we also have actual business management experience and an understanding of what it takes to run a business from logistics through to marketing.
This is were our offering differs. We use those years of industry experience to develop online tools to assist with your business work flow and processes.
This automation will not only save you time and prevent task repetition but  it will also ensure that all your processes are compliant with current legislation.

WE OFFER ONGOING BUSINESS SOLUTIONS ...    ... not just websites!

There is something special about your business.

Our goal will be to let the world know what that is!

Proudly serving you from Melkbosstrand.


Get in touch






We are not cheap . . .

. . . but we do, however, offer reasonable Website Subscription Plans that make our services affordable and accessible, without sacrificing quality.  This is a great option for smaller to mid-size companies who need a great website on a budget and who also need our regular Monthly Marketing, Social Media and SEO support.

There’s always someone willing to do it cheaper, but . . .

. . . generally, when you find someone willing to do a cheap website, that is what you are getting – a cheap website, and there is always a catch to a cheap website!

Your website should work for you. It is your best employee. Would you underpay your best employee?