fbpx
Global data protection and transfer compliance and policies (GDPR, POPI)

GDPR & POPI

Data privacy is a critical and growing concern, necessitating compliance with local (POPI) and international legislation (GDPR).

Global data protection and transfer compliance and policies (GDPR, POPI)

for businesses and entrepreneurs

GDPR & POPI

Data privacy is a critical and growing concern, necessitating compliance with local (POPI) and international legislation (GDPR). We advise our clients on requirements depending on the nature of their businesses and provide the necessary documents and compliance processes.

There are now severe regulatory penalties for non-compliance with data protection laws, including fines and prison sentences. These are in addition to the claims that you may be subject to under your customer or supplier contract terms, which can be significant enough to put you out of business unless you have the necessary protections in place.

The Protection of Personal Information Act (POPI) applies to any organisation that is resident in South Africa or processes personal information in South Africa. South African organisations are required to be fully compliant with POPI by 1 July 20201. The General Data Protection Regulation (GDPR) has applied since 25 May 2018 to any organisation that operates within the EU, or operates outside of the EU but offers products or services to EU citizens and residents or monitors their behaviour. This means that ultimately almost every major organisation needs a GDPR compliance strategy. In addition to POPI and the GDPR, there might be local laws that apply in the countries within which an organisation does business that must be complied with.

Get in Touch

Get in Touch

Get in Touch





    We help our clients to comply with POPI, the GDPR and applicable local data protection laws by reviewing their compliance processes and documents, providing the required policies (be it, for example, a privacy policy, cookie policy, security policy, or website terms and conditions of use), and by reviewing our clients’ contract terms, all or parts of which we undertake to ensure that data protection compliance is properly covered. We analyse the compliance of startups and well-established clients – it is never too early or too late to start addressing the requirements – the key step is to start the process so that you can demonstrate your compliance intentions.

    Our technology law services include

    Global data protection and transfer compliance and policies (GDPR, POPI)