The Protection of Personal Information Act (POPIA or the POPI Act) is a piece of legislation which governs the law of data protection and privacy in South Africa. The act was passed to regulate the right to privacy, as enshrined by section 14 of the Constitution of South Africa, and would work in conjunction with the Promotion of Access to Information Act.
The President of South Africa assented to the Act on 19 November 2013. As part of the regulation a new government agency was created, the Information Regulator, an independent body which is empowered to monitor and enforce compliance of the PoPI Act within the public and private sector. The act came into force 1 July 2020, which commenced a one-year grace period during which all South African entities were expected to become compliant. The grace period ended 30 June 2021, with the commencement of the act on the 1 July 2021.
To promote the protection of personal information processed by public and private bodies; to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000 ; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected therewith.
And Bearing In Mind That-
And In Order To-