Get ready for POPIA with OneTrust

March 22, 2021


Enforcement for South Africa’s Protection of Personal Information Act (POPIA) will begin on July 1, 2021, and OneTrust can help you get ready. With just a few months left to get your privacy program compliant, organizations should consider how they will meet POPIA’s obligations.

Request a demo: Operationalize South Africa’s Privacy Law

POPIA: What You Need to Know

POPIA was signed into law in November 2013 and came into effect July 1, 2020, beginning a 12-month transition period. During that period the Information Regulator, the data protection authority provided by POPIA, was established and held its first meeting late in 2016. 

The act enshrines the right to privacy and makes provision for a range of data subjects rights, including the rights to notice of collection, to request the correction, destruction, or deletion of personal information, to object to direct marketing, to not be subject to automated processing, and to direct private right of action.

Key Terms in POPIA

POPIA uses slightly different terminology compared to many other data protection laws from around the world, the key definitions to note include: 

  • Personal information: POPIA refers to a data subject’s “personal information”, compared to the GDPR’s “personally identifiable information.” POPIA’s personal information is broader and includes any personal data regarding a human individual or juristic person. This definition includes biometric information, employment history, personal correspondence, personal opinions, pregnancy, mental health, and the language of a person. 
  • Responsible party: The body that decides the purpose and means for processing personal information of a data subject, this would be the equivalent to a controller under the GDPR.
  • Operator: A body that processes personal information on behalf of the responsible party. This is equivalent to the GDPR’s definition of a processor.

Request a demo: Operationalize South Africa’s Privacy Law

How Can OneTrust Help You Get Ready for POPIA?

OneTrust can help organizations work towards their POPIA compliance and get ready before the July 1 enforcement deadline. OneTrust can help you get your privacy program ready for POPIA with:  

  • Research & Readiness: Stay on top of the latest POPIA developments with research portals and prepare to report to your board with POPIA maturity & planning, and benchmarking tools.  
  • Privacy Management Software: Operationalize and automate your POPIA requirements across opt-outs, consumer rights, and privacy governance operations.   
  • Professional Services: Get support with planning and implementing POPIA with our implementation and validation services.   
  • Global User Community: Network with industry peers on best POPIA implementation practices at free POPIAConnect workshops.

With just a few months before the POPIA enforcement deadline, request a demo to find out how OneTrust can support your compliance.

Follow OneTrust on LinkedInTwitter, or YouTube for the latest on POPIA compliance.

You may also like


Responsible AI

Unpacking the EU AI Act

Prepare your business for EU AI Act and other AI regulations with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more


Consent & Preferences

Live demo: How to automate consent and preference management with OneTrust

In this webinar, we demonstrate how OneTrust Consent and Preferences helps build stronger customer relationships by providing transparency, giving users control over their data use, and delivering personalized experiences.

June 29, 2023

Learn more


Privacy Management

Unpacking the EU-US DPF

In this webinar, we cover the new EU-US Data Privacy Framework (EU-US DPF) and what privacy program managers need to know for post-Schrems II data transfers.

June 28, 2023

Learn more