+27 21 701 7777

POPI Act

Summary

This guide answers your frequently asked questions (FAQ) about the legal issues related to Astute Electronics. Representatives of a body that runs a property (for example, the trustees of a body corporate) will find it interesting. Your risk of being held liable for failing to secure your property is far higher than the risk of using Astute Electronics. The risk of being fined, because Astute Electronics acted contrary to the law, or being successfully sued for losses by a data subject, is very low, if not non-existent. Astute Electronics does not discriminate against nor infringe the constitutional rights of anyone.

Key points and possible actions

1. You may lawfully monitor who accessed your property.
2. Astute Electronics is your operator under POPI and processes personal information for you.
3. The benefits of using our products far outweigh any possible risks.

Key benefits of Astute Electronics
· You are able to protect and ensure the safely of others.
· You are able to manage your risks.

What is POPI?

It is the Protection of Personal Information Act, a law passed by the South African parliament, which sets the conditions that you must follow to lawfully process the personal information about persons. POPI will only commence on a date to be set by the President.

Why did POPI come in to existence?

POPI protects people (like you and me) from harm (both physical and loss of money) by requiring those who process our personal information to protect it. For this reason alone POPI is important.
The protection of personal information is definitely needed now, more than ever. With the rise of computing power and devices like tablets and smart watches, personal information is at greater risk than ever before. POPI will enable personal information to be transferred to South Africa, which will bring economic benefits for the country.

Key points and possible actions
· POPI does not stop you from processing people’s personal information.
· You will only have to comply with POPI sometime in 2016.

What information does Gate-Keeper process ?

Gate-keeper processes various personal information about visitors, including:
· Name
· Cell Phone Number
· their access to a property (location information).

Do you process account numbers or credit card holder information?

No. This is a good thing because it means that we are not exposed to the risks associated with processing that kind of personal information (which are significant). We do not need to comply with PCI DSS.

Key points and possible actions

· Our products do process lots of personal information, but it not particularly special or sensitive personal information.
· We do not process bank account, financial information or health related information.

Who is responsible for protecting this personal information?

You, the user of our products are the responsible party. Because you decide why (to control access or secure the property) and how (by monitoring or identifying) the personal information will be processed. You must make sure we also protect it. We do and you can trust us to process the personal information we process on your behalf.

What role does Astute Electronic play?

We process personal information for you as your operator. POPI requires us to secure the personal information we process for you and to only process with your authorisation. We comply with both of these obligations.

Key points and possible actions
· You are responsible in the eyes of the law.
· We process personal information for you and can help you to be responsible.

Could someone claim damages from you as the user?

No, as long as you stick to the conditions for lawful processing. For example, if you sell visitor information to a direct marketer, you might be sued for damages because you process their personal information for a different purpose. You can always get sued for something you do, but you won’t get sued for using one of our systems.

Does OnGuard or IdentiScan infringe anyone’s rights?

No. People do not have absolute fundamental rights and such rights are being justifiably and legitimately limited.

Can the cloud help you to comply with POPI?

Yes, it can. If many copies of personal information exist in many different places it is exposed to a greater number of risks. If you can consolidate your personal information into one central location in the cloud, and then control the security and access to that personal information you will be protecting personal information. We are cloud based and will always be so.

Key points and possible actions
· POPI does not mean you cannot use the cloud.
· Using the cloud can be an effective way of protecting personal information.

Does Astute Electronics secure the personal information it processes?

Astute Electronics and its directors and employees:
· take appropriate and reasonable measures to secure the personal information;
· have a proven track record of protecting information; and
· are trusted by hundreds of users.

Does POPI require certain clauses to be in the contract between you and us?

Yes, it does. Our contract ensures that you comply with your relevant obligations in POPI.

Does Astute Electronics use your personal information for anything else?

No.

Are you unlawfully processing personal information in terms of POPI?

No. Whilst POPI does prescribe conditions for lawful processing it does not prevent anyone from processing personal information.

How long does Astute Electronics keep personal information for?

We lawfully keep records (on your behalf) for as long as you reasonably require them to guard your property. We also keep records for as long as the law requires us to keep them and then we also continue to keep the records if you (or we) still need them for something.

What are useful links for more information?

· www.michalsons.co.za
· www.informationregulator.co.za

About this guide

Copyright
Copyright © 2002 – 2014. Michalsons. All rights reserved. Copyright subsists in this work under the Copyright Act 98 of 1978. Any unauthorised act infringes copyright. We trust you to respect our copyright.

Disclaimers
1. The content is provided for the jurisdiction of South Africa and is not suitable for other jurisdictions.
2. We give no warranty about it, and none may be implied. We are not responsible for any mistake in the information or any direct or indirect loss that may follow from it.
3. The guidance has been prepared by Michalsons and is based on their interpretation of the principles of South African law at the time of publication. The law may change due to future legislative enactments and court decisions.
4. It is a summary or opinion on general principles of law and is published for general guidance purposes only. The content does not constitute specific legal, tax, investment, accountancy or other professional advice.
5. Seek individual advice from a suitably qualified professional adviser before dealing with any specific situation.

SEO by the SEOPros