POPIA COMPLIANCE

The POPI Act will become effective from 1 July 2021. In light of this, we would like to give you the opportunity to unsubscribe should you no longer wish to receive communications from the Cape Town Heritage Trust.

If you are happy to be kept on the mailing list and consent to the Trust processing your personal information, no action is required. By staying opted in, you will continue to receive our newsletter, events invitations and communications about the activities of the Trust. We will keep your information confidential and ensure secure cloud storage of it, which could be on the Web outside the RSA.

If you wish to unsubscribe, please reply to this email with the work ‘Unsubscribe’.

What is POPIA?

POPIA was enacted in November 2013 to enhance the Constitutional right to privacy that we all enjoy and to ensure the safeguarding of personal information processed by public and private bodies. It sets out eight conditions which are the requirements for the processing of personal information. Key sections of POPIA came into force on 1 July 2020, and responsible parties (such as PPS) that process personal information of natural and juristic persons (data subjects) have until 1 July 2021 to ensure full compliance. As a responsible party, the Trust is entrusted with the personal information of stakeholders and we are therefore obligated to process this information in line with the law. 

What is defined as personal information?

Personal information is information relating to an identifiable, living, natural person or existing juristic person, that relates to, among others, the race, gender, sex, marital status, sexual orientation, age, physical, mental, spiritual, economic, cultural or social identity; their health, educational or financial history; as well as identifying numbers and addresses including biometric information belonging to either an identifiable living natural person or an existing juristic person. 

The eight conditions for lawful processing of personal information

1. Accountability: the Trust must be accountable for the personal information it processes or holds in its possession.
2. Processing limitation: Personal information must be processed in a lawful and reasonable manner. The purpose for processing the information must be lawful, adequate, relevant and not excessive.
3. Purpose specification: The purpose for processing personal information must be specific, explicitly defined and lawful.
4. Further processing limitation: The reason for processing personal information further must be compatible with the original purpose of collection.
5. Information quality: We are required to take practicable steps to ensure that the personal information we process is complete, accurate, not misleading and updated.
6. Openness: Personal information must be processed in a way that allows the data subject to know what is happening to their personal information.
7. Security Safeguards: We must ensure that there are sufficient security safeguards in place to secure the integrity and confidentiality of the personal information in our possession.
8. Data subject participation: Data subjects have a right to access to their personal information and to correct and update their personal information. 

Which measures are in place by PPS to comply with POPIA?

Your privacy is very important to the Trust and we will use reasonable efforts to ensure that any personal information provided by you, or which is collected from you or a third party is kept secure and confidential.

If you have any questions please contact our Information Officer:

Nicolette Nunes  admin@heritage.org.za