Terms and Conditions

Welcome to our Terms & Conditions page. Please read the following carefully.

Protection of Personal Information Act (POPIA) - Full Compliance Statement

The **Protection of Personal Information Act, No. 4 of 2013 (POPIA)** is designed to safeguard your personal data by regulating how businesses, organizations, and government entities process personal information. Our system complies fully with **POPIA**, ensuring that your data is collected, stored, and processed in a lawful and ethical manner.

1. Purpose of the POPI Act

The purpose of the **POPIA** is to ensure that all South African businesses and institutions follow strict guidelines when handling **personal information**, ensuring **transparency, accountability, and security** in data processing. This Act aligns with global data protection laws such as the **General Data Protection Regulation (GDPR)**.

2. Key Definitions under POPIA

• Personal Information: Any information relating to an identifiable, living, natural person or company, including names, addresses, ID numbers, emails, and biometric data.
• Processing: Any operation performed on personal data, including collection, storage, modification, distribution, and destruction.
• Responsible Party: The entity (organization, business, or institution) that determines the purpose and means of processing personal information.
• Information Officer: The appointed individual responsible for ensuring compliance with POPIA within an organization.
• Data Subject: The individual whose personal information is being processed.

3. Conditions for Lawful Processing of Personal Information

**POPIA** defines eight (8) conditions that any organization must follow to process personal information legally:

1. Accountability: The organization must ensure that the POPIA principles are followed.
2. Processing Limitation: Data must be collected lawfully and in a non-excessive manner.
3. Purpose Specification: Data must be collected for a specific, legitimate reason.
4. Further Processing Limitation: Further processing must align with the original purpose.
5. Information Quality: Data must be complete, accurate, and updated where necessary.
6. Openness: The data subject must be informed of the collection and purpose of data processing.
7. Security Safeguards: Adequate security measures must be in place to prevent unauthorized access or breaches.
8. Data Subject Participation: Individuals have the right to request access, correction, or deletion of their data.

4. Data Subject Rights Under POPIA

Every individual (data subject) is entitled to the following rights under **POPIA**:

• Right to be Notified: Data subjects must be informed when their data is collected or processed.
• Right to Access: Individuals can request access to their personal data held by an organization.
• Right to Correction: If any information is inaccurate, individuals can request corrections.
• Right to Deletion: Individuals may request the deletion of personal data in certain circumstances.
• Right to Object: Individuals can object to data processing for marketing or other specific reasons.
• Right to Data Portability: Personal data should be transferrable upon request.
• Right to Lodge Complaints: If an organization fails to comply, individuals can file complaints with the **Information Regulator**.

5. Data Processing and Security Measures

Our system follows **strict security protocols** to ensure that your data is protected against unauthorized access, leaks, or breaches. These include:

• **End-to-end encryption** for sensitive data transmission.
• **Regular security audits** and compliance checks.
• **Restricted access** to personal data (only authorized personnel can access your data).
• **Secure storage solutions** to prevent data loss.

6. Information Sharing and Third Parties

Your data is only shared with **authorized third parties** where necessary, and only under the following conditions:

• When required by **law**.
• When necessary for **service delivery** (e.g., payment processing, email notifications).
• With **explicit consent** from the data subject.

7. Data Retention and Deletion Policy

We **only retain your personal information for as long as necessary** to fulfill the purposes for which it was collected. Once no longer needed, the data is securely **deleted or anonymized**.

8. Consequences of Non-Compliance

Failure to comply with POPIA can result in the following penalties:

• Fines of up to **R10 million**.
• Prison sentences of up to **10 years** for serious offenses.
• Legal action from affected data subjects.

9. How to Contact Us

If you have any questions about our **POPIA compliance**, please contact us:

• Email: support@elimcircuit.vhembe.co.za
• Phone: +27 123 456 7890
• Physical Address: 123 Data Protection Avenue, Johannesburg, South Africa

10. Further Reading

For the full **Protection of Personal Information Act (POPIA)**, visit:

Protection of Personal Information Act 4 of 2013