POPI Act – the countdown timer has started

The final Protection of Personal Information Act (POPIA) came into effect on 1 July 2020 and the countdown timer now counts down to 1 July 2021 for full compliance.

POPI Act – the countdown timer has started

According to Ahmore Burger-Smidt, Head of the Data Privacy Practice at Werksmans, dealers should ensure compliance with the Act sooner rather than later, since the act allows for significant penalties for companies found to be in breach of the law. These include fines up to R10 million and imprisonment.

Ahmore explains that the Act places a positive obligation on dealers to ensure that the comply with the Act when handling personal information. This becomes critical when one considers the volume of information from employees, clients and service providers that pass through a dealership on a regular basis.

The Act requires, among other things, that each business appoint a designated Information Officer, that all personal information is processed in a lawful manner and that the business receives consent (or has another legal ground) from both clients and personnel to handle their personal information.

It is important that companies provide training to all personnel who will handle personal information and put procedures in place to ensure that their processing of both personal information as well as ‘special personal information’ is lawful.

According to Ahmore, the current COVID-19 pandemic has placed the risks related to personal information under the POPI Act in sharp focus.

“Since the start of the lockdown, the number of cybercrimes has increased significantly. Criminals are using hacking, phishing attacks, malware, and ransomware to obtain personal information using COVID-19 as bait, further exposing companies who are storing this personal information.”

She points to the additional burden on companies to process their visitor logs – which constitute personal information under the POPI Act – in a legally responsible manner during lockdown. The visitor logs form part of the government’s contact tracing procedure, but the onus remains on the dealer to store these logs securely, use the information solely for contact tracing and reporting purposes and to de-identify the information in due course.

More Industry News stories

Renault protects share price in light of Nissan woes

Renault protects share price in light of Nissan woes

Renault Group says it will change the way it accounts for its stake in its alliance partner for 20 years, Nissan, after earlier reports that the French automaker’s share price could take a hit.

  • 4 July 2025
Absa, NADA sign formal partnership agreement

Absa, NADA sign formal partnership agreement

Absa has taken another step towards becoming the bank of the auto industry by signing a formal collaboration agreement with the National Automobile Dealers’ Association (NADA).

  • 4 July 2025