Welcome to the Protection of Personal Information Act (often called the POPI Act or POPIA) in the form of a website so everyone can access it quickly on all devices. It is so much better than a POPI Act pdf. You can also link to (or share) a specific section. We hope it empowers you and you find it helpful. This is POPIA (or the POPI Act) as enacted by the South African Parliament, but we have reformatted it in the form of a website. The English text was signed by the President. We have shortened the names of some chapters in the navigation on the left to make it easier for you to navigate. We disclaim all liability. You can read a summary of POPIA, attend a POPI workshop, read POPIA judgment summaries, get a POPIA compliance framework or join a programme to help you take the necessary action to comply. Please note that we are not the Information Regulator who regulates POPIA. You can visit their website or email them.
It was 1 July 2020 and the one-year grace period to comply ended on 30 June 2021. Parliament assented to POPIA on 19 November 2013. The commencement date of section 1, Part A of Chapter 5, section 112 and section 113 was 11 April 2014. The commencement date of the other sections was 1 July 2020 (with the exception of section 110 and 114(4). The President of South Africa has proclaimed the POPI commencement date to be 1 July 2020.
POPIA regulations Application and commencement Unique to South Africa Access to information Actions to take first Big data Breach notification Children Code of conduct Consent Contract Cookies Data subject rights Direct marketing Information officer Information regulator Managing operator relationships Mapping activities Media Obligations Operator Opt out Personal Information Policies POPI Act POPIA Purpose Quick wins Reasonably practicable Records management Records of processing activities Research Responsible party Right to be forgotten Risks of non-compliance Securing information The conditions