POPI Act Compliance
FIT2fund (Pty) LTD, as well as On A Cloud (Pty) LTD is committed to compliance with, and adheres to, the protection of personal information, as per the Protection of Personal Information (POPI) Act 4 of 2013.
The POPI Act requires us to:
- Sufficiently inform applicants (data subjects), hereafter referred to as “recipients”, the purpose for which we will process their personal information;
- Protect our information assets from threats, whether internal or external, deliberate or accidental, to ensure business continuation, minimize business damage, and maximize business opportunities.
This policy and compliance framework establishes measures and standards for the protection and lawful processing of pesonal information within our organisation and participating organisations and provides principles regarding the right of individuals to privacy and to reasonable safeguarding of their personal information.
The Information Officer is responsible for:
- Conducting a preliminary assessment;
- The development, implementation and monitoring of this policy and compliance framework;
- ensuring that this policy is supported by appropriate documentation;
- ensuring that documentation is relevant and kept up to date;
- ensuring this policy and subsequent updates are communicated to relevant managers, representatives, staff and associates, where applicable.
All employees, subsidiaries, business units, departments, associates, volunteers and other individuals directly associated with the projects at hand and with us are responsible for adhering to this policy and for reporting any security breaches or incidents to the Information Officer.
Any service organisation or provider that provides us with information technology services, including data storage facilities to our organisation must adhere to the requirements of the POPI Act to ensure adequate protection of personal information held by them on our behalf. Written confirmation to this effect must be obtained from relevant service providers.