Identity theft, a hacked bank account and privacy violations - if your or your customers' personal information isn't handled correctly, the consequences can be dire.
As an affiliate advertiser, it’s important to be well acquainted with the legislation and best practices involved regarding the handling of personal information in South Africa.
The purpose of this article is to introduce and familiarise you with POPI and the DMASA Code of Ethics and Best Practice. It offers a broad overview and does not serve as legal advice.
POPI (also known as POPIA) stands for the Protection of Personal Information Act. It’s a legislation that was created to protect personal information. This legislation sets conditions for the lawful processing of personal information. It also regulates the manner in which personal information is processed.
If you collect, store, use or process personal information, you must comply with the POPI act. The marketing industry is one of several industries that will be most affected by POPI.
The act was signed into law in November 2013. The commencement date still needs to be confirmed, but it’s estimated to be between the first week of April 2018 and 1 December 2018. Once the enforcement date has been announced by the President of South Africa, a 12 month transition period will be given to ensure that all relevant parties are ready to comply.
It’s compulsory for every company to appoint an Information Officer. If an Information Officer hasn’t been appointed, the CEO will carry the responsibility.
There are eight conditions present in the POPI Act that guides the lawful processing of personal information. We’ve described each condition broadly below:
If an individual’s information has been compromised, they may lodge a complaint with the Information Regulator. The Information Regulator can hold guilty parties accountable for non-compliance. This can result in a hefty fine or imprisonment.
The Direct Marketing Association of SA (DMASA) is an independent body set up and paid for by companies in the direct marketing industry. The DMASA Code of Ethics and Best Practice lists the criteria for professional conduct. It covers the overarching ethical principles of marketing and universal marketing practices. It’s also fully compliant with all laws related to the industry.
It is not compulsory to join the DMASA and applying its regulations is voluntary. However, the DMASA believes that the voluntary application of the professional regulations can “ensure the elimination of dubious practices more speedily and less costly than government legislation.” It also sets out to maintain the standard of good and honest business practices.
When joining the DMASA, companies sign an acknowledgement of compliance, after which they are responsible for observing the Code. If the DMASA receives a consumer complaint in the event of a violation of the Code, the DMASA will contact the organisation in question to pursue international mediation procedures or further steps.
You can download a copy of the DMASA Code of Ethics and Best Practice here for more information.