Businesses should embrace Popia as a ‘positive’
The Protection of Personal Information Act (Popia), which came into effect on 1 July, removes the administrative barriers that can hamper international business and positions SA as an appealing destination for foreign investment due to proper data regulations being in place.
In a Mail & Guardian analysis, this is the argument by Greg Chen, founder and chief executive of mobile marketing company Mobiz, in a Mail & Guardian analysis.
‘However, many businesses and marketers are still delaying the process of implementing the new legislation and are unsure of how to comply with the Act,’ Chen writes. ‘Although the Act introduces additional requirements that businesses must comply with, it should be viewed as a positive step for South Africa. The global shift is bringing clear alignment with direct marketing consent and data-protection policies. With the demise of third-party data sharing to protect consumers’ privacy, legislation such as Popia is becoming more relevant and necessary.’
He says because the Act’s scope is broad, there are specific conditions in the Act that deal with direct marketing communications, which many businesses struggle with when ensuring they remain compliant. Chen provides practical steps for businesses to take to ensure compliance with direct marketing.
- Establish a data rights procedure – If a business holds someone’s personal data on file, that person is a data subject whose rights must be respected in accordance with Popia. All data subjects have the right to access, correct or request to delete their personal data;
- Alternatively, recipients could already be existing customers if the company is marketing products or services that are similar to those offered when the company first acquired their personal details. With each new marketing e-mail sent, customers must have the option to unsubscribe; and
- Continuously update databases with customer preferences.