The POPI Act was enacted in 2013, but has yet to be put into practice in South Africa.

Its impending implementation has sent many marketers into a frenzy as they want to ensure that their practices do not contradict the Act.

media update’s Aisling McCarthy takes you through a list of 15 terms that you’ll need to know in order to fully understand the POPI Act.

Here they are:

1. Biometrics
This is a form of personal identification using biological, physical, physiological and/or behavioural characteristics. Biometric information can include fingerprints, blood types, DNA analysis, voice recognition or retinal scanning.

2. Competent person
This refers to a person who can legally consent to decisions or actions regarding any matter that concerns a child under the age of 18 years.

3. Consent
This is a voluntary and informed expression of will where specific permission is given for the processing of personal information.

4. Data subject
A data subject is a person whose personal data is being collected, held or processed. Everyone becomes a data subject at some point; for example, when applying for a job, using their credit card or simply by browsing the Internet, they disclose some personal information.

5. De-identify
The act of deleting any information or data that could be used or manipulated to identify a person.

6. Direct marketing
Approaching someone in person, via mail or other electronic communication methods for the direct or indirect purpose of promoting or offering goods or services. This can also include asking people for donations for any sort of reason.

7. Electronic communication
The use of any text, image, voice or sound messaging that is sent via an electronic communications network.

8. Information matching programme
The manual or automatic comparison of any document that contains the personal information of 10 or more people.

9. Information officer
A public or private body, such as a company or governmental organisation.

10. Personal information
Information about a person that includes but is not limited to:
  • Race
  • Gender
  • Sex
  • Pregnancy
  • Marital status
  • National/ethnic/social origin
  • Colour
  • Sexual orientation
  • Age
  • Physical or mental health
  • Disability
  • Religion/beliefs/culture
  • Language
  • Educational/medical/financial/criminal or employment history

Further, any information including:
  • ID number
  • Email address
  • Physical address
  • Telephone number
  • Location
  • Biometric information
  • Personal opinions, views or preferences.
11. Processing
Any act of using, storing, organising or modifying personal information.

12. Re-identify
To resurrect any information that has been de-identified. This is information that either identifies the person the data belongs to or that can be manipulated in a way to identify them.

13. Responsible party
This can refer to a private or public body, single person or group of people who determine the purpose and means for processing personal information.

14. Restriction
To withhold personal information from circulation, use or publication, but to not delete or destroy it.

15. Unique identifier
The name or number – also known as an identifier – assigned to a particular data subject by a certain party responsible for processing personal information. Each responsible party has their own unique identifiers for data subjects.

Are there any other terms from the POPI Act that you’re unsure of? Let us know in the comments section below and we’ll be happy to explain them.

Want to stay up to date with the latest news? Subscribe to our newsletter.

The POPI Act was devised hot on the heels of the EU’s General Data Protection Regulation (GDPR). Find out more about What the GDPR means for South Africa.
*Image courtesy of Vecteezy