Machete Creative 12 February, 2025 POPIA: What Now

POPIA: What Now

The deadline for POPIA compliance has come and gone, and if you’re like most South Africans, you’re probably sick and tired of hearing about it.

Machete Creative 12 February, 2025 POPIA: What NowDuring the end of June and the beginning of July, you’ll probably have received roughly 428 emails about POPIA, and if you do any email marketing yourself, you’ll hopefully also have sent some out and contributed to the deluge.

If you didn’t, you might be wondering:

  • Why were all those emails even necessary?
  • Where do I stand legally with regard to communicating with my clients?
  • Do I need an information officer? 
  • Do they need to be registered?
  • How do I register them?
  • Are there any steps I still need to take?

What We’ve Covered

We’ve spoken at length about POPIA, but if you need to refresh your memory:

What Does POPIA Mean for Marketers?

Here, we covered an overview of the Protection of Personal Information Act and what it means for businesses who are simply trying to generate and sustain interest in their products and their brands via various kinds of direct marketing. 

Building a POPIA-Compliant Database

Inspired by the question, “How are you supposed to get someone’s permission to send them something if you can’t legally send them something to ask them?” We covered the regulations regarding consent and how to build a compliant database.

Data Retention and Storage Best Practices

Here we covered how to store your data once you’ve received consent, as well as some general database best practices.

But What if You Have More Questions?

Though we’ve tried to be comprehensive, you may still have some questions regarding POPIA and just where you stand.

  • Why were all those emails even necessary?

Yes, and no. The POPIA regulations mean that marketers need to have consent before they are legally allowed to send marketing emails. As we covered in our blog on consent, part of consent means you need to:

“enable the data subject to consent to receive direct marketing for specified goods or services by specified methods of electronic communication.”

Many businesses were just covering all of their bases – making sure that everyone on their database had the chance to opt out. The alternative, and the consequences for being noncompliant are huge fines. So, better safe than sorry. 

  • Where do I stand legally with regard to communicating with my clients?

As long as you have their consent (and if you were part of the POPIA reconfirmation flurry, then you do), then you’re good to go!

Obviously, these regulations mainly apply to direct marketing.

If you need to communicate with your customers about a product or service that they’ve purchased from you, you are within your rights to do so.

  • Do I need an information officer? Do they need to be registered?

If you’re storing personal information, or your company does direct email marketing, then the answer to both these questions is yes! 

So how do you go about registering your information officer? Michalsons, a great resource for all POPIA information, has more about this here.

  • Are there any steps I still need to take?

None of what we’ve said above should be construed as legal advice. We are simply attempting to unpack the practical implications of the new legislation as we understand it. Your attorney will be able to give you legal advice if you feel you need to go into more detail.

We can also again recommend that you visit Michaelsons, who has plenty of information about POPIA, as well as Elizabeth de Stadler – a plain-language legal rockstar with better quips than Ellen Degeneres! If you thought personal privacy could not be entertaining, maybe you should check out her #complianoscopy article here.

Tags:
Ke Poyurs
No Comments

Post a Comment