HomeLegal Glossary › POPIA — Protection of Personal Information Act
Administrative Law

POPIA — Protection of Personal Information Act

POPIA protects your personal information from being collected, stored, or used without your knowledge and consent. It gives you the right to know what information is held about you and to correct it.

Legal Definition

The Protection of Personal Information Act 4 of 2013 regulates the processing of personal information. Eight conditions of lawful processing: accountability, processing limitation, purpose specification, further processing limitation, information quality, openness, security safeguards, and data subject participation.

📖 Constitutional / Statutory Basis: Section 14 (right to privacy), Constitution of the Republic of South Africa, 1996; POPIA 4 of 2013

Practical Example

A telemarketer contacts you using your information obtained without consent. You can lodge a complaint with the Information Regulator, which can impose fines of up to R10 million on the offender.

Frequently Asked Questions

Who enforces POPIA?
The Information Regulator of South Africa — an independent body that investigates complaints, issues enforcement notices, and can impose administrative fines.
Do I have a right to delete my data under POPIA?
Yes. You can request that your information be corrected or deleted if it is inaccurate, irrelevant, or processed unlawfully.
Does POPIA apply to small businesses?
Yes. Any person or entity that processes personal information of South African data subjects must comply with POPIA, regardless of size.

Related Terms

PAIA — Promotion of Access to Information Act Constitutional Right Administrative Justice

Know the law. Know what to say.

Get the free South African rights checklist — 10 real scenarios, exact words to use, constitutional references. No card needed.