CIfA Newsflash 17/2021 | CIfA POPIA Compliance

Notice to CIfA Members/Contacts on our database

POPIA Compliance

The POPI Act became effective on 1 July 2021. In light of this, we would like to give you the opportunity to unsubscribe should you no longer wish to receive communications from the Cape Institute for Architecture (CIfA).

If you are happy to be kept on the mailing list and consent to the CIfA processing your personal information, no action is required. By staying opted in, you will continue to receive our newsflashes, event invitations and communications about the activities of the Institute. We will keep your information confidential and ensure secure storage of it.

If you wish to unsubscribe, please reply to this email with the word ‘Unsubscribe’.

What is POPIA?

POPIA was enacted in November 2013 to enhance the Constitutional right to privacy that we all enjoy and to ensure the safeguarding of personal information processed by public and private bodies. It sets out eight conditions which are the requirements for the processing of personal information. Key sections of POPIA came into force on 1 July 2020, and responsible parties (such as PPS) that process personal information of natural and juristic persons (data subjects) had until 1 July 2021 to ensure full compliance. As a responsible party, the Institute is entrusted with the personal information of members/stakeholders and we are therefore obligated to process this information in line with the law.

What is defined as personal information?

Personal information is information relating to an identifiable, living, natural person or existing juristic person, that relates to, among others, the race, gender, sex, marital status, sexual orientation, age, physical, mental, spiritual, economic, cultural or social identity; their health, educational or financial history; as well as identifying numbers and addresses including biometric information belonging to either an identifiable living natural person or an existing juristic person.

The eight conditions for lawful processing of personal information

  1. Accountability: the Institute must be accountable for the personal information it processes or holds in its possession.
  2. Processing limitation: Personal information must be processed in a lawful and reasonable manner. The purpose for processing the information must be lawful, adequate, relevant and not excessive.
  3. Purpose specification: The purpose for processing personal information must be specific, explicitly defined and lawful.
  4. Further processing limitation: The reason for processing personal information further must be compatible with the original purpose of collection.
  5. Information quality: We are required to take practicable steps to ensure that the personal information we process is complete, accurate, not misleading and updated.
  6. Openness: Personal information must be processed in a way that allows the data subject to know what is happening to their personal information.
  7. Security Safeguards: We must ensure that there are sufficient security safeguards in place to secure the integrity and confidentiality of the personal information in our possession.
  8. Data subject participation: Data subjects have a right to access their personal information and to correct and update their personal information.

Which measures are in place by PPS to comply with POPIA?

Your privacy is very important to the Institute and we will use reasonable efforts to ensure that any personal information provided by you, or which is collected from you or a third party is kept secure and confidential.

If you have any questions please contact our Information Officer:

Soraya Rakiep: