Is your website POPI compliant?
The POPI ACT and the General Data Protection Regulation have a significant impact on websites and other digital platforms (social media and email marketing). Businesses have until 1 July 2021 to make their websites compliant including eccommerce activities. All businesses are affected if your website collects data. Online privacy covers how personal data is used and extracted when users visit a website. Information shared in analytics, contact forms including email marketing are collected with personal information. Your website must obtain consent from visitors to collect personal information. Without consent you cannot share any client information.
Websites must disclose the following information:
• If they are collecting personal data (the registration page or forms, IP addresses, a checkout page and other analytics)
• Visitors must know how and where they store personal data
• Visitors can request copies of their personal information
• Visitors may request to erase their personal details
• Businesses must report problems within 72 hours
The latest software version has built-in privacy and compliance features as part of its core and ensure a higher level of compliance. This includes consent, erase data, export features and a policy generator.
Yearly SSL Certificate
An SSL certificate is a file installed on a website's origin server. It's simply a data file containing the public key and the identity of the website owner, along with other information. Without an SSL certificate, a website's traffic can't be encrypted with TLS.
Visitors should be made aware that your site will collect their personal information when they complete any contact or registration forms.
Inform visitors that your website collects cookies.
Companies must inform website users about any policy updates or data breaches via email.
Google Analytics and Google Adwords need to be managed correctly before storage and processing. Plugins are available (automatically connect Google Analytics to your website and they can make data anonymisation easy).
Online payments may be collecting personal data before passing it onto the payment gateway. You are required to remove any personal information after a reasonable period.
Please note that this checklist should in no way to be construed as a substitute for seeking legal advice to ensure that your business is fully compliant with the requirements of POPIA.
Register on the below button to track all your website cookies.