POPIA Manual

1. Introduction

– Company Information: Conducive Group is committed to protecting the personal information of its customers, employees, and stakeholders in accordance with the Protection of Personal Information Act (POPIA).

 

2. Purpose and Scope

– Purpose: This manual outlines Conducive Group’s policies and procedures for complying with POPIA.

– Scope: This manual applies to all employees, contractors, and third-party service providers who process personal information on behalf of Conducive Group.

 

3. Key Principles

– Lawfulness: Process personal information lawfully and in good faith

– Minimality: Only collect and process personal information that is necessary

– Consent: Obtain consent from data subjects before processing their personal information

– Security: Implement reasonable technical and organizational measures to protect personal information

– Accountability: Ensure accountability for compliance with POPIA

 

4. Roles and Responsibilities

– Information Officer: Jeremy Joseph is responsible for ensuring POPIA compliance and working with the Information Regulator

– Employees: All employees are responsible for following POPIA policies and procedures

 

5. Data Subject Rights

– Access: Data subjects have the right to access their personal information

– Correction: Data subjects have the right to correct their personal information

– Deletion: Data subjects have the right to request deletion of their personal information

 

6. Data Breach Response

– Response Plan: Conducive Group has a data breach response plan in place to respond to potential data breaches

 

7. Training and Awareness

– Training: Conducive Group will provide training to employees on POPIA compliance

– Awareness: Conducive Group will promote awareness of POPIA compliance among employees and stakeholders

 

8. Review and Update

– Regular Review: This manual will be reviewed and updated regularly to ensure compliance with POPIA.