Blog

Data Protection, Privacy and POPIA

Data Protection, Privacy and POPIA

Data is the fuel of our business. It is in our mutual interest that we ensure a secure and safe environment for data shared by our participants, as well as for intellectual property shared by our clients. With the compliance deadline for South Africa’s Protection of Personal Information Act (POPIA) set for 1 July, I hope this article reassures you of our approach to data protection and privacy at InSites Consulting South Africa.

We take security seriously, and we are aware that safe data processing is crucial for your business. We follow industry standards (ISO27001) and international regulations (GDPR, CCPA, CSL, POPIA), and we have a dedicated data security team assessing and improving our standards continually.

Data is our fuel, and as such we strive to act as an example of how to handle it with care.

Aligning POPIA with GDPR

Since 28 May 2018, InSites Consulting has been compliant with the General Data Protection Regulations (GDPR). Having compared POPIA to GDPR, we are confident that POPIA does not add new requirements to our Information Security Management System or our Customer Relationship Management (CRM) and marketing processes.

To clarify our key obligations:

  • We follow all the relevant data protection legislations to all individuals, irrespective of location;
  • We have a Data Protection Officer based in Belgium who is officially registered with supervisory authorities in the EU;
  • We separate direct and indirect Personally Identifiable Information (PII) when processing data for research;
  • We have a Data Processing Agreement in place, and we follow all controller and processor regulations;
  • We always notify data subjects of any risk of breach within 72 hours (to date we have never had to report a breach to a supervisory authority);
  • We ensure that data subjects worldwide benefit from all rights mentioned in the GDPR, which supersedes the demands of the POPIA.

 

Responsible marketing

We currently store and process data in Microsoft Dynamics 365 CRM, and follow guidance from the GDPR and POPIA in this. We will only use your data to carry out our services, unless:

  1. There is a legitimate interest in contacting you, such as an issue of business (dis)continuity;
  2. You have given prior consent to receive marketing communications.

If you have given consent for us to store and process your data for marketing, you will receive our monthly newsletter, which features our latest inspirational content. You can revoke your consent from such communications at any time.

If you have any questions relating to this article, please get in touch.

Get on top of it.

Looking for the latest marketing (research) news and trends to shape the future of your brand?

You might also be interested in

InSites Consulting expands European footprint with the acquisition of Happy Thinking People

InSites Consulting expands European footprint with the acquisition of Happy Thinking People

Written by Anke Moerdyck

Strengthening our European footprint, we’re excited to announce our latest acquisition in the region with Happy Thinking People, headquartered in Munich and spanning Germany, Switzerland, and France. Happy Thinking People was founded in 1989 as a qualitative boutique, and today an international market research and innovation consultancy, ranking #1 on Innovation and Creativity in Germany (Marktforschung.de 2021).

Insight Activation - People on power box

The 4 C’s of Insight Activation

Written by Lisa McFarland / Tom De Ruyck

Discover how you can activate internal stakeholders, turning insights into action and business impact. Understand the activation spectrum.

Insight Activation - Rocket shooting up

Insight Activation – what it is and what it isn’t

Written by Lisa McFarland / Tom De Ruyck

Consumer research leads to interesting results and powerful insights. But how do you encourage stakeholders to act upon them? Discover what insight activation is all about.