We also need to understand some key terms and definitions which will be referred throughout the course and within the Act itself. The fill Act can be found here: Protection of Personal Information Act, 2013.
Table 2: Definition Table
Term or Definition
means any equipment capable of operating automatically in response to instructions given for the purpose of processing information
means a technique of personal identification that is based on:
· physiological or behavioural characterisation including:
o blood typing,
o DNA analysis,
o retinal scanning and
o voice recognition
means a natural person under the age of 18 years who is not
legally competent, without the assistance of a competent person, to take any action or decision in respect of any matter concerning him or herself;
Code of conduct
A code of conduct or code of ethics is a collection of norms, rules and regulations that include what is and is not acceptable or expected behaviour in which members must adhere. It is binding on their members and self-regulation in the public interest. Examples of this would be per industry sector i.e. The Institute of Management Consultants South Africa or The South African Institute of Chartered Accountants (SAICA)
The person(s) to whom personal information relates.
In relation to personal information of a data subject, means
to delete any information that:
· identifies the data subject;
· can be used or manipulated by a reasonably foreseeable method to identify the data subject; or
· can be linked by a reasonably foreseeable method to other information that is identifies the data subject,
· and ‘‘de-identified’’ has a corresponding meaning.
Means to approach a data subject, either in person or
by mail or electronic communication, for the direct or indirect purpose of—
· promoting or offering to supply, in the ordinary course of business, any goods or services to the data subject; or
· requesting the data subject to make a donation of any kind for any reason.
· sound or
· message sent over an electronic communications network which is stored in the network or in the recipient’s terminal equipment until it is collected by the recipient
means any structured set of personal information,
whether centralised, decentralised or dispersed on a functional or geographical basis, which is accessible according to specific criteria
An operator is a person who processes personal information for or on behalf of a responsible party in terms of a contract or mandate, without coming under the direct authority of that party.
means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to:
· information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
· information relating to the education or the medical, financial, criminal or employment history of the person;
· any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
· the biometric information of the person;
· the personal opinions, views or preferences of the person;
· correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
· the views or opinions of another individual about the person; and
· the name of the person if it appears with other personal information
· relating to the person or if the disclosure of the name itself would reveal information about the person;
means any operation or activity or any set of operations,
whether or not by automatic means, concerning personal information, including:
· the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;
· dissemination by means of transmission, distribution or making available in any other form; or
· merging, linking, as well as restriction, degradation, erasure or destruction of information;
Promotion of Access to Information Act (PAIA)
Means the Promotion of
Access to Information Act, 2000 (Act No. 2 of 2000). Is South Africa’s access to information law and it enables people to gain access to information held by both public and private bodies.
means a record that is accessible in the public domain
and which is in the possession of or under the control of a public body, whether or not it was created by that public body
Record means any information that is recorded in any format that is in the possession or under control of a responsible party, regardless of who made the record and when the record came into existence. Records may include:
· writing on any material
· book, map, plan, graph or drawing
· information produced,
· recorded or stored by means of any tape-recorder
· computer equipment,
· whether hardware or software or both, or other devices.
The body responsible to enforce compliance to the POPI regulations
in relation to personal information of a data subject,
means to resurrect any information that has been de-identified, that identifies the data subject;
can be used or manipulated by a reasonably foreseeable method to identify the data subject; or
can be linked by a reasonably foreseeable method to other information that identifies the data subject
A private or public body or any other person, which alone, or in conjunction with others, determines why and how to process and the purpose of and means for processing personal information
A responsible party in the Republic may not transfer personal information about a data subject to a third party who is in a foreign country unless certain conditions are met.
means any identifier that is assigned to a data subject and is used by a responsible party for the purposes of the operations of that responsible party and that uniquely identifies that data subject in relation to that responsible party