Linkedin
Get a Quote

POPIA Policy

Dynamic African Projects — POPIA Compliance Policy

Dynamic African Projects
POPIA Compliance Policy

Effective date:

1. Purpose

This policy sets out how Dynamic African Projects ("the Company") collects, uses, stores, discloses and protects personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (POPIA).

2. Scope

This policy applies to:

  • All employees, contractors, temporary staff and representatives of Dynamic African Projects.
  • All personal information processed by the Company, in electronic or paper format.
  • All data subjects including employees, clients, suppliers, contractors and service providers.

3. Definitions

(Key terms used in this policy)

  • Personal Information — information relating to an identifiable, living, natural person or an identifiable, existing juristic person.
  • Data Subject — the person to whom the personal information relates.
  • Responsible Party — Dynamic African Projects, which determines the purpose and means of processing personal information.
  • Processing — any operation or activity relating to personal information (collection, recording, storing, updating, retrieval, dissemination, destruction, etc.).

4. POPIA Principles

Dynamic African Projects commits to the following POPIA principles when processing personal information:

  1. Accountability — we take responsibility for lawful processing.
  2. Processing limitation — we only process personal information where lawful and adequate.
  3. Purpose specification — data will be collected for specific, explicit and legitimate purposes.
  4. Further processing limitation — any additional processing will be compatible with original purpose.
  5. Information quality — we take reasonable steps to ensure information is accurate and up to date.
  6. Openness — data subjects will be informed about how we process their personal information.
  7. Security safeguards — appropriate technical and organisational measures will be implemented.
  8. Data subject participation — individuals have rights to access, correct and request deletion of their personal information where applicable.

5. Collection of Personal Information

The Company collects personal information directly from data subjects and where lawful from third parties. Typical categories include (but are not limited to):

  • Employees: names, contact details, identity numbers, tax details, banking details, qualifications and employment records.
  • Clients: names, contact details, billing and project information and correspondence records.
  • Suppliers/Contractors: company registration details, contact details, banking and contractual information.

6. Use of Personal Information

Personal information is used only for the purposes for which it was collected, including:

  • Employment administration and HR management;
  • Delivery of services and project administration;
  • Supplier and contractor management and payment processing;
  • Legal, regulatory and tax compliance;
  • Security, internal investigations and dispute resolution.

7. Storage & Security

We store personal information on secure systems and in locked physical storage where needed. Security measures include:

  • Role-based access controls and authentication for IT systems;
  • Network protections such as firewalls and update/patch management;
  • Encryption of personal information where appropriate (at rest and in transit) and secure backups;
  • Physical security for paper records and devices;
  • Periodic security awareness training for staff.

8. Sharing Personal Information

Personal information will not be shared with third parties unless:

  • The data subject has consented;
  • It is required by law or a regulator;
  • It is necessary for the performance of a contract (e.g., payroll processors, banks, auditors, service providers) and contractual safeguards are in place.

9. Retention & Destruction

We retain personal information only as long as necessary for the purpose it was collected or as required by law. When information is no longer required, it will be securely disposed of or anonymised.

10. Rights of Data Subjects

Data subjects have the right to:

  • Request access to their personal information held by the Company;
  • Request correction of inaccurate, incomplete or outdated information;
  • Request deletion or destruction of personal information where legally permissible;
  • Object to or restrict processing where applicable.

Requests should be made in writing to the Information Officer (see contact details below). The Company may require proof of identity and will respond within the timeframes required by POPIA.

11. Information Officer

The Company has appointed an Information Officer responsible for overseeing POPIA compliance:

Name: [Insert Information Officer name]
Email: info@dynamicafricanprojects.co.za
Tel: [Insert contact number]

12. Data Breach Notification

In the event of a data breach, the Company will:

  1. Contain and investigate the breach promptly;
  2. Notify the Information Regulator where required by POPIA;
  3. Notify affected data subjects if the breach places them at risk of harm;
  4. Implement remedial actions to prevent recurrence.

13. Training & Awareness

The Company will provide regular POPIA and information security awareness training to employees, contractors and relevant third parties.

14. Policy Review

This policy will be reviewed at least annually or whenever legislative or business changes require an earlier review.
Last reviewed:

Dynamic African Projects — Registered office: [Insert registered address]. For queries about this policy please contact the Information Officer.

We design, manufacture and install a range of modular and prefabricated building systems to solve all remote camp infrastructure needs across Sub-Saharan Africa

Navigation

Building Systems

Find Us

Denel Business Park
Nellmapius Drive
Irene, Centurion

Linkedin
All rights Reserved | DAP
Back To Top