The Protection of Personal Information Act (POPIA) comes into force from 1st July 2021. All the organisations that handle personal information whether for their own purposes or on behalf of another business have to comply with certain requirements. Below are some of the steps that Zoho, provider of ManageEngine services, has taken towards compliance with POPIA.
When Zoho collects or uses information for its own purposes:
♢ Registration with Information Regulator: We have appointed an Information Officer as required by the POPIA and we will register the Information Officer with the Regulator as soon as the registration portal opens. Our Information Officer can be reached at informationofficer@zohocorp.com.
♢ Privacy Policy for South Africa: We have published a Privacy Policy especially for our customers and data subjects from South Africa. It is based on our General Privacy Policy with minor modifications to comply with the POPIA.
♢ Honoring data subject rights: The POPIA also provides data subjects with certain essential rights such as the right to access their data, right to correct inaccuracies and right to deletion. We are proud to say that more than two years back we made a commitment to extend the rights available to data subjects under GDPR to every person about whom we have personal information irrespective of the country to which the person belongs.
If you use Zoho to process personal information of your data subjects: If you are a business based in South Africa that uses one or more of ManageEngine services provided by Zoho products and in the process, you provide Zoho Corp with Personal Information of your customers, prospects, employees etc., Zoho Corp is ready to help you stay compliant with the POPIA.
♢ Ready-to-sign POPIA operator agreement: We understand that as a responsible party (as defined in the POPIA), you are required to sign appropriate agreements for the protection of data that you provide to us. We are ready to sign POPIA operator agreement with you. You can request for a copy of our POPIA operator agreement by sending an email to legal@zohocorp.com.
♢ Assistance for compliance: In order to make POPIA compliance easier for our customers, we have implemented appropriate technical and organisational measures to enable you to comply with data subject requests yourself by using the service. We have also implemented appropriate security measures to protect the information we process on your behalf.
If you have any additional questions about compliance at Zoho Corp, click here to learn more or send an email to privacy@zohocorp.com. Learn more on how Zoho Corp’s ISO 27701 (PIMS) certification maps with the requirements of the POPIA.