Compliance | Data privacy | Data Protection | POPI Act | POPIA

POPIA deadline looming and regulations about to take effect

“I own a local store making custom items for our clients. Because of the nature of some of the client requests I have to use other suppliers and have to share basic information about my clients with them. I am aware of POPIA and I understand that we need to comply including to new regulations that I understand have been issued. My question is to what extent and by when will I need to meet all these requirements?”

You are correct in assuming that you will need to comply with the Protection of Personal Information Act (POPIA) if you obtain and use personal information of your clients, including also ensuring that third parties that you pass such information on to, also comply.

POPIA took effect on 01 July 2020, with other provisions coming into force on 30 June 2021. Businesses have been provided with a one-year grace period, until 01 July 2021, to become POPIA compliant or face the consequences set out in the Act. Additionally, regulations may also be published in relation to POPIA from time to time and these regulations will provide additional rules and requirements which businesses may need to comply with. POPIA compliance is therefore not a once-off thing but a process that will need to be regularly reviewed to ensure compliance.

It is important to take note of the fact that regulations may also be published in relation to POPIA from time to time. These serve to provide further arrangements, rules, processes and context in relation to the Act. Recently, the Information Regulator announced the imminent commencement of certain regulations in terms of POPIA, relating to the protection of personal information.

With effect from 1 March 2021, the provisions of the regulations in relation to the application for issuing a code of conduct became effective. This allows private or public bodies that are sufficiently representative of various entities in an industry, to apply for a code of conduct to be considered for that specific industry.

With effect from 01 May 2021, the regulations in relation to the responsibilities of information officers will take effect. This is significant for businesses, since every entity that must comply with POPIA must have an information officer – the person responsible within the business for POPIA compliance, privacy and data governance. These regulations supplement the responsibilities set out in POPIA and emphasize the obligation to develop a compliant PAIA manual, as well as internal processes and procedures to advance data subject participation and internal POPIA training.

With the deadline for attaining POPIA compliance approaching fast and potentially further regulations and requirements being imminent, it is vital that compliance be prioritized given the hefty consequences for a failure to be compliant.

It is difficult to exactly state what areas of compliance you would need to have in place, but it would be highly advisable to enlist the help of your attorney or POPIA specialist to help you and review what you have in place and what would still need to be done before the Act and regulations take full effect.

April 16, 2021

Protecting creators in the digital era – Copyright amendments

by VDT Attorneys | Feb 25, 2026 | Constitutional Court, Copyright, Copyright Amendments, Copyright protection for creators, Copyright protections for users with disabilities, Intellectual Property

Nearly 5 decades after its original enactment, South Africa’s copyright regime is undergoing one of the most significant reforms in its history. The Copyright Amendment Bill [B13F-2017] introduces modern protections to secure the financial and digital interests of authors and performers, thereby strengthening their economic rights in an increasingly digital world. While parts of the Bill remain under constitutional review, a landmark 2025 court ruling has already enforced critical protections for users with disabilities. This article breaks down the primary measures intended to safeguard South African creativity.

The importance of due diligence in M&A

by VDT Attorneys | Feb 11, 2026 | Corporate governance, Due diligence, M&A, Mergers & Acquisitions

The excitement of a merger or acquisition often sits in the “big picture” strategy, but the success of the deal lives or dies in the details. Due diligence is not a box-ticking exercise. It is the point at which assumptions are tested, risks are priced, and uncomfortable questions are asked. This article explores why looking before you leap, by conducting a thorough due diligence, is the golden rule of mergers & acquisitions (“M&A”) transactions.

Customary marriages stand equal

by VDT Attorneys | Feb 4, 2026 | Antenuptial contract, Customary Marriages, Equal constitutional status of customary marriages

In a landmark judgment delivered on 21 January 2026, the Constitutional Court pronounced welcomed clarity on the interplay between customary marriages, civil marriages, and antenuptial contracts (“ANC”). The Court, by majority decision in VVC v JRM and Others (CCT202/24) [2026] ZACC 2 (21 January 2026) , declined to confirm a High Court order that had declared section 10(2) of the Recognition of Customary Marriages Act 120 of 1998 (“the Recognition Act”) unconstitutional. The majority decision powerfully reaffirmed the equal constitutional status of customary marriages and established that spouses cannot unilaterally alter their matrimonial property regime without judicial oversight.

POPIA deadline looming and regulations about to take effect

Protecting creators in the digital era – Copyright amendments

The importance of due diligence in M&A

Customary marriages stand equal

Sign up to our newsletter

Success!

Main Office

Newsletter

Success!

Careers

Corporate

Pin It on Pinterest