-
Quick Access
-
POPIA
-
-
-
- Section 26 Prohibition on processing of special personal information
- Section 27 General authorisation concerning special personal information
- Section 28 Authorisation concerning data subject’s religious or philosophical beliefs
- Section 29 Authorisation concerning data subject’s race or ethnic origin
- Section 30 Authorisation concerning data subject’s trade union membership
- Section 31 Authorisation concerning data subject’s political persuasion
- Section 32 Authorisation concerning data subject’s health or sex life
- Section 33 Authorisation concerning data subject’s criminal behaviour or biometric information
-
-
-
- Section 39 Establishment of Information Regulator
- Section 40 Powers, duties and functions of Regulator
- Section 41 Appointment, term of office and removal of members of Regulator
- Section 42 Vacancies
- Section 43 Powers, duties and functions of Chairperson and other members
- Section 44 Regulator to have regard to certain matters
- Section 45 Conflict of interest
- Section 46 Remuneration, allowances, benefits and privileges of members
- Section 47 Staff
- Section 48 Powers, duties and functions of chief executive officer
- Section 49 Committees of Regulator
- Section 50 Establishment of Enforcement Committee
- Section 51 Meetings of Regulator
- Section 52 Funds
- Section 53 Protection of Regulator
- Section 54 Duty of confidentiality
- Show all articles ( 1 ) Collapse Articles
-
-
- Section 60 Issuing of codes of conduct
- Section 61 Process for issuing codes of conduct
- Section 62 Notification, availability and commencement of code of conduct
- Section 63 Procedure for dealing with complaints
- Section 64 Amendment and revocation of codes of conduct
- Section 65 Guidelines about codes of conduct
- Section 66 Register of approved codes of conduct
- Section 67 Review of operation of approved code of conduct
- Section 68 Effect of failure to comply with code of conduct
-
- Section 73 Interference with protection of personal information of data subject
- Section 74 Complaints
- Section 75 Mode of complaints to Regulator
- Section 76 Action on receipt of complaint
- Section 77 Regulator may decide to take no action on complaint
- Section 78 Referral of complaint to regulatory body
- Section 79 Pre-investigation proceedings of Regulator
- Section 80 Settlement of complaints
- Section 81 Investigation proceedings of Regulator
- Section 82 Issue of warrants
- Section 83 Requirements for issuing of warrant
- Section 84 Execution of warrants
- Section 85 Matters exempt from search and seizure
- Section 86 Communication between legal adviser and client exempt
- Section 87 Objection to search and seizure
- Section 88 Return of warrants
- Section 89 Assessment
- Section 90 Information notice
- Section 91 Parties to be informed of result of assessment
- Section 92 Matters referred to Enforcement Committee
- Section 93 Functions of Enforcement Committee
- Section 94 Parties to be informed of developments during and result of investigation
- Section 95 Enforcement notice
- Section 96 Cancellation of enforcement notice
- Section 97 Right of appeal
- Section 98 Consideration of appeal
- Section 99 Civil remedies
- Show all articles ( 12 ) Collapse Articles
-
- Section 100 Obstruction of Regulator
- Section 101 Breach of confidentiality
- Section 102 Obstruction of execution of warrant
- Section 103 Failure to comply with enforcement or information notices
- Section 104 Offences by witnesses
- Section 105 Unlawful acts by responsible party in connection with account number
- Section 106 Unlawful acts by third parties in connection with account number
- Section 107 Penalties
- Section 108 Magistrate’s Court jurisdiction to impose penalties
- Section 109 Administrative fines
-
PAIA
-
Print
Section 72 Transfers of personal information outside Republic
- A responsible party in the Republic may not transfer personal information about a data subject to a third party who is in a foreign country unless—
- the third party who is the recipient of the information is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection that—
- effectively upholds principles for reasonable processing of the information that are substantially similar to the conditions for the lawful processing of personal information relating to a data subject who is a natural person and, where applicable, a juristic person; and
- includes provisions, that are substantially similar to this section, relating to the further transfer of personal information from the recipient to third parties who are in a foreign country;
- the data subject consents to the transfer;
- the transfer is necessary for the performance of a contract between the data subject and the responsible party, or for the implementation of pre-contractual measures taken in response to the data subject’s request;
- the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the responsible party and a third party; or
- the transfer is for the benefit of the data subject, and—
- it is not reasonably practicable to obtain the consent of the data subject to that transfer; and
- if it were reasonably practicable to obtain such consent, the data subject would be likely to give it.
- the third party who is the recipient of the information is subject to a law, binding corporate rules or binding agreement which provide an adequate level of protection that—
- For the purpose of this section—
- ‘‘binding corporate rules’’ means personal information processing policies, within a group of undertakings, which are adhered to by a responsible party or operator within that group of undertakings when transferring personal information to a responsible party or operator within that same group of undertakings in a foreign country; and
- ‘‘group of undertakings’’ means a controlling undertaking and its controlled undertakings.
Please follow and like us:
