The Protection of Personal Information Act (POPIA)
At the time when the Protection of Personal Information Act was being finalized in 2013, early versions of the GDPR were already in circulation. This resulted in the early adoption of a world-class regulation for South Africa, borrowing many concepts from the GDPR including Consent, Data Subject Rights and Documentation of Processing. However, there are some key differences to consider for POPIA, including an emphasis on data retention periods and technological measures to limit loss, damage and access to data.
Trunomi is purpose-built to fully address POPIA. From Consent & Permissions and DSRs Automation, through to Data Retention Management – for any organisation, any size.

POPIA Compliance with Trunomi
Comprehensive or modular solution – all from Trunomi’s Platform
Lawful Purpose of Processing
All personal information may now only be processed if there is a lawful purpose of processing.
With Trunomi, append a lawful purpose to all data processing – past and future – for evidential and usage purposes. Learn more >
Consent
Under POPIA, consent must be voluntary, specific, informed and time-bound.
Adhere to the highest standards of consent capture with Trunomi. Learn more >
Data Subject Rights (DSRs)
POPIA gives individuals specific rights to their personal data, including the right to correct or delete.
Facilitate DSRs and automate fulfilment end-to-end with Trunomi. Learn more >
Retention of Records
Retain personal data for no longer than is necessary for the purpose under which it was obtained.
Trunomi automates the creation of data retention periods for any data processed, based on rules defined by you. Automate data retention management end-to-end and evidence all activities downstream. Learn more >
Children
The high-standards of consent under POPIA include additional conditions for children.
Adhere to the highest standards of consent capture with Trunomi and, with our rules-based platform, create workflows for age-related consent. Learn more >
Documentation of Processing
Responsible parties and operators must maintain accurate documentation of processing activities that include the purpose of processing, categories of data, recipients of the data and more.
Automate contextual records of processing during actual data events, anywhere across your organization. Learn more >
Privacy Communication
Responsible parties and operators must inform data subjects of any processing in a concise, transparent, intelligible and easily accessible format.
Easily build ‘My Data’ Portals and preference centers for customers and maintain accurate records of processing to inform your Privacy Policies with Trunomi. Learn more >
Stakeholder Awareness
Data Privacy is a now a core strategy and operational need across businesses. Stakeholders and teams require a central source of truth, visibility and control for Privacy.
Integrate Privacy-by-design across your current and future technologies with Trunomi’s interoperable Privacy layer and zero-PII data intelligence. Learn more >
Security of Personal Information
Integrate and prove Data Privacy and protection into current and future technology and architectures.
Integrate Privacy-by-design across your current and future technologies, and limit data damage, loss and unlawful access with Trunomi’s zero-PII data sharing. Learn more >
Information Officers
Businesses must appoint a Data Privacy or Information Officer to be involved in issues that relate to data protection and to monitor compliance with POPIA.
Empower DPOs with powerful and real-time intelligence that allows them to understand Privacy and protection across any areas of the business. Learn more >
Data Breaches
Businesses must provide information surrounding data breaches to both supervisory authorities and affected data subjects.
With Trunomi, you will always have secure visibility into what data sits where, and who it belongs to - trigger workflows and alerts for systems, stakeholders and third-parties, based off any affected data sets. Learn more >
Data Transfers
Businesses must understand where their data travels across borders and must assess and limit risk.
Remove the complexity of international transfers with Trunomi’s metadata-only records of intelligence: share detailed information on personal data, without ever having to share the raw data itself. Learn more >


