Insights & guides

POPIA compliance, demystified.

Plain-English guides, regulatory updates, and practical how-tos for South African businesses navigating POPIA.

ComplianceFeatured · 12 May 2026 · 6 min read

POPIA DSARs: What the 30-day deadline really means for your business

Under POPIA, data subjects can request access to their personal information at any time. You have 30 days to respond. Here is what you need to know.

Read article →

Regulatory

Information Regulator enforcement actions in 2026: What SA businesses need to know

The Information Regulator has increased its enforcement activity significantly. We break down recent actions and what they mean for SMEs.

28 Apr 20268 min read

Compliance

POPIA breach notification: The 72-hour rule explained

A data breach triggers a strict notification obligation under POPIA. Here is a step-by-step guide to meeting the 72-hour deadline without panic.

15 Apr 20267 min read

Legal

What must your Privacy Policy include under POPIA?

A compliant POPIA privacy policy is not just a legal checkbox — it is a communication to your customers. Here is exactly what it must contain.

3 Apr 20265 min read

How-to

Data mapping for SA SMEs: A practical step-by-step guide

You cannot protect what you cannot see. Data mapping is the foundation of POPIA compliance. Here is how to do it without a consultant.

22 Mar 202610 min read

How-to

Consent under POPIA: What counts, what doesn't, and how to capture it correctly

Not all consent is equal under POPIA. Pre-ticked boxes, bundled consent, and vague wording will not protect you. Here is what proper consent looks like.

10 Mar 20267 min read

Stay updated

Get POPIA updates in your inbox.

Monthly digest of regulatory changes, compliance tips, and product updates. No spam.