Is it just us or are you getting more unsolicited emails and SMS communications than ever before? This trend is quite perplexing since the Protection of Private Information Act (POPI) was legislated in 2013 and is already in play. We explore what this means for marketers and how it will fundamentally alter the way brands store and use consumer data.

Marketers are also Data-Collectors

The contemporary digital native is also in the data-collection realm. User data is paramount in informing marketers on how to be more astute about delivering the relevant experience to the targeted user. With the focus on data, consumers are becoming more aware of their personal privacy. They are auto-filtering brand information that doesn’t interest them. And with the imminent enforcement of the POPI Act, our challenges as Marketers just became more complex. More complex, but not insurmountable and we hope this article will help.

POPI act emails

The POPI Act simply put

The POPI Act is South African legislation that was introduced in 2013 to safeguard the consumer from the exploitation of personal data and bring South Africa in line with international data protection laws. The Act aims to ensure that all South African companies conduct themselves in a responsible manner when collecting, processing, storing and disposing of another entity’s personal information by holding them accountable should they abuse or compromise your personal information in any way.

Consumers Rights according to POPI

The POPI legislation basically considers personal information to be ‘precious goods’ and gives you the ‘owner’ of the information the following rights:

  • When and how you choose to share your information (requires your consent)
  • The type and extent of information you choose to share (must be collected for valid reasons)
  • Transparency and accountability on how your data will be used (limited to the purpose)
  • Notification if / when the data is compromised
  • Providing you with access to your own information as well as the right to have your data removed and /  destroyed
  • Who has access to your information, i.e. there must be adequate measures and controls in place to track access and prevent unauthorized people, even within the same company, from accessing your information
  • How and where your information is stored (there must be adequate measures and controls in place to safeguard your information to protect it from theft, or being compromised)
  • The integrity and continued accuracy of your information (i.e. your information must be captured correctly and once collected, the institution is responsible to maintain it)

 POPI for Marketers

  1. Marketers need prior consent to use any personal information relating to a consumer.
  2. Consumer consent must indicate the purpose of the communication and limited to that purpose. Example: (Only 1 newsletter once a month)
  3. Consumers must OPT into all communications and they must also have an OPT Out option.
  4. Marketers need to safeguard the storing of consumer data.
  5. All prior consents must be kept on record as proof of consent.
  6. Consumer information must be removed upon request
  7. Consumer data needs to be accurate, updated and maintained.

POPI Act marketers call centre

A Case in Point

An Information Regulator has now been appointed to enforce the POPI Act.  The chairperson is Advocate Pansy Tlakula. She says: “Direct marketers often act as if there is no Act in place yet.” So even if the Regulator is still getting her ducks in a row, the conditions of the Act still apply. The Regulators office aims to be fully operational in the first half of 2019 with 100 personnel on call to handle complaints about pesky direct marketing.

Their role was recently highlighted by the call from insurance company MiWay to King Goodwill Zwelithini. The leaked call starts with the sales rep addressing Zwelithini by his first name. The king then reprimands the sales rep. The Information Regulator maintains that the call is unlawful if Zwelithini did not give MiWay consent to use his personal information or his information was not used in concluding a contract in which Zwelithini is a party. Zwelithini could have lodged a complaint with the Information Regulator if POPIA was fully enacted.

MiWay CEO René Otto tweeted an apology.
“We at MiWay regret that our sales guy called His Excellency by his first name‚ but he obviously wasn’t aware who he was speaking to. The amazing thing is that His Excellency didn’t take offense and (fortunately for us) saw the funny side of it. We salute his humanness!”

So as Marketers, if you haven’t already done so, you need to put these compliance measures in place immediately. And if you want to formally complain about unsolicited marketing calls or messages‚ you will have to wait until next year!

Your brand reputation is your most valuable equity. You can’t afford to put it at risk.  Creative Imagineering is a team of geeks who make it our business to keep abreast of the dynamic marketing landscape. We can help ensure your marketing campaigns are POPI compliant. Email us. info@creativeimagineering.co.za

____________________________________________________________________________________________________

Sources: