As per the quotation, please find attached various documents for your consideration and use at Soverain, in order to ensure compliance with the Protection of Personal Information Act (“POPIA”) and The Promotion of Access to Information Act (“PAIA”) 

Please carefully consider the documents and respond with any comments/queries (if any), either by email or within the documents, in order for me to provide one more round of amends and/or clarifications, if necessary, before finalisation. As always, I am also happy to arrange a virtual meeting to run you through the documents and respond to any queries you may have. 

The documents are as follows: 

1) Privacy Policy 

I have provided a detailed privacy policy for Soverain. This policy is for internal and public use and must be placed as a footer on the website (and should be linked to in email footers). This footer can either be done as a PDF document or as a separate website page. 

This privacy policy governs and informs people of the way you handle and use their personal information. It serves as a legal document meant to protect both Soverain as well as customers, suppliers etc. 

2) PAIA Manual 

The Promotion of Access to Information Act (PAIA) requires all public and private bodies in South Africa to have a PAIA manual. Essentially, the manual explains to people how they can get access to the records held by the body. 

This PAIA manual is for public use. It should be provided as a footer on Soverain’s website (either as a PDF document or as a separate website page) and be considered and followed whenever Soverain receives a request for access to company information and records. It should also be updated as regulations change and as company information, types of data subjects and records change. 

3) Email Disclaimer, Cookie Pop-up and Unsubscribe Option 

A tacit requirement of ensuring POPIA compliance is to have a disclaimer at the very end of all email’s (after the sign off) which advises about confidentiality, technical protection of the information being exchanged etc. 

Another tacit requirement of ensuring POPIA compliance is to have a cookie “pop-up” appear on the website when new users / devices access the site. 

POPIA also provides that processing the personal information of a data subject for the purpose of direct marketing by means of any form of electronic communication, including automatic calling machines, facsimile machines, SMSs or e-mail is prohibited unless the data subject has given their consent (for new data subjects) or been given reasonable opportunity to opt-out (existing data subjects). 

As such I have provided you with the content for an email disclaimer, a cookie pop up and an “unsubscribe option”, with more clarity being provided in the document itself. 

4) Website Terms of Use 

I have provided Website Terms of Use which govern the use of Soverain’s website by visitors. These terms set out the conditions under which users may access and interact with the site, including intellectual property rights, disclaimers of liability, permitted use of content, and limitations of responsibility for external links or third-party content. The Terms of Use protect Soverain by clearly defining the relationship between the business and website users and should be displayed as a footer link on the website. 

5) Further advice 

1) Should you ever update your website to allow consumers to contact you via a “contact page” (where users are able to contact you via the website), it would be advisable to include the the following text just above the “submit” button: 

“By selecting “submit”, you agree with and accept our Privacy Policy and Website Terms of Use (link to Privacy Policy and Terms of Use ).” 

The purpose of this is to more clearly alert the user to what they are accepting when they send a message. Whilst the Privacy Policy and Terms of Use will already be in the footer, it is good practice (and proper compliance) to alert them to these at a point where they are about to initiate contact.