Person Checking Data
Stack of Files

Personal Data Protection

GDPR (General Data Protection Regulation) applies to any data processing activities that are done by a controller in the EU. It also applies to all processing of personal data of data subjects residing in the EU even if the entity processing the data is not in the EU.

PoPIA (Protection of Personal Information Act) is South Africa’s new legislative framework for data protection which was promulgated by President Ramaphosa on 1 July 2020. It aims to promote the constitutional right to privacy by safeguarding personal information.

The guest will consent to their data being utilized when accepting the terms and conditions upon logging into our system. This is in line with us taking a global view of the acts


  • GDPR says “The controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected”.

  • PoPIA says “A responsible party must secure the integrity and confidentiality of personal information in its possession or under its control by taking appropriate, reasonable technical and organizational measures”.