POPIA Compliance
Privacy Policy
Your privacy is fundamental. Learn how Oceans88 Labs protects your personal information in full compliance with South Africa's Protection of Personal Information Act (Act 4 of 2013).
✓
Information Regulator
Registered
📄
PAIA Manual
Available
🔒
ISO 27001
Aligned
8
POPIA
Conditions
72h
Breach
Notification
30
Day
Response Time
100%
Compliance
Commitment
Policy Details
Eight Conditions for Lawful Processing
POPIA requires these principles for all personal information processing
01
Accountability
We take full responsibility for protecting your personal information and have appointed an Information Officer to ensure POPIA compliance. Our Information Officer oversees all data protection matters, conducts regular audits, and ensures staff training on privacy practices.
02
Processing Limitation
We only process personal information for lawful purposes and in a manner that is adequate, relevant, and not excessive. Data minimization is practiced—we collect only what is necessary and retain it only for as long as legally required.
03
Purpose Specification
We collect personal information for specific, explicitly defined, and legitimate purposes related to our services. Before any data collection, we clearly state the purpose and obtain consent where required by law.
04
Further Processing Limitation
We do not use your personal information for purposes other than those originally specified without your consent. If new purposes arise, we notify affected individuals and obtain fresh consent before proceeding.
05
Information Quality
We take reasonable steps to ensure personal information is complete, accurate, and not misleading. Regular data validation processes and easy correction mechanisms for data subjects.
06
Openness
We maintain documentation of all processing operations and make privacy practices transparent. Our PAIA manual and privacy policy are publicly available, and we notify regulators of processing activities.
07
Security Safeguards
We implement appropriate technical and organizational measures to protect personal information. Encryption, access controls, regular security assessments, and incident response protocols.
08
Data Subject Participation
We respect your rights to access, correct, and delete your personal information. Streamlined processes for handling data subject requests within statutory timeframes.
Security Measures
🔐
TLS 1.3
Encryption for data in transit
🏢
AES-256
Encryption for data at rest
👤
MFA
Multi-factor authentication
🔄
Pen Testing
Regular penetration testing
Contact Our Information Officer
For privacy-related inquiries, data subject access requests, or to exercise your POPIA rights, please contact our appointed Information Officer.
Phone
+27 67 970 7137Physical Address
9 Gowran gardens, Newlands East 4051Response Commitment
We respond to all privacy requests within 30 days as required by POPIA. Complex requests may require additional time, with notification provided.
Information Regulator
If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Regulator of South Africa.
Last Updated: April 2025 · Version: 2.1 · Next Review: April 2026