pornmilo.com - javkaka.com - hentai789.com

Data Protection (POPI) (GDPR)

We assist businesses with POPI (and GDPR) Compliance Work

In this day and age compliance with data protection laws is imperative, not only could you and/or your organisation be fined or imprisoned but you open your organisation up to severe reputational damage and possible civil claims. Caveat’s various options aim to set your organisation up from data protection compliance perspective by giving you the tools you need to ensure compliance and so that you be comfortable in your knowledge of data protection. Data Protection is not a once off compliance programme but an ongoing commitment to ensuring the integrity and security of the personal information your organisation holds. Accordingly, the key to any data protection compliance programme is ensuring expert advice and implementation from the start.

DIY POPI Compliance Toolkit

Cost: R22,000 (excl VAT)

Recommended for:

Organisations with a limited budget but with available resources to complete and roll-out templates and appropriate procedures. This programme is a do it yourself programme whereby Caveat will provide training and templates only – accordingly it is not without risk and Caveat accepts no liability whatsoever for any loss suffered by the client in using the templates.

Package entails:

– POPI Training with Q&A on templates (2 hour session)

– Provision of the following templates:

– Privacy Notice (external and employees)

– Promotion of Access to Information Act Manual

– Document Retention and Destruction Policy*

– Data Processing Contract Addendum

– Data Breach Response Plan

– Information Security Policy

– Privacy Impact Assessment Template

– POPI Compliance Checklist

 

*Caveat will provide the policy and legislated retention periods. Client will need to consider retention periods for all personal information it holds.

This option is a Do It Yourself programme whereby Caveat provides training and templates only, and does not guarantee full and proper compliance with POPI. There are risks inherent in the use of this option and it is offered in good faith to assist  businesses that are unable to afford a bespoke solution, to use at their own risk.

 

Basic POPI Compliance Package

Cost: R50,000 (excl VAT)

Recommended for:

Organisations that:

  • have less than 20 employees;
  • deal with limited personal information;
  • deal with limited special personal information; and
  • send out nominal communications to customers / do not direct market.

 

Package entails:

  • Questionnaire and max 2 hour follow up call/meeting with one point of contact
  • Preparation of Policies – Privacy notice (external and employees), Promotion of Access to Information Act (PAIA) Manual, Document Retention*, IT Policies, Data Breach Procedures and Search and Seizure Guidelines
  • Provision of Privacy Impact Assessment Template
  • Provision of POPI Compliance Checklist
  • Provision of Data Protection clause addendum template and guidance
  • Assistance with appointment of Deputy Information Officer and Registration of Information Officer and Deputy with the Information Regulator
  • POPI Training (2 hour session)

 

*Caveat will provide the policy and legislated retention periods. Client will need to consider retention periods for all personal information it holds.

 

Intermediate POPI Compliance Package

Cost: R75,000 (excl VAT)

Recommended for:

Small to medium size organisations that:

  • deal with a fair amount of personal information;
  • deal with special personal information; or
  • perform a limited amount of direct marketing.

 

Package entails:

  • Data Mapping:
    • Questionnaire, meetings with one point of contact from each department (max 3 departments)
    • Master Data File – a template will be provided for completion by staff – Caveat will assist in respect of justification for processing of each category of information.
  • Preparation of Policies – Privacy notice (external and employees), Promotion of Access to Information Act (PAIA) Manual, Document Retention*, IT Policies, Data Breach Procedures and Search and Seizure Guidelines
  • Provision of Privacy Impact Assessment Template
  • Provision of POPI Compliance Checklist
  • Guidance on consent forms/mechanisms (if required)
  • Provision of Data Protection clause addendum template
  • Assistance with appointment of Deputy Information Officer and Registration of Information Officer and Deputy with the Information Regulator
  • POPI Training (2 hour session)

 

*Caveat will provide the policy and legislated retention periods. Client will need to consider retention periods for all personal information it holds and capture same in the Master Data Template provided

Comprehensive POPI Compliance Package

Cost: R125,000 (excl VAT)

Recommended for:

  • Large organisations;
  • Organisations which process a substantial amount of personal and/or special personal information;
  • Organisations that are involved in direct marketing; or
  • Regulated organisations.

 

Package entails:

  • Data Mapping:
    • Questionnaire, meetings with one point of contact from each department (max 3 departments)
    • Master Data File – compilation of full data landscape in excel – Caveat will, together with the client, complete this as a data mapping exercise using the questionnaire responses
  • Preparation of Policies – Privacy notice (external and employees), Promotion of Access to Information Act (PAIA) Manual, Document Retention*, IT Policies, Data Breach Procedures and Search and Seizure Guidelines
  • Provision of Privacy Impact Assessment Template
  • Provision of Supplier Data Protection Due Diligence questionnaire template
  • Provision of POPI Compliance Checklist
  • Guidance on consent forms/mechanisms
  • POPI Compliance Manual for staff
  • POPI Training (max two sessions of 2 hours each)
  • Guidance regarding folder management and procedures to give effect to data subject rights (e.g right to access, objection, amendment)
  • Review of contract templates (max 10) and provision of data protection clause template addendum.
  • Assistance with appointment of Deputy Information Officer and Registration of Information Officer and Deputy with the Information Regulator

 

*Caveat will provide the policy and legislated retention periods. Client will need to consider retention periods for all personal information it holds and Caveat will capture same in the Master Data file

 

POPI Compliance Review Package

Cost: Quote to be provided

Recommended for:

  • South African subsidiaries within multi-national organisations
  • Organisations which already have certain policies and procedures in place but which want to ensure that they are fully compliant

 

Package entails:

  • Review of current/global data protection policies and procedures within organisation – Privacy notice (external and employees), Promotion of Access to Information Act (PAIA) Manual, Document Retention, IT Policies, Data Breach Procedures and Search and Seizure Guidelines
  • Review of contract templates and provision of data protection clause template addendum
  • Review of consent mechanisms (if any)
  • Provision of intra-group transfer agreement
  • Assistance with appointment of Deputy Information Officer and Registration of Information Officer and Deputy with the Information Regulator
  • POPI Training

 

GDPR, UK & POPI Compliance Package

Cost: Quote to be provided

Recommended for:

  • South African organisations which offer products or services to UK and/or EEA residents or monitor the behaviour of UK and/or EEA residents

 

Package entails:

  • Option 2 or 3 including:
    • Provision of POPI, UK Data Protection and GDPR compliant – privacy notice (external and employees), Promotion of Access to Information Act (PAIA) Manual, Document Retention, IT Policies, Data Breach Procedures and Search and Seizure Guidelines.
    • Review of contract templates and provision of POPI, UK Data Protection and GDPR compliant data protection clause template addendum.
    • Assistance with appointment of Deputy Information Officer and Registration of Information Officer and Deputy with the South African Information Regulator. As well as assistance with appointment of EEA Representative if required.
    • POPI and GDPR Training.

 

Data Protection Due Diligence

Cost: Quote to be provided

Recommended for:

  • Organisations in the due diligence phase of a merger acquisition

 

Package entails:

  • Review of current data protection policies and procedures within the target organisation
  • Review of contract templates from a data protection compliance perspective
  • Review of consent mechanisms (if any)
  • General review of data protection procedures and training

SMART LEGAL. MORE ACCESSIBLE.

The Best Legal Choice for Accelerating Businesses

Enquire now for Assistance

    Name *

    Email *

    Company Name *

    Message *

    How did you hear about us *

    Pin It on Pinterest

    Share This