Data Protection Policy

In terms of the Protection of Personal Information Act, 4 of 2013

    1. Purpose

    Emergence Growth South Africa (“the Company”) is committed to protecting Personal Information in accordance with the Protection of Personal Information Act, 4 of 2013 (POPIA). This Policy outlines how Personal Information is collected, processed, stored and protected.

    2. Scope

    This Policy applies to:

    • Employees
    • Contractors and consultants
    • Customers and clients
    • Suppliers and service providers
    • Any third-party processing Personal Information on behalf of the Company

    3. Principles Of Processing

    The Company will ensure that Personal Information is:

    • Processed lawfully and transparently
    • Collected for specific, defined purposes
    • Adequate, relevant and not excessive
    • Accurate and kept up to date
    • Retained only as long as necessary
    • Secured against unauthorised access, loss or damage

    4. Data Subject Rights

    Data Subjects have the right to:

    • Access their Personal Information
    • Request correction or deletion
    • Object to processing
    • Withdraw consent where applicable
    • Lodge a complaint with the Information Regulator

    5. Collection And Use

    Personal Information will be collected:

    • With knowledge and consent where required
    • For legitimate business purposes
    • In line with legal and contractual obligations

    6. Security Measures

    The Company implements appropriate safeguards, including:

    • Access controls (least privilege)
    • Secure storage and encryption
    • Network and system security
    • Regular monitoring and risk assessments
    • Staff training and awareness

    7. Data Sharing

    Personal Information may be shared with:

    • Service providers and operators
    • Regulatory and government authorities
    • Professional advisor

    All third parties are required to protect Personal Information in accordance with POPIA.

    8. Retention And Destruction

    Personal Information is retained only as long as necessary and securely destroyed when no longer required.

    9. Breach Management

    All actual or suspected data breaches must be reported immediately in accordance with the Company’s Data Breach Notification Policy.

    10. Responsibilities

    Information Officer:

    • Oversees compliance with POPIA
    • Handles data subject requests
    • Liaises with the Information Regulator

    Employees:

    • Must handle Personal Information responsibly
    • Must report any security incidents

    11. Information Regulator

    The Company is registered with the Information Regulator.
    Information Officer: Kirsten Smythe
    Email: [email protected]

    Updates to this Policy

    The Company reserves the right to amend this Policy at any time to ensure ongoing compliance with applicable legislation and best practices.

     

    Updated March 2026

    Ready to transform insights into action?
    Contact Emergence Human Capital to design, deploy, and drive meaningful change through intelligent employee engagement surveys.

    Office: +27 11 026 3442

    eMail: [email protected]

    https://emergencegrowth.com/hr-reward-services/hr-surveys-data-insights/