Document Retention Policy

In terms of POPIA, PAIA and applicable South African legislation

    1. Purpose

    This Policy sets out how Emergence Growth South Africa (“the Company”) retains, manages and securely disposes of records, including Personal Information, in compliance with POPIA and other applicable legislation.

    2. Scope

    This Policy applies to all records in any format, including:

    • Paper records
    • Electronic records (emails, systems, backups)
    • Audio/visual data

    It applies to all employees, contractors and third parties.

    3. Principles

    The Company will ensure that records are:

    • Retained only as long as necessary
    • Securely stored and protected
    • Accurate and accessible when required
    • Properly destroyed when no longer required

    4. Legal Basis

    Retention is governed by:

    • Protection of Personal Information Act (POPIA)
    • Companies Act 71 of 2008
    • Income Tax Act and VAT Act
    • Labour legislation
    • Electronic Communications and Transactions Act

    5. Retention Rule

    Personal Information will not be retained longer than necessary for:

    • The purpose for which it was collected
    • Legal, regulatory or contractual obligations
    • Legitimate business purposes

    6. Standard Retention Periods

    Unless otherwise required by law:

    • Financial records: 5–7 years
    • Tax records: 5 years
    • Employee records: 3–5 years after termination
    • Contracts: Duration + 5 years
    • Marketing data: Until consent withdrawn
    • Supplier records: Duration + 5 years

    7. Special Retention Requirements

    Where legislation requires longer retention (e.g. health & safety records), those periods will apply.

    8. Legal Hold

    Where litigation, investigation or audit is anticipated or underway:

    • All destruction must be suspended
    • Relevant records must be preserved

    Only the Information Officer may lift a legal hold.

    9. Destruction Of Records

    Records must be destroyed:

    • Securely (shredding, deletion, anonymisation)
    • In a manner preventing reconstruction
    • In line with classification levels

    A destruction log must be maintained.

    10. Responsibilities

    Information Officer:

    • Oversees compliance
    • Approves retention and destruction

    Employees:

    • Must comply with retention rules
    • Must not delete records unlawfully

    IT/Data Custodians:

    • Ensure secure storage, backups and deletion

    11. Non-Compliance

    Failure to comply may result in:
    • Disciplinary action
    • Legal consequences
    • Regulatory penalties

    Updates to this Policy

    The Company reserves the right to amend this Policy at any time to ensure ongoing compliance with applicable legislation and best practices.

     

    Updated March 2026

    Ready to transform insights into action?
    Contact Emergence Human Capital to design, deploy, and drive meaningful change through intelligent employee engagement surveys.

    Office: +27 11 026 3442

    eMail: [email protected]

    https://emergencegrowth.com/hr-reward-services/hr-surveys-data-insights/