OIC Services Logo
OIC Services Logo Watermark

POPI Act Compliance

1. Introduction

OIC Services (operated by Online Internet Cafe) is committed to protecting the privacy, confidentiality, and security of personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA) of South Africa. This POPI Act Compliance Statement explains how we lawfully collect, use, store, share, and protect personal information entrusted to us in the course of providing our services.

Data privacy is a fundamental part of our business operations, and we apply appropriate technical and organisational measures to ensure compliance with POPIA and related data protection principles.

2. Scope of Application

This statement applies to all personal information processed by OIC Services, including information relating to:

  • Clients and prospective clients
  • Business partners and suppliers
  • Website visitors and digital platform users
  • Employees, contractors, and service providers (where applicable)

3. Collection of Personal Information

We collect personal information directly from data subjects or from authorised third parties where lawful and necessary. The personal information we may collect includes, but is not limited to:

  • Full Names and Surnames – for identification and service delivery
  • Contact Details (email address, phone number, business address) – for communication and support
  • Company or Business Information – where services are provided to corporate clients
  • Identification or Registration Numbers – where legally required
  • Billing and Payment Information – to process payments and manage accounts
  • Digital Information (IP addresses, website usage data, cookies) – to improve online services
  • Service-related Information – required to deliver marketing, media, IT, real estate, consultancy, or related services

We only collect information that is adequate, relevant, and not excessive for the purpose for which it is collected.

4. Purpose of Processing Personal Information

Personal information is processed for lawful and specific purposes, including:

  • Delivering and managing our services
  • Communicating with clients regarding enquiries, projects, and support
  • Processing invoices, payments, and financial transactions
  • Managing client relationships and service records
  • Improving service quality, systems, and user experience
  • Marketing our services (where consent has been obtained)
  • Complying with legal, regulatory, and contractual obligations

5. Lawful Basis for Processing

We process personal information based on one or more of the following lawful grounds:

  • The consent of the data subject
  • The performance of a contract or intended contract
  • Compliance with a legal obligation
  • Legitimate business interests, provided such interests do not override the rights of the data subject

6. Sharing of Personal Information

OIC Services does not sell or unlawfully disclose personal information. Personal information may be shared only in the following circumstances:

  • Service Providers and Partners: With trusted third parties such as IT service providers, payment processors, hosting providers, and professional advisors who assist us in delivering our services
  • Legal and Regulatory Requirements: Where disclosure is required by law, regulation, court order, or lawful authority
  • With Consent: Where the data subject has provided explicit consent for disclosure

All third parties are required to maintain appropriate confidentiality and data protection safeguards.

7. Security Safeguards

We implement reasonable technical and organisational measures to protect personal information against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures include:

  • Secure servers and cloud-based storage systems
  • Access control and authentication procedures
  • Encryption of sensitive data where appropriate
  • Regular system updates and security monitoring
  • Staff awareness and confidentiality obligations

8. Data Subject Rights

In terms of POPIA, data subjects have the right to:

  • Request access to their personal information
  • Request correction, updating, or deletion of personal information
  • Object to the processing of personal information in certain circumstances
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with the Information Regulator of South Africa

Requests relating to these rights must be submitted in writing using the contact details below.

9. Retention of Personal Information

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law. Once information is no longer required, it is securely deleted or anonymised.

10. Cross-Border Transfers

Where personal information is transferred outside South Africa, we ensure that adequate data protection safeguards are in place in accordance with POPIA requirements.

11. Updates to this Statement

This POPI Act Compliance Statement may be updated from time to time to reflect changes in legal requirements or our business practices. The most recent version will always be made available on our official platforms.

12. Contact Information

For any questions, concerns, or requests relating to this POPI Act Compliance Statement or the processing of personal information, please contact:

OIC Services (Online Internet Cafe)
Email: contact@oicrsa.org