The POPI ACT and the General Data Protection Regulation have a significant impact on websites and other digital platforms (social media and email marketing).

Is your website POPI compliant?

The POPI ACT and the General Data Protection Regulation have a significant impact on websites and other digital platforms (social media and email marketing). Businesses have until 1 July 2021 to make their websites compliant including eccommerce activities. All businesses are affected if your website collects data. Online privacy covers how personal data is used and extracted when users visit a website. Information shared in analytics, contact forms including email marketing are collected with personal information. Your website must obtain consent from visitors to collect personal information. Without consent you cannot share any client information.

Websites must disclose the following information:

• If they are collecting personal data (the registration page or forms, IP addresses, a checkout page and other analytics)

• Visitors must know how and where they store personal data

• Visitors can request copies of their personal information

• Visitors may request to erase their personal details

• Businesses must report problems within 72 hours

Website Software

The latest software version has built-in privacy and compliance features as part of its core and ensure a higher level of compliance. This includes consent, erase data, export features and a policy generator.

Software completely erase information from the database. The software offers a privacy policy template to create an information page for visitors as to what data is stored and how the business manages it.

Yearly SSL Certificate

An SSL certificate is a file installed on a website’s origin server. It’s simply a data file containing the public key and the identity of the website owner, along with other information. Without an SSL certificate, a website’s traffic can’t be encrypted with TLS.

Online Shopping

Software offers built-in tools to manage user privacy settings. You have the options to retain personal information, erase data and privacy policy. You can add the information and disclosure to the related shopping and payment security.

Contact Forms

Visitors should be made aware that your site will collect their personal information when they complete any contact or registration forms.


Inform visitors that your website collects cookies.


Companies must inform website users about any policy updates or data breaches via email.


Google Analytics and Google Adwords need to be managed correctly before storage and processing. Plugins are available (automatically connect Google Analytics to your website and they can make data anonymisation easy).

Online payments

Online payments may be collecting personal data before passing it onto the payment gateway. You are required to remove any personal information after a reasonable period.


Please note that this checklist should in no way to be construed as a substitute for seeking legal advice to ensure that your business is fully compliant with the requirements of POPIA.

The POPI Act is concerned with protecting the personal information of others. So when considering your own business website, you need to ensure you have a decent and professional Privacy Policy presented on your website. This way, users are able to be confident that their personal information is safe and secure when doing business with your company.


Register on the below button to track all your website cookies.