a. Gender, race, marital status, nationality, sex, mental health, religion, belief, language – any information that can identify you as an individual person.
b. Education, financial, criminal, medical and employment history.
c. Biometrics – physical, behavior, physiological characteristics.
d. E-mail address, telephone number, location information.
e. Any correspondence of a private nature.
f. An individual’s name – if the name could lead to the reveal of information about the individual.

a. Any private or public individual who regulates or processes personal information.
b. Every company / organization must have a “Responsible Party” who is to ensure and enforce compliance with the Act.
c. Each company / organization must implement a Personal Information Policy highlighting and structuring the processing of personal information.
d. A mandate or agreement must be implemented by the Responsible Party regarding the processing of personal information.

a. Potential risk of ruining your company / organizations reputation
b. Non-compliance could also result in a penalty or fine of R10 Million and / or imprisonment of up to 10 years – depending on the severity of the information breach.