HIAC (Human Intel Accreditation and Compliance) is committed to ensuring the privacy, protection, and responsible use of all personal information in accordance with the Protection of Personal Information Act, No. 4 of 2013 (POPIA) of South Africa.
1. Purpose of this Statement
This POPIA Compliance Statement explains how HIAC:
- Collects and processes personal information
- Protects and secures that information
- Ensures compliance with the 8 Conditions for Lawful Processing under POPIA
- Honors your rights as a data subject
2. Our Role as a Responsible Party
HIAC is a Responsible Party as defined in POPIA. We determine the purpose and means for processing your personal information, especially in relation to B-BBEE verification, advisory services, training, and supplier development.
3. Information We Process
We process personal and company information including but not limited to:
- Names, ID numbers, and contact details
- Company registration information
- Financial records (turnover, shareholding, etc.)
- Demographic data (race, gender, disability status)
- Employment records (staff structure, payroll, etc.)
This information is processed strictly for B-BBEE verification and compliance purposes.
4. Legal Basis for Processing
We process personal information where:
- The data subject has given explicit consent
- Processing is necessary for the performance of a contract
- Processing is required to comply with a legal obligation
- Processing is in the legitimate interest of the data subject and/or HIAC
5. Security Measures
HIAC implements reasonable, appropriate technical and organizational measures to safeguard personal information against:
- Loss or damage
- Unauthorized access or disclosure
- Unlawful destruction or processing
These include firewalls, password-protected databases, limited access controls, and employee confidentiality agreements.
6. Information Sharing
We do not sell, rent, or trade personal data. Information may be shared only with:
- Verification analysts and technical signatories under confidentiality
- Relevant regulatory authorities (e.g., SANAS, DTI, B-BBEE Commission)
- Service providers assisting in the delivery of our services, bound by POPIA-compliant agreements
7. Retention of Personal Information
Personal information is retained only for as long as necessary to:
- Fulfill the purpose for which it was collected
- Comply with legal, regulatory, or contractual obligations
- Support record-keeping for audit purposes
8. Data Subject Rights
As a data subject, you have the right to:
- Access your personal information
- Request correction or deletion
- Object to processing or direct marketing
- Lodge a complaint with the Information Regulator of South Africa
Requests may be submitted in writing to [email protected].
9. Information Officer
Information Officer: Neeta Devnarain
📞 +27 (82) 329-9485
The Information Officer is responsible for ensuring POPIA compliance, handling data access requests, and managing breach notifications.
10. Complaints
If you believe that HIAC has failed to protect your personal information, you may lodge a complaint with the:
Information Regulator
🌐 www.justice.gov.za/inforeg
11. Updates
HIAC may amend this statement to reflect legal or operational updates. The most recent version will be published on our website: www.hiac.co.za