POPIA Compliance

1. About POPIA

The Protection of Personal Information Act 4 of 2013 (POPIA) is South Africa's data protection legislation. It regulates how organisations collect, process, store, and share personal information of individuals (referred to as "data subjects"). POPIA came into full effect on 1 July 2021.

At Unlimited IT Solutions, we are committed to complying with POPIA in all aspects of our business and in the operation of the UBOSS platform. This page outlines how we meet our obligations under the Act and how you can exercise your rights as a data subject.

2. Information Officer

In terms of POPIA, every responsible party must appoint an Information Officer. Our Information Officer is responsible for encouraging compliance with POPIA, dealing with requests from data subjects, and working with the Information Regulator.

Information Officer Details

Name: The Director, Unlimited IT Solutions
Company: Unlimited IT Solutions (trading as UBOSS)
Email: privacy@uboss.co.za
Phone: 039 314 4359
Address: 202 Marine Drive, Ramsgate, KwaZulu-Natal, 4285, South Africa

All POPIA-related requests, queries, and complaints should be directed to the Information Officer using the contact details above.

3. POPIA Principles We Follow

POPIA sets out eight conditions for the lawful processing of personal information. Here is how UBOSS adheres to each:

Accountability

We take responsibility for complying with POPIA. Our Information Officer ensures that all processing of personal information is lawful and that appropriate measures are in place.

Processing Limitation

We only collect personal information that is necessary for the purposes of providing the UBOSS service. We collect data with your consent or where we have a legitimate interest.

Purpose Specification

We collect personal information for specific, defined purposes as outlined in our Privacy Policy. We do not use your data for unrelated purposes without your consent.

Further Processing Limitation

We do not process your personal information for purposes incompatible with the original purpose for which it was collected.

Information Quality

We take reasonable steps to ensure that personal information is complete, accurate, and up to date. You can update your information at any time through your UBOSS account.

Openness

We are transparent about what personal information we collect and how we use it. This POPIA page, our Privacy Policy, and Cookie Policy provide comprehensive information.

Security Safeguards

We implement appropriate technical and organisational measures to protect personal information against loss, damage, unauthorised access, and unlawful processing.

Data Subject Participation

You have the right to access, correct, and delete your personal information. We provide mechanisms for you to exercise these rights easily.

4. Your Rights as a Data Subject

Under POPIA, you have the following rights regarding your personal information:

Right to Be Informed

You have the right to know what personal information we collect about you and how we use it. Our Privacy Policy and this POPIA page serve this purpose.

Right of Access

You can request a copy of all personal information we hold about you. We will provide this within 30 days of a verified request, free of charge for the first request.

Right to Correction

If any of your personal information is inaccurate, incomplete, or outdated, you can request that we correct or update it.

Right to Deletion

You can request that we delete your personal information. We will comply unless we are legally required to retain it (e.g., for tax or accounting purposes).

Right to Object

You can object to the processing of your personal information for direct marketing purposes or where the processing is not necessary for the Service.

Right to Lodge a Complaint

If you believe we have violated your right to privacy, you have the right to lodge a complaint with the Information Regulator (see details below).

5. How to Exercise Your Rights

To make a request regarding your personal information, please follow these steps:

Email your request to our Information Officer at privacy@uboss.co.za. Please include:
- Your full name and email address associated with your UBOSS account
- A clear description of your request (access, correction, deletion, etc.)
- Any supporting documentation if relevant
Identity verification: We may need to verify your identity before processing your request to prevent unauthorised access to personal information.
Response time: We will acknowledge your request within 7 days and provide a full response within 30 days, as required by POPIA.
Fees: The first request for access to your personal information in any 12-month period is free of charge. Subsequent requests may be subject to a reasonable fee to cover administrative costs.

6. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

Notify the Information Regulator as soon as reasonably possible
Notify affected data subjects (you) of the breach, the potential consequences, and the measures we are taking to address it
Take immediate steps to contain the breach and mitigate any harm
Conduct a thorough investigation and implement measures to prevent recurrence

7. Cross-Border Data Transfers

Your data is stored on servers located in South Africa. We do not routinely transfer personal information outside of South Africa. In the limited cases where cross-border transfer may occur (e.g., when using Google OAuth for sign-in), we ensure that the recipient country has adequate data protection laws or that appropriate safeguards are in place, as required by Section 72 of POPIA.

8. Data We Process on Your Behalf

When you use UBOSS to store your customers' information, you act as the "responsible party" for that data under POPIA, and we act as an "operator" processing data on your behalf. This means:

You are responsible for ensuring you have the necessary consent or legal basis to collect your customers' personal information.
We process your customers' data strictly in accordance with your instructions and for the purposes of providing the UBOSS service.
We implement appropriate security measures to protect all data stored in the platform.
We will assist you in responding to data subject requests from your customers where applicable.

9. The Information Regulator

The Information Regulator is the independent body established under POPIA to monitor and enforce compliance with the Act. If you are not satisfied with how we have handled your request or complaint, you have the right to lodge a complaint with the Information Regulator:

Information Regulator (South Africa)

Address: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
P.O. Box: 31533, Braamfontein, Johannesburg, 2017
Email: complaints.IR@justice.gov.za
Phone: 010 023 5207
Website: inforegulator.org.za

10. Related Policies

For more information about how we handle your data, please also refer to:

Privacy Policy — Full details on what data we collect and how we use it.
Cookie Policy — Information about the cookies we use.
Terms of Service — The terms and conditions governing your use of UBOSS.

11. Contact Us

If you have any questions about POPIA compliance or wish to exercise your data subject rights, please contact our Information Officer:

Email: privacy@uboss.co.za
Phone: 039 314 4359
Address: Unlimited IT Solutions, 202 Marine Drive, Ramsgate, KwaZulu-Natal, 4285, South Africa