Privacy and data protection is an important global issue. It is one of the cornerstones of democracy. It protects individual freedoms and enables the free flow of personal data. There have been several major recent International developments.

We are expert professional legal advisers who can help you to comply with global data protection laws. We are a team of practical privacy and data protection lawyers who have assisted many clients, with many issues, over many years. If you would like us to help you, email us and we will contact you to find out more about your needs.

Global Data Protection Laws

  • General Data Protection Regulation (GDPR) in the EU (will replace the EU Data Protection Directive 95/46/EC)
  • Consumer Privacy Bill of Rights Act (CPBORA) in the United States (not in force)
  • The EU-US Privacy Shield
  • Various Data Protection Laws of Africa (including the Protection of Personal Information Act (POPI Act) in South Africa)
  • The Data Protection Act 2004 of Mauritius
  • The Data Protection Act 1988 in the United Kingdom (will be replaced by GDPR)
  • The Data Protection Act 1988 in Ireland (will be replaced by the GDPR)
  • The Data Protection Act 2001 of Malta
  • The Privacy Act in Australia
  • The Personal Data (Privacy) Ordinance of Hong Kong.
  • The Privacy Act and the Personal Information Protection and Electronic Documents Act of Canada
  • The APEC Privacy Framework and the OECD Privacy Framework

There are severe consequences for non-compliance. Like fines of 5% of annual global turnover.

How we can help you

We can help you comply with data protection laws, especially the POPI Act – South Africa’s data protection law. Below is a description of how we can help you comply. This is what we can do for you to help you protect personal information and therefore protect people from harm.

  • Finding solutions to fill gaps.
  • Helping you to appoint your Data Protection Officer (or Information Officer) properly, including a job specification and letter of appointment.
  • Helping you determine how best to proceed with complying by helping you identify your main areas of concern and planning meaningfully.
  • Providing expert practical legal advice and opinions on various issues, especially around cross-border data flow issues, cloud computing, legitimate interests, and the application of laws.
  • Determine whether your customer (or user) is lawfully processing personal information when they use your product. Help you to assess whether a new product will comply.
  • Review all your customer-facing documents (like application forms, agreements, and disclosures) for compliance. Doing this early makes sense because you want to build trust with our customers and be seen to comply.
  • Helping you get the right insurance.
  • Drafting or revising Information Security policies.
  • Analysing the various decisions of courts and information commissioners across the world focusing on where companies have been penalised with a view to identifying risk trends which are then used to give an indication of where companies should be focusing their efforts. Identify the regulatory hot buttons.
  • Drafting a Privacy Policy for you or reviewing your existing Privacy Policy
  • Formulate, draft or revise your protection of personal information policies, procedures, and practices (the policy provides high-level statements of your positions on particular issues, whereas procedures bring those positions down to earth by laying out specific actions and responsibilities).
  • Formulate, draft or revise your Incident Response Policy and procedures. And help you to respond to incidents in accordance with the law. 
  • Help manage your relationships with the people for whom you process personal information and the people who process your personal information (otherwise know as operators or data controllers).
  • Prepare appropriate contract provisions – certain terms must be included in certain agreements.
  • Draft standard responses to customers and prospects that comply.
  • Draft or revise your Access to Information Manual or PAIA Manual.
  • Formulate, draft or revise your Monitoring Policy.
  • Help victims of identity theft.
  • Train the people who process personal information.
  • Advice on the transfer of personal information across borders – for example from the EU to South Africa or out of South Africa.

For a full list of all our related services, please contact us.

Our Experience

  • We have worked through our process with many clients from large Telecoms to FMCG businesses; developing their awareness of data protection laws across the organisation from the Executives to the data capturers, planning their projects, and implementing their plans towards compliance.
  • We have an extensive body of knowledge and advised a large variety of businesses, both domestic and international. We can provide you with a list of selected transactions where we have added value regards the Protection of Personal Information Act (POPI), on request.
  • We have successfully done many large projects on IT GRC, information security, and records management. We have also done many IT Legal Audits and many organisations.
  • We wrote the South African chapter for a Global Privacy Book.
  • We have made representations to the South African Law Commission for several clients on the Data Privacy Issue Paper published for comment in October 2003 and the Data Privacy Discussion Paper published for comment in October 2005 in response to the Protection of Personal Information Bill.

Our Clients

Our clients include marketers, retailers, financial institutions, insurers, health care providers, industry bodies, directory providers, and many others.

How you Benefit

  1. Identify the laws that are relevant to you
  2. Help you determine your privacy strategy
  3. Determine what to do in preparation for the enactment of data protection laws
  4. Determine the scope and impact of data protection laws on your business
  5. Determine where you currently are with regard to privacy ‘maturity’
  6. Get clarity on where you are and where you need to be
  7. Find solutions to fill the gaps – determining what solutions you need
  8. Focus on the activities that are critical to your business
  9. Identify the role players
  10. Classify your data subjects
  11. Fast track your privacy compliance efforts
  12. Get assurance that you comply or find solutions to ensure you comply.


If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.