Many people ask us if we can help them (or their organisation) to become POPIA Certified or obtain a POPIA certification. The Protection of Personal Information Act (POPI Act or POPIA) does not specify how to become POPI Certified, and the Information Regulator has not yet set up a system allowing for POPI certification.

There is no such thing as POPIA Certified or POPIA Certification

At the moment, there is no such thing as POPIA certification or GDPR certification. No one can give you a certification currently. Regarding POPIA, we believe that in the future, the Information Regulator will follow the system set out by various other data protection laws, such as the GDPR. Until then, we can help you to show your stakeholders that you are a Data Protection champion.

Get the Michalsons Data Protection Champ badge

If your organisation meets the requirements, you can use the Michalsons Data Protection Champ badge. You can display the badge on all websites, cloud offerings, apps, or advertising solutions. Michalsons is one of the leading law firms selected by many to help them comply with POPIA.
The Michalsons Data Protection Champ badge is recognised in South Africa by consumers, businesses, associations, and regulators as demonstrating that the organisation using the badge is taking active steps towards data privacy best practices. It is a way to show that an organisation takes data protection seriously. We can present the badge to an organisation, a product, or a service. Certification is very closely related to the issue of
codes of conduct.

Who is it for?

  • Responsible parties who want to demonstrate to their data subjects that they take their privacy seriously.
  • Vendors that provide solutions that help solve the POPIA problem. For example, an opt-out register.
  • Operators who process a lot of personal information for others and want to demonstrate to their responsible parties that they take POPIA seriously and are trustworthy.

What does the badge mean to data subjects and responsible parties?

It means that the organisation displaying the badge:

  • champions the right to data privacy,
  • takes privacy seriously,
  • respects the privacy of data subjects,
  • is open about how they process personal information,
  • has committed to do what is reasonably practicable to protect personal information, and
  • is on the Michalsons data protection programme.

The badge does not mean that the organisation will protect personal information all the time. Personal information must flow freely for society to function. A balance between the free flow and the protection of personal information is needed. The badge is also not a POPIA certification.

Minimum requirements for the Data Protection Champ badge

If you wish to display the Michalsons Data Protection Champ badge, your organisation must be a member of the Michalsons data protection programme and meet the other requirements set out in the programme.

What does it cost?

Your membership fee entitles your organisation to use the badge for as long as you are a member of the programme. It is one of the benefits of being a member.