¶¶Òõ¶ÌÊÓƵ

All Countries
Data Privacy
Company Privacy Notice

Company Privacy Notice Template for South Africa

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Company Privacy Notice

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Company Privacy Notice

"I need a Company Privacy Notice for my South African tech startup that processes customer data across multiple countries and uses AI analytics - it needs to be POPIA compliant while also addressing international data transfers and automated decision-making processes we plan to implement by March 2025."

Celebrated by
Collaborations with
Investors
Document background
The Company Privacy Notice is a mandatory document under South Africa's Protection of Personal Information Act (POPIA) for any organization processing personal information. It serves as the primary instrument for achieving transparency in data processing activities and fulfilling the organization's duty to inform data subjects about how their personal information is handled. The notice must be easily accessible, written in clear language, and cover all aspects of data processing, from collection to disposal. It should be implemented when an organization begins operations or processing personal information, and must be regularly reviewed and updated to reflect changes in processing activities or legal requirements. The document is particularly crucial in the South African context, where POPIA imposes strict requirements on responsible parties (data controllers) to ensure lawful processing of personal information and respect for data subject rights.
Suggested Sections

1. Introduction: Overview of the organization and scope of the privacy notice

2. Definitions and Interpretation: Key terms used in the notice, aligned with POPIA definitions

3. Information Officer Details: Contact details of the Information Officer and Deputy Information Officer as required by POPIA

4. Types of Personal Information We Process: Comprehensive list of personal information categories collected and processed

5. How We Collect Personal Information: Methods and sources of personal information collection

6. Purposes for Processing Personal Information: Detailed explanation of why personal information is collected and processed

7. Lawful Basis for Processing: Legal grounds under POPIA for processing personal information

8. Information Sharing and Disclosure: Details about third parties with whom information is shared and circumstances of sharing

9. Cross-border Transfer of Personal Information: Information about international transfers and safeguards in place

10. Information Security: Measures taken to protect personal information

11. Data Subject Rights: Explanation of rights under POPIA and how to exercise them

12. Retention of Personal Information: How long information is kept and criteria for retention periods

13. Changes to This Privacy Notice: Process for updating the notice and notifying of changes

14. Complaints Procedure: How to raise concerns and contact the Information Regulator

Optional Sections

1. Cookie Policy: Required if the organization operates websites using cookies

2. Direct Marketing: Required if the organization engages in direct marketing activities

3. Children's Privacy: Required if services or products may involve processing children's personal information

4. Automated Decision Making: Required if the organization uses automated processing or profiling

5. Employee Privacy: Required if the notice covers employee data processing

6. CCTV and Surveillance: Required if premises have surveillance systems

7. Special Personal Information: Required if processing special categories of personal information as defined in POPIA

Suggested Schedules

1. Schedule 1: Categories of Personal Information: Detailed breakdown of all categories of personal information processed

2. Schedule 2: Third Party Processors: List of third-party service providers and processors with access to personal information

3. Schedule 3: Technical and Organizational Security Measures: Detailed description of security measures implemented

4. Schedule 4: Countries for Cross-border Transfers: List of countries to which personal information may be transferred and applicable safeguards

5. Appendix A: Data Subject Request Form: Standard form for submitting data subject access requests

6. Appendix B: Consent Forms: Standard consent forms for specific processing activities where required

Authors

Alex Denne

Head of Growth (Open Source Law) @ ¶¶Òõ¶ÌÊÓƵ | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

alex.den.21@genieai.co
Relevant legal definitions








































Clauses






























Relevant Industries

Financial Services

Healthcare

Retail

Technology

Manufacturing

Professional Services

Education

Telecommunications

Insurance

Real Estate

Hospitality

Transportation

Energy

Mining

Agriculture

Non-Profit

Government Services

Media and Entertainment

Construction

Legal Services

Relevant Teams

Legal

Compliance

Information Technology

Information Security

Risk Management

Human Resources

Data Protection

Privacy

Corporate Governance

Internal Audit

Relevant Roles

Chief Privacy Officer

Data Protection Officer

Information Officer

Deputy Information Officer

Chief Information Security Officer

Chief Legal Officer

Compliance Manager

Risk Manager

Legal Counsel

Privacy Manager

Information Security Manager

IT Director

HR Director

Chief Executive Officer

Company Secretary

Industries






Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Privacy Policy And Privacy Notice

A legal document outlining an organization's personal information handling practices in compliance with South African POPIA requirements.

find out more

Data Privacy Notice

A South African POPIA-compliant document that explains how an organization handles personal information and protects data subject rights.

find out more

Customer Privacy Notice

A South African POPIA-compliant privacy notice detailing how an organization handles customer personal information and protects privacy rights.

find out more

Cookie Notice

A legally mandated document under South African law (POPIA) that informs website visitors about cookie usage, data collection, and their privacy choices.

find out more

Employee Data Privacy Notice

A South African POPIA-compliant employee privacy notice detailing how organizations handle employee personal information.

find out more

Data Protection Policy And Privacy Notice

A combined data protection policy and privacy notice ensuring compliance with South Africa's POPIA, outlining personal information handling practices and data subject rights.

find out more

Privacy Notice Statement

A POPIA-compliant privacy notice statement for South African operations that outlines personal information handling practices and data subject rights.

find out more

External Privacy Notice

A POPIA-compliant external privacy notice for South African organizations, detailing how personal information is handled and protected.

find out more

Applicant Privacy Notice

A POPIA-compliant privacy notice for job applicants in South Africa, detailing how personal information is handled during recruitment.

find out more

Data Privacy Notice And Consent Form

A South African POPIA-compliant document that explains how personal information is processed and obtains consent for such processing.

find out more

Company Privacy Notice

A South African POPIA-compliant privacy notice detailing an organization's personal information processing practices and data subject rights.

find out more

Website Privacy Notice

A South African law-compliant privacy notice that details how a website collects, uses, and protects personal information under POPIA requirements.

find out more

Data Protection Notice

A South African POPIA-compliant notice outlining how an organization handles personal information, including collection, use, protection, and management of data.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: /our-research
Oops! Something went wrong while submitting the form.

³Ò±ð²Ô¾±±ð’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; ³Ò±ð²Ô¾±±ð’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our for more details and real-time security updates.

Read our Privacy Policy.