POPIA Data Protection Compliance Statement

ZA CREATIVE AND PROJECTS (PTY) LTD., trading as Top Executive, is committed to safeguarding personal data in compliance with the Protection of Personal Information Act (POPIA) No. 4 of 2013 of South Africa. This statement outlines our obligations and approach to data protection, ensuring that personal information is processed lawfully, securely, and transparently.

1. Scope and Application

This POPIA Compliance Statement applies to all personal data processed by Top Executive, including:

• Members and prospective members of Top Executive
• Clients, partners, and suppliers
• Visitors to our website and digital platforms

This statement ensures compliance with POPIA and any related Information Regulator guidelines.

2. Lawful Processing of Personal Information

We process personal information in accordance with Section 4 of POPIA, ensuring it is:

• Collected lawfully – With the data subject’s consent or as required by law
• Used for a specific, explicitly defined, and legitimate purpose
• Adequate, relevant, and not excessive for intended purposes
• Kept accurate and up to date
• Stored securely and confidentially
• Retained only for as long as necessary

3. Categories of Personal Information Collected

We may collect the following types of personal data:

• Personal Identifiers: Name, job title, employer, and industry sector
• Contact Details: Email, phone number, and address
• Billing and Payment Information: If applicable for membership or services
• Website Usage Data: IP address, browsing behaviour, and preferences
• Event and Engagement Information: Attendance, networking preferences, and feedback

All data is collected with the individual’s knowledge and consent, except where permitted under POPIA.

4. Purposes of Data Processing

We collect and process personal information for the following purposes:

• Membership Management: Providing access to Top Executive’s services and networking opportunities
• Communications: Sending newsletters, updates, and event invitations
• Event & Training Participation: Registering members for conferences, workshops, and online learning
• Networking & Business Development: Facilitating meaningful connections among members
• Legal & Regulatory Compliance: Ensuring adherence to financial, tax, and legal requirements

We do not sell or rent personal data to third parties.

5. Data Subject Rights Under POPIA

Under Chapter 2 of POPIA, individuals have the right to:

• Access Their Personal Data – Request a copy of personal information held by us
• Request Correction of Information – Rectify inaccurate or incomplete data
• Object to Processing – Restrict processing in certain circumstances
• Withdraw Consent – Stop receiving direct marketing communications
• Request Data Deletion – Where no legal obligation requires retention
• Lodge a Complaint – Report non-compliance to the Information Regulator

To exercise these rights, please contact us at info@topexecutive.co.za

6. Data Security and Protection Measures

We have implemented technical, organisational, and administrative safeguards to protect personal data against loss, misuse, or unauthorised access. These include:

• Encryption & Secure Data Storage – Personal data is encrypted and stored in secure environments
• Access Controls – Limited access granted only to authorised personnel
• Regular Security Audits – Routine risk assessments and compliance checks
• Third-Party Compliance – Service providers processing data on our behalf are bound by strict data protection agreements

7. Data Sharing and Third-Party Processors

We may share personal data only when necessary with:

• Business partners & sponsors (for event-related networking opportunities)
• Third-party service providers (such as payment processors and IT vendors)
• Regulatory authorities (when required by law)

All third parties handling personal data on our behalf are contractually bound to comply with POPIA.

8. Cross-Border Data Transfers

If personal data is transferred outside South Africa, we ensure that:

• The receiving country has adequate data protection laws, or
• The recipient agrees to binding contractual safeguards, or
• The individual provides explicit consent for the transfer

We prioritise keeping data within South Africa unless necessary for global partnerships.

9. Data Retention Policy

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected.

• Membership and event data – Retained for the duration of active engagement and a limited period thereafter.
• Financial records – Retained for statutory periods as required by law.
• Marketing data – Stored until the individual unsubscribes or withdraws consent.

Once data is no longer needed, it is securely deleted or anonymised.

10. Direct Marketing & Communications

We respect the preferences of our members and comply with Section 69 of POPIA regarding direct marketing:

• Members may opt-in to receive marketing communications.
• Every marketing email includes an unsubscribe option.
• We do not send unsolicited communications without prior consent.

To manage your communication preferences, contact info@topexecutive.co.za

11. Breach Notification Process

In the event of a data breach, we will:

• Assess the Impact – Determine the extent of unauthorised access or loss
• Notify the Information Regulator – As required by Section 22 of POPIA
• Inform Affected Individuals – Provide prompt communication to impacted members
• Take Immediate Action – Secure data, mitigate risks, and implement corrective measures

12. Information Regulator – Complaints & Contact

If you believe we are not complying with POPIA, you have the right to lodge a complaint with the Information Regulator of South Africa:

• Information Regulator (South Africa)
• Website: https://www.inforegulator.org.za
• Email: complaints.IR@justice.gov.za

Alternatively, you may contact Top Executive’s Data Protection Officer at [Insert Contact Email] for resolution before escalating to the regulator.

13. Updates to This POPIA Compliance Statement

We may update this statement from time to time to reflect regulatory changes or business operations. All updates will be communicated via our website and email notifications.

By engaging with Top Executive, you acknowledge that you have read and understood this statement and consent to the lawful processing of your personal data as outlined.

For any privacy-related inquiries, contact us at info@topexecutive.co.za