POPIA Compliance Statement
Last updated: 9 July 2026
The Protection of Personal Information Act, 4 of 2013 (POPIA) is South Africa's data protection law, regulated by the Information Regulator (South Africa). Noko Mohoto Technologies (Pty) Ltd approaches its own operations, and the systems it builds for clients, with POPIA's conditions for lawful processing in mind.
Our own processing
Personal information submitted through this website (such as contact form enquiries) is collected for a specific, explicit purpose: responding to your enquiry and planning any resulting engagement. We collect only what we need, we do not sell personal information, and we retain it only as long as necessary.
Systems we build for clients
Client systems are planned with POPIA awareness from the start, including:
- Purpose-specific data collection rather than open-ended capture
- Role-based access so personal information is only visible to authorised users
- Secure authentication and protected admin access
- Retention planning so records are not kept indefinitely by default
- Audit trails where required, so access and changes can be reviewed
- Support for data subject requests (access, correction, deletion) where the system holds personal information
Responsible wording
POPIA compliance is an organisational responsibility that depends on how a business operates, not only on its software. We build systems that support compliance and we plan with POPIA in mind, but each client remains the responsible party for its own processing activities. Where required, we can help plan system-specific privacy notices, consent flows, retention rules, and documentation.
More information about POPIA is available from the Information Regulator (South Africa) at inforegulator.org.za.
Contact
Questions about this policy: sales@nokomohoto.com or +27 (79) 113-4590.

