POPIA > SECTION 36 > General
- Processing of personal information is not in breach of a condition for the processing of such information if the—
POPIA > SECTION 37 > Regulator may exempt processing of personal information
- The Regulator may, by notice in the Gazette, grant an exemption to a responsible party to process personal information, even if that processing is in breach of a condition for the processing of such information, or any measure that gives effect to such condition, if the Regulator is satisfied that, in the circumstances of the case—
- the public interest in the processing outweighs, to a substantial degree, any interference with the privacy of the data subject that could result from such processing; or
- the processing involves a clear benefit to the data subject or a third party that outweighs, to a substantial degree, any interference with the privacy of the data subject or third party that could result from such processing.
- The public interest referred to in subsection (1) includes—
- the interests of national security;
- the prevention, detection and prosecution of offences;
- important economic and financial interests of a public body;
- fostering compliance with legal provisions established in the interests referred to under paragraphs (b) and (c);
- historical, statistical or research activity; or
- the special importance of the interest in freedom of expression.
- The Regulator may impose reasonable conditions in respect of any exemption granted under subsection (1).
POPIA > SECTION 38 > Exemption in respect of certain functions
- Personal information processed for the purpose of discharging a relevant function is exempt from sections 11(3) and (4), 12, 15 and 18 in any case to the extent to which the application of those provisions to the personal information would be likely to prejudice the proper discharge of that function.
- ‘‘Relevant function’’ for purposes of subsection (1), means any function—
- of a public body; or
- conferred on any person in terms of the law,
- which is performed with the view to protecting members of the public against
- financial loss due to dishonesty, malpractice or other seriously improper conduct by, or the unfitness or incompetence of, persons concerned in the provision of banking, insurance, investment or other financial services or in the management of bodies corporate; or
- dishonesty, malpractice or other seriously improper conduct by, or the unfitness or incompetence of, persons authorised to carry on any profession or other activity.
Protection of Personal Information Act (POPI Act) or POPIA South Africa | POPI Act Compliance | Information Regulator | Chapters | Sections | POPI Act Compliance Plan | POPIA Chapters 1-12 | POPIA Sections 1 – 115 | POPI Act Documents