The Protection of Personal Information Act (POPIA) sets out the requirements for lawful processing of personal information. Section 11 of POPIA allows a scheme to process personal information of the members and/or residents as long as it is about the governance of the scheme.

In the context of community schemes, a member of a scheme is deemed to have consented to his or her personal information being stored and/or shared with the relevant parties by the Board of Trustees or any governance structure of a scheme for the purposes of managing the affairs of the scheme. However, the processing of information must only be limited to the management of the scheme, such as the collection of levies, compliance with scheme rules, maintenance, and security of the scheme.

Each scheme must develop its own POPIA manual to be adopted by the Body Corporate at an annual or Special General Meeting, setting out conditions for accessing and dissemination of information. The manual must be developed within six months of the coming into effect of the directive, i.e. by no later than 11 May 2023.

Subscribe to our newsletter using the form below to download the CSOS Practice Directive on POPIA: