Integrity for All
What is Gwirio offering?
Gwirio is a company that provides software services to protect individuals and businesses. We provide compliance and risk management services to companies that are focused on communication and informed consent.
Frequently Asked Questions
Am I a Responsible Party?
You are a Responsible Party if you store and process any of the following types of information :
- Customer information
- Employee information
- Partner information
- Shareholder information
If you collect, store and process any of the above information, Gwirio can help you in a cost effective and continuous compliance process.
What services does Gwirio provide?
Gwirio supports Companies (Responsible Parties) in complying with privacy legislation through:
- Managed communication with Data Subjects
- Certifying consent or legitimate rights on personal information
- Data integrity
- Validation of data points (cross-industry)
- Channel for updating Data Subjects and Government departments
- Preventing fraud
- Following set regulatory processes
- Information Officer Assistance
- Alerts and notifications
- Compliance reports
What is POPIA?
POPIA is the acronym for “the Protection of Personal Information Act, 2013” This is the South African law for the protection of people and their information.
Do I need to comply to POPIA?
Yes, each Responsible Party must comply. Failure to comply may attract severe penalties.
Why is compliance important?
It safeguards customers and companies against fraud and abuse. It is most important that everyone complies to drive a safe and thriving digital economy.
Will Gwirio ensure complete compliance with privacy legislation
Unfortunately – No.
Gwirio forms part of a compliance program that each Responsible Party need to develop and deploy in their organisation.
Gwirio closes the loop on processes and provides actionable data and reports to show positive actions towards compliance.
For a small company we can provide a fairly complete solution. Larger organisations will require additional integration and policies.
Am I a Data Subject?
The answer is yes. We are all Data Subjects and the protection of our personal information is extremely important.
Under POPIA, companies are also Data Subjects as they have sensitive information that can be collected, stored and processed.
I am not a South African citizen, am I also protected under POPIA?
Yes. All personal information provided, processed, and stored in and by South African companies are under the POPI act.
Do I need to register on Gwirio as a Data Subject?
You can still verify data used by Data Owners via the links sent to your mobile phone. However, you will not be able to get a comprehensive view of your data in the market or query Data Owners at a later stage.
What are the benefits of registering with Gwirio as a Data Subject?
It is a free service for Data Subjects that gives you access to the portal to:
- View company notifications from companies regarding your data
- View active and expired records of s companies that have your data
- Query the data used by the Responsible Party
- Confirmation that your data will be automatically deleted after a specified time
- Log complaints directly with the Responsible Party
- Report abuse of your data on our platform and track responses
- Manage your Dependents’ data
What is a certificate?
Gwirio creates a specific data record on a blockchain for each relationship between Data Subjects (i.e. You) and Data Owners (Companies delivering a services to you). This is called a data certificate. To create this certificate we verify the parties, the data held by the Data Owners, the purpose for which it is held and when the right to hold must be renewed or removed.
We enable you to query certificates, revoke access or cancel certificates.
Is Gwirio keeping my personal information?
For registered users we only keep your basic contact details. Our certificates do not contain personal information and only record meta-data – i.e. “Address” and not “174 Milky Lane”
We do not store non-registered Data Subject information. All information used to create the certificate is removed after the certificate is created.
What does it costs? and is my Information the "product?"
The service is free of charge to people (Data Subjects.) Companies (Responsible Parties) pay R350 per month for this service to ensure that they are in compliance with privacy laws and to protect them and their customers from abuse.
Is my information safe?
Gwirio only stores basic identifying data points for registered users – i.e. your name, ID number and contact details. Gwirio will never ask for any other personal records, passwords or transactional information.
Our service is based on meta-data held by a company (Responsible Party)– i.e. “Name and Surname” versus “John Doe” and we do not process any personal information.
Can I remove my Information from Gwirio?
Yes, you can.
We will erase your data from our platform upon request. However, the data from the Responsible Parties you consented to will not be removed. You may still receive notifications from Gwirio on behalf of other Responsible Parties that utilises our service. Once unsubscribed, Gwirio will not be able to assist in managing access to your information or provide information update services.
Can I report abuse?
Yes, if you are a registered user on our system.