Integrity for All
What is Gwirio offering?
Frequently Asked Questions
What is POPIA?
POPIA is the acronym for “the Protection of Personal Information Act, 2013” This is the South African law for the protection of people and their information.
Am I a Responsible Party?
You are a Responsible Party if you store and process any of the following types of information :
- Customer information
- Employee information
- Partner information
- Shareholder information
Gwirio help with a process, notification and reports to help with your continuous compliance process.
Do I need to comply to POPIA?
Yes, each Responsible Party must comply. Failure to comply may attract severe penalties.
We provide a 4 step process to help guide Companies on their compliance journey.
What services does Gwirio provide?
Gwirio help Companies to comply with privacy legislation. We provide:
- A compliance framework to help track and identify information elements.
- Managed communication with Data Subjects to verify and record onsent or legitimate interests.
- Validation on data points
- A channel for updating information from Data Subjects
- New channels to address and reduce fraud
Why is compliance important?
Our privacy is incredibly valuable, even beyond reducing Tele-marketing calls. We should be protected from abuse, and that is what the legislation is driving.
Will Gwirio ensure complete compliance with privacy legislation
Unfortunately – No.
Gwirio forms part of a compliance program that each Company need to develop and deploy in their organisation. We do make it a lot easier with our framework and certification actions.
We also close the loop on information processes and provides actionable data and reports to show progress on your compliance journey.
Please contact us for a demo.
Am I a Data Subject?
The answer is yes. We are all Data Subjects and the protection of our personal information is extremely important.
Under POPIA, companies are also Data Subjects as they have sensitive information that can be collected, stored and processed.
I am not a South African citizen, am I also protected under POPIA?
Yes. All personal information provided, processed, and stored in and by South African companies are under the POPI act.
Do I need to register on Gwirio as a Data Subject?
No. You can still verify data used by Companies via the links sent to your mobile phone.
However, you will not be able to get the benefits from registering on our portal. This provides a comprehensive view of your data in the market, allow for queries and revoke request.
What are the benefits of registering with Gwirio as a Data Subject?
It is a free service for Data Subjects that gives you access to the portal to:
- View company notifications from companies regarding your data
- View active and expired records of s companies that have your data
- Query the data used by the Responsible Party
- Confirmation that your data will be automatically deleted after a specified time
- Log complaints directly with the Responsible Party
- Report abuse of your data on our platform and track responses
- Manage your Dependents’ data
What is a certificate?
Gwirio creates a specific data record on a blockchain for each relationship between Data Subjects (i.e. You) and Data Owners (Companies delivering a services to you). This is called a data certificate. To create this certificate we verify the parties, the data held by the Data Owners, the purpose for which it is held and when the right to hold must be renewed or removed.
We enable you to query certificates, revoke access or cancel certificates.
Is Gwirio keeping my personal information?
For registered users we only keep your basic contact details. Our certificates do not contain personal information and only record meta-data – i.e. “Address” and not “174 Milky Lane”
We do not store non-registered Data Subject information. All information used to create the certificate is removed after the certificate is created.
What does it costs? and is my Information the "product?"
The service is free of charge to people (Data Subjects.) Companies (Responsible Parties) pay R350 per month for this service to ensure that they are in compliance with privacy laws and to protect them and their customers from abuse.
Is my information safe?
Gwirio only stores basic identifying data points for registered users – i.e. your name, ID number and contact details. Gwirio will never ask for any other personal records, passwords or transactional information.
Our service is based on meta-data held by a company (Responsible Party)– i.e. “Name and Surname” versus “John Doe” and we do not process any personal information.
Can I remove my Information from Gwirio?
Yes, you can.
We hold a very limited data set and will erase your data from our platform upon request.
However, the data from the Responsible Parties (Companies) that you have consented to will not be removed. You may still receive notifications from Gwirio on behalf of other Responsible Parties that utilises our service. Once unsubscribed, Gwirio will not be able to assist in managing access to your information or provide information update services.
Can I report abuse?
Yes, if you are a registered user on our system.