You are currently viewing POPIA Compliance for Websites

POPIA Compliance for Websites

The Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR) have a significant impact on websites and other digital platforms like social media, email marketing and e-commerce activities.

As of 1 July 2021, your website needs to be compliant with the above mentioned.

POPIA and GDPR are data privacy laws that ensure protection of collection of data to all visitors visiting a website, whether or not subscription based applications / plugins are used on the website.

Without consent, they cannot share this information with their marketing team as these regulations have been designed to protect people against data breaches. To avoid massive fines and lawsuits, businesses need to comply by informing users about the data that their website collects.

Disclaimers of the above mentioned need to outlined on the website.

Key areas that should be considered for these acts:

  • Businesses / Websites must EXPLICITLY disclose collection of data
  • Outline why, how and where data is stored

More importantly, they need to review all data collection points on their website. This could include the registration page, IP addresses, a checkout page and other analytics. It is critical to cover all these areas and to obtain consent to collect information.


We use WordPress as the core to all our website design, in so saying WordPress covers, within the core certain data collection points. An Upgrade of the WordPress core may be needed in order to become properly compliant with all features activated.


Woocommerce collects data such as shipping address, names, surnames and possibly payment details.

Contact Forms:

This is relevant to all websites that have contact forms. The visitor needs to be informed that data is stored in a database on the server, where the website is hosted. The visitor would need to consent to this information being processed on the contact form. This is not the Recaptcha. A tick box on said form would suffice that the visitor has accepted terms.


Cookies needs to be enabled on all websites.


Via email, a business needs to update all clients regarding updates to policies.

Online Payments:

eCommerce websites would collect personal details BEFORE passing it onto the payment gateway. If you have an eCommerce website, regulations require these details to be removed from the website after a certain period.


Third party plugins, like Google Analytics and Adwords need to be managed correctly and needs to anonymise the data before storage and processing. Plugins can be used to do this due to the complexity of this.

Compliance reassures visitors, they are likely to share personal information when they understand how your will use their information. Adding compliance policies will certainly benefit your business, it will prevent future data breaches and protect personal and company information.

It will also ensure that visitors’ personal information is not compromised.


To view the Privacy Policy of Webbed Web Services – 
Click Here

Leave a Reply