Audit your Business

To determine to what extent a business processes personal information lawfully, from both a legal and technical perspective.

VDT Attorneys offers a legal audit

Technical Audit

Privacy by Design

See how our solutions can help companies keep up-to-date with data privacy compliance with our data protection & security tools and platforms through our Tech Partners, building of combined data privacy solutions.

When it comes to privacy related compliance, there is often uncertainty about who takes responsibility for what. It’s crucial that from the outset the roles for internal compliance, IT, HCM and legal are clarified, with specific individuals being held accountable for implementation of their parts of the project.

Our Trusted Technical Partners

Get in touch if you need us to audit your Business

A data protection gap analysis serves to audit the extent of your business’ compliance with POPIA and other necessary data protection laws (e.g. the General Data Protection Regulation (GDPR)), and helps identify and prioritise the areas that it may need to urgently address.

Some of the key areas a POPIA gap analysis may cover include:


A review of a business’ legal agreements and policies against the standards for lawful processing


A review of a business’ IT processing systems, security and reporting operations, against the standards required for lawful processing


A review of how the business’s personnel handle personal data on a day-to-day basis and the extent of compliance with lawful processing requirements


Identifying the risks of third party service provider relationships that the business may have

Not sure where to start?

Compliance with POPIA is no tick-box exercise but having a place to start helps. Fill out our quick questionnaire to help you.

Frequently Asked Questions

Learn How it Works

Can you audit us to make sure we are compliant?

We have already commenced with a POPIA / data privacy project and need help auditing our current suite of legal documents or tech systems to make sure we are still compliant?

Refer to our full range of service offerings and feel free to contact us to schedule a consult. We are here to help and discuss your needs.

I don’t know if the POPIPack is for me?

If you are not sure whether one of our POPIPack’s will suit you we recommend subscribing to our generic pack, working your way through the documents and then contacting us if you require our assistance in customising same and if necessary. Alternatively, consider attending our Information Knowledge Session or purchasing the pre-recorded version thereof. This session has been designed to gear you up for understanding what POPIA is and how you need to approach a data protection compliance project. If you are still not sure see our full range of service offerings and feel free to contact us to schedule a consult. We are here to help  and discuss your needs.

What is the POPIpack?

The POPIPack includes a generic set of legal data protection documents which, considering the sector your organisation may be regulated by, aims to deliver a POPIA compliance kick-start for the organisation.

The core minimum documents included in our different Packs are geared to help your organisation address its POPIA compliance from a legal documents standpoint. No matter the Pack or, if preferred, if separate legal documents are bought, every document has been carefully considered and drafted by legal professionals and is geared to provide the core minimum legal agreements which we believe every organisation shall need to at least, consider putting in place when it comes to their POPIA compliance project and no matter whether you are only getting started or reviewing what is presently in place.

Do you offer individual legal documents?

Yes, refer to our products page where our single legal product solutions are available for viewing and purchasing.

Does my organisation need to comply with POPIA?

If your organisation requests, collects, stores, deletes, uses or otherwise processes personal information you will need to comply with POPIA.

What are the penalties for non-compliances?

Up to 10 years imprisonment (per infringement) or R10 million fine (per infringement). This does not take into account any further reputational damage or court action which may ensue from a failure to comply.