GDPR vs. POPIA Guide


The Guide provides a comparative overview of the differences and similarities between the European Union’s data protection law – the General Data Protection Regulation (EU) 2016/679 (GDPR) and South Africa’s Protection of Personal Information Act 4 of 2013 (POPIA).  If you are an organisation that may be required to comply with both the GDPR and POPIA this Guide provides a high-level overview of what the fundamental differences and similarities between the two laws and covers:

  1. When is compliance with the GDPR and/or POPIA required?
  2. What types of processing are covered/exempted?
  3. Key data protection concepts and how each concept is addressed under POPIA and the GDPR
  4. Recommended guidance steps and how each step is treated under each law