Claims Made Easy
Compliance

POPIA Compliance

Claims Made Easy is fully compliant with South Africa's Protection of Personal Information Act (POPIA). Here's exactly what that means for you and your clients.

Last Updated: 1 April 2025

What is POPIA and Why Does It Matter?

The Protection of Personal Information Act (POPIA) is South Africa's data privacy law. It came into full effect on 1 July 2021 and governs how organisations collect, store, use, and share personal information.

For insurance brokers, POPIA is especially important — you handle some of the most sensitive personal information that exists: your clients' financial details, home addresses, vehicle information, and incident descriptions. Getting this wrong carries significant legal and reputational risk.

Claims Made Easy was built from the ground up to be POPIA compliant — so that you and your clients can use the platform with confidence.

Our Information Officer

Claims Made Easy has appointed a designated Information Officer as required by POPIA.

Name

Vicky Pingo

Role

Information Officer

Email

info@claimsmadeeasy.co.za

Phone

+27 68 636 6509

Our Information Officer is responsible for ensuring that Claims Made Easy complies with POPIA at all times and is your first point of contact for any data privacy concerns.

The 8 POPIA Conditions — How We Meet Each One

1

Accountability

We take full responsibility for the personal information in our care. Our Information Officer oversees all data processing activities and ensures ongoing compliance.

2

Processing Limitation

We only collect and process personal information that is necessary for the purpose it was collected for. We do not collect more than we need.

3

Purpose Specification

We collect personal information for specific, defined purposes — primarily to facilitate insurance claim management. We do not use your data for any other purpose without your explicit consent.

4

Further Processing Limitation

Personal information collected for one purpose is not used for a different, incompatible purpose without consent. Claim data collected to process an insurance claim is not used for marketing or any other purpose.

5

Information Quality

We take reasonable steps to ensure that the personal information we hold is accurate, complete, and up to date. Brokers and clients can update their personal information at any time through the platform.

6

Openness

We are transparent about what information we collect and how we use it. This is documented in our Privacy Policy, which is publicly available on our website.

7

Security Safeguards

We implement appropriate technical and organisational measures to protect personal information.

  • 256-bit SSL encryption for all data in transit
  • AES-256 encryption for all data at rest
  • Row-Level Security — each brokerage's data is completely isolated from all others
  • Access controls — only authorised staff can access personal information
  • Regular security audits and vulnerability assessments
  • All data stored on South African servers
8

Data Subject Participation

Data subjects have the right to access, correct, and delete their personal information. Requests can be directed to info@claimsmadeeasy.co.za and will be responded to within 30 days.

Your Responsibilities as a Broker

When you use Claims Made Easy to process your clients' personal information, you become a "responsible party" under POPIA. This means you are responsible for:

  • Informing your clients that their personal information is being processed through Claims Made Easy
  • Obtaining appropriate consent from clients before adding them to the platform
  • Handling client requests to access, correct, or delete their personal information
  • Ensuring your own use of the platform complies with POPIA

We make this easy by providing you with:

  • A POPIA-compliant data processing agreement (on request)
  • Client privacy notices for your clients
  • Tools to export or delete client data on request

Data Breach Response

In the event of a data breach that poses a material risk to personal information, we will:

  • Contain and investigate the breach immediately
  • Notify the Information Regulator within 72 hours
  • Notify all affected brokers and clients without delay
  • Provide a full written incident report
  • Implement remediation measures to prevent recurrence

We maintain a breach response plan and conduct regular security assessments to minimise the risk of incidents.

Lodge a Complaint

If you believe your POPIA rights have been violated, you may:

  1. 1

    Contact our Information Officer first: info@claimsmadeeasy.co.za

  2. 2

    If unresolved, contact the Information Regulator of South Africa:

    • Website: www.inforegulator.org.za
    • Email: inforeg@justice.gov.za
    • Complaints: complaints.IR@justice.gov.za
    • Phone: 010 023 5200
SA Data Hosting
256-bit Encryption
Data Isolation
Designated Info Officer

Questions About Our Compliance?

Our Information Officer is happy to answer any questions about how we handle your data or your clients' data. Just get in touch.

info@claimsmadeeasy.co.za