POPIA Compliance
Claims Made Easy is fully compliant with South Africa's Protection of Personal Information Act (POPIA). Here's exactly what that means for you and your clients.
Last Updated: 1 April 2025
What is POPIA and Why Does It Matter?
The Protection of Personal Information Act (POPIA) is South Africa's data privacy law. It came into full effect on 1 July 2021 and governs how organisations collect, store, use, and share personal information.
For insurance brokers, POPIA is especially important — you handle some of the most sensitive personal information that exists: your clients' financial details, home addresses, vehicle information, and incident descriptions. Getting this wrong carries significant legal and reputational risk.
Claims Made Easy was built from the ground up to be POPIA compliant — so that you and your clients can use the platform with confidence.
Our Information Officer
Claims Made Easy has appointed a designated Information Officer as required by POPIA.
Name
Vicky Pingo
Role
Information Officer
info@claimsmadeeasy.co.za
Phone
+27 68 636 6509
Our Information Officer is responsible for ensuring that Claims Made Easy complies with POPIA at all times and is your first point of contact for any data privacy concerns.
The 8 POPIA Conditions — How We Meet Each One
Accountability
We take full responsibility for the personal information in our care. Our Information Officer oversees all data processing activities and ensures ongoing compliance.
Processing Limitation
We only collect and process personal information that is necessary for the purpose it was collected for. We do not collect more than we need.
Purpose Specification
We collect personal information for specific, defined purposes — primarily to facilitate insurance claim management. We do not use your data for any other purpose without your explicit consent.
Further Processing Limitation
Personal information collected for one purpose is not used for a different, incompatible purpose without consent. Claim data collected to process an insurance claim is not used for marketing or any other purpose.
Information Quality
We take reasonable steps to ensure that the personal information we hold is accurate, complete, and up to date. Brokers and clients can update their personal information at any time through the platform.
Openness
We are transparent about what information we collect and how we use it. This is documented in our Privacy Policy, which is publicly available on our website.
Security Safeguards
We implement appropriate technical and organisational measures to protect personal information.
- 256-bit SSL encryption for all data in transit
- AES-256 encryption for all data at rest
- Row-Level Security — each brokerage's data is completely isolated from all others
- Access controls — only authorised staff can access personal information
- Regular security audits and vulnerability assessments
- All data stored on South African servers
Data Subject Participation
Data subjects have the right to access, correct, and delete their personal information. Requests can be directed to info@claimsmadeeasy.co.za and will be responded to within 30 days.
Your Responsibilities as a Broker
When you use Claims Made Easy to process your clients' personal information, you become a "responsible party" under POPIA. This means you are responsible for:
- Informing your clients that their personal information is being processed through Claims Made Easy
- Obtaining appropriate consent from clients before adding them to the platform
- Handling client requests to access, correct, or delete their personal information
- Ensuring your own use of the platform complies with POPIA
We make this easy by providing you with:
- A POPIA-compliant data processing agreement (on request)
- Client privacy notices for your clients
- Tools to export or delete client data on request
Data Breach Response
In the event of a data breach that poses a material risk to personal information, we will:
- Contain and investigate the breach immediately
- Notify the Information Regulator within 72 hours
- Notify all affected brokers and clients without delay
- Provide a full written incident report
- Implement remediation measures to prevent recurrence
We maintain a breach response plan and conduct regular security assessments to minimise the risk of incidents.
Lodge a Complaint
If you believe your POPIA rights have been violated, you may:
- 1
Contact our Information Officer first: info@claimsmadeeasy.co.za
- 2
If unresolved, contact the Information Regulator of South Africa:
- Website: www.inforegulator.org.za
- Email: inforeg@justice.gov.za
- Complaints: complaints.IR@justice.gov.za
- Phone: 010 023 5200
Questions About Our Compliance?
Our Information Officer is happy to answer any questions about how we handle your data or your clients' data. Just get in touch.
info@claimsmadeeasy.co.za
