Legal

POPIA Compliance Policy

Protection of Personal Information Act 4 of 2013 — our commitment to your data rights.

1. About POPIA

The Protection of Personal Information Act 4 of 2013 (POPIA) is South Africa's primary data protection legislation. It regulates how organisations collect, store, use and share the personal information of South African citizens. Fitness with Coach Kokla is committed to full compliance with POPIA.

2. Our Information Officer

In accordance with POPIA, we have appointed an Information Officer who is responsible for ensuring compliance with this Act and handling data subject requests.

3. Personal Information We Process

As a healthcare and wellness facility, we process:

  • General personal information (names, contact details, ID numbers)
  • Special personal information including health and medical data
  • Financial information for billing purposes
  • Communication records

Special personal information (such as health data) is processed only with your explicit consent and solely for the purpose of delivering our healthcare and wellness services.

4. Conditions for Lawful Processing

We process personal information only when:

  • You have given explicit consent
  • Processing is necessary to perform a contract with you
  • Processing is required by law (e.g. healthcare record-keeping obligations)
  • Processing protects your legitimate interests or vital interests
  • Processing is in our legitimate business interests, balanced against your rights

5. Your Rights Under POPIA

As a data subject, you have the following rights:

  • Right to be notified when your personal information is being collected
  • Right of access to request a record of personal information we hold about you
  • Right to correction or deletion of inaccurate, irrelevant or excessive information
  • Right to object to processing of your personal information
  • Right to complain to the Information Regulator of South Africa
  • Right not to be subject to automated decision-making

6. How to Exercise Your Rights

To exercise any of your rights, please submit a written request to our Information Officer at privacy@coachkokla.co.za. We will respond within 30 days of receiving your request. We may need to verify your identity before processing your request.

7. Security Safeguards

We maintain appropriate technical and organisational measures to prevent loss, damage, or unauthorised destruction of or access to personal information. These include access controls, data encryption, staff training and secure storage of physical records.

8. Retention and Destruction

We retain personal information only for as long as necessary for the purpose for which it was collected, or as required by applicable legislation (including the National Health Act and other healthcare regulations). Once no longer needed, records are securely destroyed or de-identified.

9. Transborder Flows

We do not transfer personal information outside of South Africa except where necessary for service delivery and where adequate data protection measures are in place in the recipient country, in accordance with Section 72 of POPIA.

10. Complaints to the Information Regulator

If you believe we have processed your personal information unlawfully, you have the right to lodge a complaint with the Information Regulator of South Africa: