Data Protection
We take your data seriously!
Listed below are our commitments to ensuring your data stays safe, as applied to the relevant South African data protection and information security acts.
Protection of personal information Act (POPI)
BoardCloud undertakes to process any and all data in accordance with the law:
- Including but not limited to the provisions imposed by the Protection of Personal Information Act, the Promotion of Access to Information Act, the Cybercrimes and Cybersecurity Act, the Interception of Communications Act, and any lawful terms imposed by a contract of service.
- BoardCloud commits itself to ensure that its employees do not process any data unlawfully through the use and enforcement of an extensive data compliance program
- BoardCloud undertakes to only access personal information that has been lawfully collected
- BoardCloud will not use data that has been unlawfully accessed by another party
- BoardCloud will not store data that has been acquired unlawfully by another party unless that data is evidence of a cybercrime
- BoardCloud commits itself to assist law enforcement officials in discovering and prosecuting cybercrimes by reporting such crimes and by storing any evidence relating thereto.
Promotion of access to information Act (PAIA)
BoardCloud commits itself to provide access to any information where:
- That information is necessary to exercise or protect any rights
- Noting that the information requested must be reasonably required to be accessed for the purpose of exercising or protecting such rights
- The information is requested in compliance with the procedural requirements imposed by the Promotion of Access to Information Act
- BoardCloud retains the right to refuse any request for access to information not made in compliance with the Act
Interception of electronic communications Act
BoardCloud will only monitor or intercept data for the purpose of:
- Establishing the existence of facts
- Securing the necessary components or system inherent to BoardCloud, or the components necessary for the completion of a transaction or service imposed by contract in which BoardCloud is the service provider.
 Cybercrimes and cyber-security Bill
- BoardCloud ensures that none of the tools offered by BoardCloud, including the BoardCloud suite, can be used as a tool to commit cybercrime.
- BoardCloud will not unlawfully monitor or intercept any data
BoardCloud will only monitor or intercept data where:
- BoardCloud is a party to the communication, or where the participants of that communication consent to such communication being monitored or intercepted including but not limited to being recorded
- BoardCloud acquires written consent from any party to monitor or intercept such communication
- BoardCloud needs to intercept or monitor such data in the course of carrying on of business, and or in the completion of a transaction