POPIA Compliance Policy
Effective date: 1 May 2026 · GloWorm Guard (Pty) Ltd
The Protection of Personal Information Act 4 of 2013 ("POPIA") regulates the processing of personal information in South Africa. This policy sets out how GloWorm Guard (Pty) Ltd fulfils its obligations as a Responsible Party under POPIA.
1. Responsible Party and Information Officer
GloWorm Guard (Pty) Ltd is the Responsible Party as defined in POPIA. Our Information Officer can be contacted at: info@gloworm.co.za.
2. The Eight Conditions for Lawful Processing
We process personal information in accordance with all eight conditions prescribed by POPIA:
2.1 Accountability
GloWorm Guard (Pty) Ltd accepts full responsibility for ensuring that all processing activities comply with POPIA. We maintain internal records of processing activities and appoint a designated Information Officer responsible for overseeing compliance.
2.2 Processing Limitation
We collect only the personal information that is adequate, relevant, and not excessive for the specific purpose for which it is collected. We obtain personal information directly from the data subject wherever reasonably possible.
2.3 Purpose Specification
Personal information is collected for specific, explicitly defined, and lawful purposes related to the provision of the GloWorm Guard Service. We do not process personal information in a manner incompatible with those stated purposes.
2.4 Further Processing Limitation
We do not process personal information for secondary purposes unless those purposes are compatible with the original purpose of collection, the data subject has provided explicit consent, or processing is required or permitted by law.
2.5 Information Quality
We take reasonable steps to ensure that personal information held by us is complete, accurate, not misleading, and updated where necessary. You may update your Account information at any time via the Account settings page. You may also contact us to correct inaccurate information we hold about you.
2.6 Openness
We notify data subjects of the purpose of collection, the categories of information collected, the identity of third parties who may receive their information, and the rights available to them. This POPIA Policy and our Privacy Policy together constitute our notification in terms of sections 18 and 69 of POPIA.
2.7 Security Safeguards
We implement appropriate, reasonable technical and organisational security measures to prevent loss, damage, unauthorised destruction, or unlawful access to personal information. These measures include TLS encryption, hashed credentials, role-based access control, audit logging, and regular security assessments. In the event of a security compromise, we will notify the Information Regulator and affected data subjects as required by POPIA.
2.8 Data Subject Participation
Data subjects may, upon verified request, be informed of what personal information we hold about them, request corrections, or request deletion of their personal information. Such requests must be submitted to info@gloworm.co.za. We will acknowledge your request within 5 business days and resolve it within 30 calendar days.
3. Special Personal Information
We do not intentionally collect special personal information (as defined in section 26 of POPIA), such as information relating to a data subject's health, religion, race, political beliefs, or criminal record. If any such information is incidentally included in communications to us, it will not be used and will be deleted.
4. Children's Personal Information
Where the Service processes personal information relating to children (persons under the age of 18) — such as DNS query logs associated with a child's device — such processing occurs solely under the direction and on the authority of the parent or guardian who holds the Account. We process this information exclusively to provide the requested parental-control functionality and do not use it for profiling, advertising, or any other purpose. We do not allow children to create Accounts.
5. Direct Marketing
We will only send direct marketing communications to you if you have opted in. You may withdraw consent and unsubscribe at any time by using the unsubscribe link in any marketing email or by emailing info@gloworm.co.za. Withdrawal of consent does not affect the lawfulness of prior processing.
6. Transborder Information Flows
Where personal information is transferred outside the Republic of South Africa, we ensure that the recipient country or organisation provides an adequate level of protection for personal information comparable to POPIA, or we obtain the data subject's consent, in accordance with section 72 of POPIA.
7. Data Breach Response
In the event of a security breach involving personal information, we will:
- Immediately investigate and contain the breach;
- Notify the Information Regulator of South Africa within 72 hours of becoming aware of the breach;
- Notify affected data subjects as soon as reasonably possible;
- Document the breach, its impact, and the corrective actions taken.
8. Information Regulator of South Africa
Complaints about our handling of your personal information may be directed to the Information Regulator of South Africa:
- Website: www.justice.gov.za/inforeg
- Email: info@gloworm.co.za
- Telephone: 010 023 5207
9. Contact Our Information Officer
To exercise your POPIA rights or to lodge a complaint with us directly, please contact our Information Officer at info@gloworm.co.za.
GloWorm Guard (Pty) Ltd — www.gloworm.co.za — info@gloworm.co.za
Effective date: 1 May 2026 · All rights reserved.