Easy2Swim Header - Fixed Mobile Assessment Button
💬 WhatsApp Free Assessment
POPIA Data Protection Policy - Easy2Swim

POPIA (Data Protection) Policy

Issue Date: 15 October 2025 | Review Date: 15 October 2026

POPIA Compliant

1. Purpose

This policy outlines how Easy2Swim Swimming Academy collects, processes, stores, shares, and protects personal information in compliance with the Protection of Personal Information Act (POPIA) of South Africa.

It ensures that all personal data belonging to learners, parents, employees, and contractors is handled lawfully, securely, and transparently.

2. Scope

This policy applies to:

  • All Easy2Swim staff, contractors, and volunteers
  • All learners and parents or guardians who provide personal information
  • Any third-party service providers (e.g. Brevo, Google Drive, WordPress) who process data on behalf of Easy2Swim

3. Definitions

Personal Information: Any information that can identify an individual (e.g. names, contact details, ID numbers, health or payment data)
Data Subject: A natural person whose personal information is processed
Processing: Any operation performed on personal data, including collection, storage, or sharing
Responsible Party: Easy2Swim Swimming Academy, which determines the purpose and means of processing information
Information Officer: Zandri Stiff, who oversees compliance with this policy and POPIA

4. Policy Statement

Easy2Swim Swimming Academy is committed to:

  • Processing personal information lawfully and fairly
  • Collecting only information necessary for legitimate operational, educational, or legal purposes
  • Maintaining accurate and up-to-date records
  • Storing all data securely to prevent loss, unauthorised access, or misuse
  • Providing clear communication about how information is used

5. Types of Information Collected

We may collect and store:

  • Learner Information: Name, age, date of birth, medical details, progress records
  • Parent/Guardian Information: Names, contact details, billing information
  • Employee Information: Qualifications, police clearance certificates, contracts, payroll data
  • Marketing Information: Email addresses and preferences for newsletters or updates (with consent)

6. Purpose of Collection

Personal information is collected to:

  • Enrol learners in swimming and training programmes
  • Provide safe and individualised instruction
  • Maintain attendance, progress, and certification records
  • Communicate with parents and guardians
  • Meet health-and-safety or legal obligations
  • Process payroll and human-resources functions for staff

7. Consent and Rights of Data Subjects

Data Subject Rights

Data subjects have the right to:

  • Access their personal information
  • Request correction or deletion of inaccurate data
  • Withdraw consent for non-essential communications
  • Lodge a complaint with the Information Regulator

Consent will be obtained for the collection of any sensitive data (e.g. medical information or photography use).

8. Storage and Security

Security Safeguards

Easy2Swim implements both physical and digital safeguards:

  • Locked cabinets for paper records
  • Password-protected and encrypted systems for electronic data
  • Restricted access limited to authorised staff only
  • Regular backups and secure deletion of obsolete files

9. Data Retention and Disposal

  • Learner and staff records are retained for five years after completion or employment termination, unless otherwise required by law
  • Records are securely deleted or shredded after the retention period expires

10. Third-Party Data Processors

Where Easy2Swim uses third-party systems (e.g. Brevo for emails or Google Drive for storage), these partners must also comply with POPIA or equivalent international data-protection standards.

No data will be shared with unauthorised third parties.

11. Data Breach Procedure

If a Data Breach Occurs:
1 The Information Officer will be notified immediately
2 An investigation will determine the scope and cause
3 Affected individuals and the Information Regulator will be informed within the required timeframe
4 Remedial actions will be taken to prevent recurrence

12. Staff Training

All staff receive annual training on POPIA awareness, confidentiality, and secure information handling. New staff are introduced to this policy during induction.

13. Monitoring and Review

The Information Officer will review this policy annually or following any regulatory changes. Updates will be communicated to all staff and reflected on Easy2Swim's internal policy register.

Information Officer
Name: Zandri Stiff
Position: Information Officer & Centre Co-ordinator
Email: info@easy2swim.co.za
Phone: 082 446 8902
Address: 14 Stellentia Road, Firlands, Gordons Bay, 7140

Information Regulator Contact Details

Website: inforegulator.org.za
Email: complaints.IR@justice.gov.za
Phone: 012 406 4818