POPIA Compliance Statement
Effective Date: 12 June 2024
​
1. Introduction
Cavitate Chiropractic is committed to complying with the Protection of Personal Information Act, 4 of 2013 (POPIA). This statement outlines our practices regarding the collection, use, storage, and protection of personal information in accordance with POPIA.
2. Personal Information Collection
We collect personal information from patients and website users for the following purposes:
​
-
Providing chiropractic services and treatments.
-
Managing appointments and patient records.
-
Processing payments and insurance claims.
-
Communicating with patients about their care.
-
Improving our services and website.
3. Lawful Processing of Personal Information
We process personal information lawfully and in a reasonable manner that does not infringe on your privacy. Processing is based on the following principles:
​
-
Consent: We obtain your consent for processing your personal information.
-
Purpose Specification: Personal information is collected for specific, explicitly defined, and legitimate purposes.
-
Further Processing Limitation: Personal information is not processed beyond the original purpose without your consent.
-
Information Quality: We ensure that personal information is complete, accurate, and updated.
-
Openness: We maintain transparency about our information processing practices.
-
Security Safeguards: We implement measures to protect personal information from loss, damage, or unauthorized access.
-
Data Subject Participation: You have the right to access, correct, or delete your personal information.
4. Data Subject Rights
Under POPIA, you have the following rights regarding your personal information:
​
-
Access: Request access to your personal information.
-
Correction: Request correction of inaccurate or incomplete personal information.
-
Deletion: Request deletion of personal information that is no longer needed or unlawfully processed.
-
Objection: Object to the processing of your personal information in certain circumstances.
-
Complaints: Lodge a complaint with the Information Regulator if you believe your rights have been violated.
​
5. Data Security
We implement appropriate technical and organizational measures to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
6. Third Party Disclosures
We may share your personal information with third parties, such as service providers and business partners, to facilitate our services. We ensure that these parties adhere to similar data protection standards.
​
7. Cross-Border Transfers
If we transfer personal information outside of South Africa, we ensure that the recipient country, organization, or individual complies with an adequate level of data protection.
​
8. Retention of Personal Information
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.
​
9. Updates to this Statement
We may update this POPIA Compliance Statement from time to time. We will notify you of any changes by posting the updated statement on our website.
​
If you have any questions or concerns about this Privacy Policy, please contact us.