Skip to content
Legal

All legal documents, compliance statements, and policies for Mirembe Muse (Pty) Ltd. Governed by South African law.

POPIA Compliance

POPIA Compliance Statement

Protection of Personal Information Act, No. 4 of 2013 · Updated: 19 June 2026

Status

Mirembe Muse (Pty) Ltd is fully POPIA compliant.

Information Officer: Nandawula Regine Kabali-Kagwa · legal@mirembemuse.co.za

1. Our Commitment

Mirembe Muse (Pty) Ltd is committed to processing personal information lawfully, minimally, and with respect for each data subject’s rights. We view POPIA not as a compliance checkbox but as an expression of the Ubuntu philosophy at the core of our business: we are because our clients are.

2. The Eight Conditions of Lawful Processing

We comply with all eight conditions for lawful processing under POPIA:

  • Accountability — Our Information Officer (Nandawula Regine Kabali-Kagwa) is responsible for ensuring compliance.
  • Processing Limitation — We collect only what is necessary for the identified purpose.
  • Purpose Specification — All personal information is collected for specified, explicit, and lawful purposes.
  • Further Processing Limitation — We do not use personal information for purposes incompatible with the original collection purpose.
  • Information Quality — We take reasonable steps to ensure personal information is complete, accurate, and up to date.
  • Openness — We maintain this statement, our Privacy Policy, and our PAIA Manual as public records.
  • Security Safeguards — We implement technical and organisational measures to protect personal information (encryption in transit, row-level security in database, limited access controls).
  • Data Subject Participation — Data subjects may access, correct, or request deletion of their personal information at any time.

3. Special Personal Information

We do not collect or process special personal information as defined in Section 26 of POPIA (race, gender, sex, pregnancy, marital status, ethnic or social origin, colour, sexual orientation, age, physical or mental health, religion, conscience, belief, culture, language, birth, or biometric information) unless explicitly required for service delivery and with the express consent of the data subject.

4. Direct Marketing

We send The Mirembe Brief (our newsletter) only to subscribers who have explicitly opted in. Every email includes a one-click unsubscribe link. We do not purchase email lists or send unsolicited marketing communications.

5. Data Breach Response

In the event of a data breach that poses a risk to data subjects, we will notify the Information Regulator and affected data subjects within 72 hours of becoming aware of the breach, as required by POPIA Section 22.

6. Your Rights

  • Right to access your personal information
  • Right to correction of inaccurate personal information
  • Right to deletion (subject to legal retention requirements)
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to complain to the Information Regulator

Submit data subject requests to legal@mirembemuse.co.za. We respond within 30 business days.

7. Information Regulator Contact

The Information Regulator of South Africa: inforeg@justice.gov.za · +27 (0)10 023 5207 · JD House, 27 Stiemens Street, Braamfontein, Johannesburg

POPIA Compliance | Mirembe Muse