As digital licence scanning pioneers, we want to take a deeper look into the growing data protection concerns around collecting personal information at residential estate access points.
"Lifestyle estates, complexes and community schemes should not collect more information than they need to fulfil a specific and reasonable purpose."
Protection of Personal Information Act (POPIA) and Residential Estates
The Protection of Personal Information Act (POPIA) came into effect on 1 July 2020, giving all responsible parties (entities that collect and process personal data) one year to comply. This has raised a multitude of questions regarding what information may be collected at the gate among housing complex managers and residents.
ATG Digital, who have built their systems around The Protection of Personal Information best practices, share insight into the necessity and legality of scanning
drivers’ or motor vehicle licences.
Visitor Registration and Housing Complex Entrances
“For years, visitors have been asked to provide their name, cell phone number and
signature (at a minimum) to gain entry into lifestyle estates,” says Ariel Flax, Head of Sales of ATG Digital, and adds, “POPIA throws these practices into question—but
not for reasons one might assume.”
Ariel explains: “Visitor registration is allowed. However, often the visitors’ information is handwritten in a book that’s vulnerable to prying eyes—and therein lies the problem.
“POPIA doesn’t disallow the collection of information. Instead, the Act protects
people’s personal information by enforcing rules on what is collected and why; how it is stored; and, if shared, with whom and why. The answers to these questions must be made known to the owner of the information before they share it.”
Baked-in POPIA Compliance
Having consulted a specialist privacy and data protection corporate law firm for
several years, the digital access control pioneers spared no effort in ensuring that
POPIA compliance is baked into their solutions.
Ariel: “Lifestyle estates, complexes and community schemes should not collect more information than they need to fulfil a specific and reasonable purpose. For example, protection (in the case of security) or administration (by managing agents).
“Features like ‘de-identification’, where unnecessary information that has been
captured from driver and motor vehicle licenses is redacted, eliminate non-
compliance risks,” says Ariel. He adds, “The system can be set so that the information is hidden on the scanning devices only or reports as well. On the back-
end, you can set access permissions on reporting.”
When it comes to retention of personal information, Ariel says that the ATG Digital
solution includes a pre-set for data records to be deleted after a specified period—another requirement of the Act.
For all Access Control related information, contact ATG Digital by calling 010 500 8611, Whatsapp 072 055 1187, email sales@atthegate.biz or go to http://www.atgdigital.biz
Opmerkingen