The government has taken strict measures to discourage telemarketers from bombarding your cellphone with unsolicited adverts to market their products and services without your consent.
Companies are no longer allowed to use your personal information without your written consent, whether you are an existing customer or a prospective one.
And they are no longer allowed to use your information after you have objected to them doing so — and you only have to decline once; after that they aren’t allowed to contact you any further for another request.
Companies are now compelled to keep records of the names of customers who have declined direct marketing approaches, and no contact can be made with those customers. The new rules also make it clear that the opt-out option on companies’ SMS adverts cannot be used as a defence for consent.
Complaints can lead to fines
Consumers can report organisations that don’t adhere to the requirements of the Information Regulator, which can impose fines on transgressors. The regulator is an independent body established in terms of section 39 of the Protection of Personal Information Act (Popia).
The regulator gazetted a guidance note on direct marketing that became effective in April. Since then, 60 companies have been reported to the regulator for violating the direct marketing policies, and the regulator has intervened. One company, FT Rams, was slapped with a R100,000 fine.
- Companies need your written consent before marketing.
- One opt-out applies forever. They can’t ask again.
- The Information Regulator can fine violators.
- Consumers can report offenders via email or online form.
The document is a milestone to curb unsolicited marketing calls, which have often driven consumers up the wall, despite their attempts to electronically block them. Advertisers have also got smarter by often changing their identities and contact numbers on cellphone applications like TrueCaller.
Spokesperson for the Information Regulator, Nomzamo Zondi, said they needed to act after receiving numerous complaints from consumers in recent years.
How the new rules were developed
The regulator conducted public participation workshops last year with affected stakeholders, including industry experts, consumers and companies, which led to the formulation of the guidance note, with clear and unambiguous rules on how telemarketers should conduct themselves.
“Some public and private bodies who use direct marketing to conduct their business were not adhering to the provisions of the Popia, such as obtaining consent first before marketing a product or service to a data subject [consumer],” Zondi said.
“They also disregarded the requests from data subjects when they requested to opt out of the direct marketing, disregarding both the opt-in and the opt-out prescribed in the Popia and Consumer Protection Act.”
Consent at the core of compliance
The guidance note states that a company can only process the data of a customer if it obtained their contact details through a point of sale or service.
Companies can only market products related to the product that was bought. For example, if a customer opened a clothing account with a shop, that shop cannot then bombard them with adverts for insurance products.
The document also states that companies intending to use the information of a person who is not their client for direct marketing purposes must first obtain written consent before they start sending adverts to the customer’s phone, email or other form of communication.
The consent form is downloaded from the Information Regulator’s website and should be read out clearly to the customer if the consent is sourced via telephone.
“Even when a customer has initially consented to receiving direct marketing, [they] must be given a right to object on each occasion they receive such a message,” the document reads.
Protecting privacy and simplifying rights
Zondi said the guidance note creates clarity on provisions that companies failed to understand or interpret in the past.
“The guide is simplified so as to also assist consumers to understand their rights in respect to direct marketing and to exercise their right to privacy.
“The key takeaway is that companies cannot conduct direct marketing via telephone without [the customer’s] consent. This was one of the supposed loopholes that organisations used as direct marketing via telephone.
“Responsible parties [companies] must clearly identify themselves — and there must always be an opt-out option,” Zondi said.
In an interview with Sowetan last year, Mukelani Dimba, an executive manager responsible for education and communication at the regulator’s office, said they had noticed a potential collision between service providers and credit bureaus, where customer information shared between them ends up with lead agencies.
Zondi said they have now approved a code of conduct that regulates how credit bureaus should process personal information and the repercussions when they do not adhere to the code.
How to lodge a complaint
Should you feel that your personal information has been violated, complete the prescribed form on the Information Regulator's website www.inforegulator.org.za and send it to POPIAComplaints@inforegulator.org.za
SowetanLIVE
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.