Our lives have become increasingly computer and digitally driven and consequently we have to be aware of data theft and incursions that have become prevalent. We have to make sure that our personal information is safe at all times.

As a professional service provider, we would like to encourage you to stay safe, especially in your work space. When it comes to your data, there are certain key factors to keep in mind which we deal with below.


The Protection of Personal Information Act 4 of 2013 (POPI), has been promulgated with the aim to protect your information and to regulate those entities who come into possession of your information.

What is POPI?

The POPI Act is an act of Parliament enacted in November 2013. Its purpose is to enhance the Constitutional right to privacy and to ensure the safeguarding of personal information processed by public and private bodies. The Act identifies eight conditions for the processing of personal information. Key principles of POPI came into force on 1 July 2020, and responsible parties that process personal information of natural and juristic persons have until 1 July 2021 to ensure full compliance. As a responsible party, we are entrusted with the personal information of our clients, staff and service providers and we are therefore obligated to process this information in line with the law.

What is personal information?

Personal information is information relating to an identifiable, living, natural person or existing juristic person, that relates to, among others, the race, gender, sex, marital status, sexual orientation, age, physical, mental, spiritual, economic, cultural or social identity; their health, educational or financial history; as well as identifying numbers and addresses including biometric information belonging to either an identifiable living natural person or an existing juristic person.

The eight conditions for lawful processing of personal information

  1. Accountability: our firm must be accountable for the personal information it processes or holds in its possession.
  2. Processing limitation: Personal information must be processed in a lawful and reasonable manner. The purpose for processing the information must be lawful, adequate, relevant and not excessive.
  3. Purpose specification: The purpose for processing personal information must be specific, explicitly defined and lawful.
  4. Further processing limitation: The reason for processing personal information further must be compatible with the original purpose of collection.
  5. Information quality: We are required to take practicable steps to ensure that the personal information we process is complete, accurate, not misleading and updated.
  6. Openness: Personal information must be processed in a way that allows the data subject to know what is happening to their personal information.
  7. Security Safeguards: We must ensure that there are sufficient security safeguards in place to secure the integrity and confidentiality of the personal information in our possession.
  8. Data subject participation: Data subjects have a right to access to their personal information and to correct and update their personal information.

Which measures are in place at CHIRSTO SMITH ATTORNEYS INC. to comply with POPI?

We will do everyhting reasonable to ensure that your personal information that you shared with us is kept secure and confidential. Our computer software in all our departments, including our financial and accounting software, is secure and protected by the necessary technology to protect it from incursions by fraudsters and third parties. Our office premises are in addition, protected from intrusion by an advanced security system comprising of a 24-hour surveilance and armed response.


Please note the following important guidelines when dealing with personal information issues :

  • Don’t click on links in messages from unknown sources.
  • We will never call you and ask you for your userID and/or password.
  • Be aware and do not respond to phishing emails. If you receive a suspicious email that appears to come from our firm, forward it to info@csprok.co.za
  • Look out for near-identical e-mail addresses. Fraudsters often add a full stop, replace one letter or the e-mail may end with .com instead of co.za.
  • Make sure that you have up-to-date antivirus software installed on all your devices.
  • Ensure that you install the latest security updates or patches to your laptop/desktop/mobile device as soon as these are available to prevent criminals from exploiting security vulnerabilities on your device.
  • If you receive an SMS or e-mail notification for a transaction of our firm you did not perform, urgently let us know by phoning 013 7533187 (Annatjie) or by sending an e-mail to as@csprok.co.za
  • Scrutinise your statements and notify us if you see any unfamiliar transactions.
  • When you receive a request to self-deposit (EFT) funds into a bank account, always confirm the request. You can call 013 7533187 (Annatjie) to confirm CHRISTO SMITH ATTOTNEYS INC. banking details for a once-off payment.

We will take all reasonable steps to ensure that your personal information is protected. We protect and manage personal information that we hold about you by using electronic and computer safeguards like firewalls, data encryption, and physical and electronic access control to our buildings. We only authorise access to personal information to those employees who require it to fulfil their designated responsibilities.

Right to object:
You may, on reasonable grounds, object to us using your personal information. If you object, we will stop using your personal information, except if the law allows its use. Our Information Officer can be contacted should you require any further information regarding the contents of this document, or have any objections:

Information Officer : Jacques Smith : js@csprok.co.za

We are by law only permitted to request your consent once.