The Protection of Personal Information Act (or POPI Act) is South Africa’s version of the European GDPR act. It describes the conditions for responsible parties to lawfully process and store the personal information of data subjects.
The POPI Act does not stop you from processing and does not require you to get consent from data subjects to process their personal information. Whoever decides to process personal information is responsible for complying with the conditions.
It is important to realize that the Business owner are still responsible for the POPI compliance of their business and the data stored inside HRSimplified GENUS.
HRSimplified GENUS and DataSimplified PTY (Ltd) is responsible to safe guard and secure the data it stores on the HRSimplifed GENUS platform at all times.
HRSimplified GENUS and DataSimplified PTY (Ltd) may not sell or process the Personal data in the HRSimplified GENUS system for reasons other than providing the feature of the HRSimplified system to its users.
The Business owner needs to inform their Employees that their data is stored on the HRSimplified GENUS platform to ensure they comply to the POPI regulations.
ASP.NET Core Identity is a membership system which allows you to add login functionality to your application. Users can create an account and login with a user name and password or they can use an external login providers such as Facebook, Google, Microsoft Account, Twitter and more.
ASP.NET Identity uses OWIN Authentication for log-in/log-out of users in the web site. This means that instead of using FormsAuthentication to generate the cookie, the application uses OWIN CookieAuthentication to do that
All personal data on Database level is obfuscated by replacing readable characters with incorrect data. This means that even if the data is viewed directly in the database it is not readable to the Support teams.
The Data Center network is protected by state-of-the-art Juniper firewalls, routers, intrusion protection devices and network analyzers to ensure that all traffic in and out of the data center is protected and reaches the correct destination without interception.
Client environments are protected by hosted firewalls, segregating networks to keep communications secure.
As standard practice, the Data Center protects all hosted servers with anti-virus and scans all incoming and outgoing mail traffic for viruses and malware.
All data ports are closed to the outside world, and only traffic from specific IP addresses are allowed to reach specific target Ports on the internal network.
Data Center NOC operates 24/7 to respond to any alerts before they become a serious issue.