Acts Online
GT Shield

Protection of Personal Information Act, 2013 (Act No. 4 of 2013)

Chapter 7 : Codes of Conduct

63. Procedure for dealing with complaints



(1) A code of conduct may prescribe procedures for making and dealing with complaints alleging a breach of the code, but no such provision may limit or restrict any provision of Chapter 10.


(2) If the code sets out procedures for making and dealing with complaints, the Regulator must be satisfied that—
(a) the procedures meet the—
(i) prescribed standards; and
(ii) guidelines issued by the Regulator in terms of section 65,

relating to the making of and dealing with complaints;

(b) the code provides for the appointment of an independent adjudicator to whom complaints may be made;
(c) the code provides that, in exercising his or her powers and performing his or her functions, under the code, an adjudicator for the code must have due regard to the matters listed in section 44;
(d) the code requires the adjudicator to prepare and submit a report, in a form satisfactory to the Regulator, to the Regulator within five months of the end of a financial year of the Regulator on the operation of the code during that financial year; and
(e) the code requires the report prepared for each year to specify the number and nature of complaints made to an adjudicator under the code during the relevant financial year.


(3) A responsible party or data subject who is aggrieved by a determination, including any declaration, order or direction that is included in the determination, made by an adjudicator after having investigated a complaint relating to the protection of personal information under an approved code of conduct, may submit a complaint in terms of section 74(2) with the Regulator against the determination upon payment of a prescribed fee.


(4) The adjudicator’s determination continues to have effect unless and until the Regulator makes a determination under Chapter 10 relating to the complaint or unless the Regulator determines otherwise.