Compliance
Last updated
Last updated
Ensuring compliance with industry standards and regulations is paramount in safeguarding data and maintaining trust in our services. Our commitment to compliance is reflected in our adherence to various regulatory and industry standards, including WASPA, ISO 27001, and POPIA. Below is a breakdown of our compliance across these areas.
Panacea Mobile is a proud member of the Wireless Application Service Providers' Association (WASPA), adhering to its code of conduct. WASPA is a self-regulating body that ensures its members provide services that are ethical, respectful of user privacy, and in alignment with best practice standards within the mobile services industry.
View the Code of Conduct here: WASPA Code of Conduct
Commitment to Information Security
ISO 27001 is a globally recognised standard for the establishment and certification of an information security management system. Panacea Mobile's compliance with ISO 27001 underscores our dedication to securing information assets against threats. By adhering to ISO 27001, we demonstrate our commitment to:
Systematically examining our information security risks, including threats, vulnerabilities, and impacts.
Designing and implementing a coherent and comprehensive suite of information security controls and other forms of risk management to address those risks that are deemed unacceptable.
Adopting an overarching management process to ensure that the information security controls continue to meet our information security needs on an ongoing basis.
The Protection of Personal Information Act (POPIA) is South Africa's data protection law. It sets conditions for the lawful processing of personal information. Panacea Mobile is committed to POPIA compliance, ensuring that we handle personal information responsibly and in accordance with the law. Our compliance with POPIA illustrates our commitment to:
Processing personal information lawfully, fairly, and in a transparent manner.
Collecting personal information for specified, explicit, and legitimate purposes and not further processing it in a manner that is incompatible with those purposes.
Ensuring that personal information is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
Maintaining the accuracy of personal information and, where necessary, keeping it up to date.
Storing personal information no longer than is necessary for the purposes for which the personal information is processed.
Ensuring the integrity and confidentiality of personal information, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
