Welcome to our Privacy Policy


IOPSA respects your privacy and your personal information. This Privacy Policy together with the IOPSA PAIA Manual aims to let you know how the IOPSA will treat any personal information that it may have about you and how you can access such personal information held. The IOPSA will take all reasonable measures, under this Policy, to protect your personal information and to keep it confidential.

Definition of personal information

Personal Information is “personal information” as defined in section 1 of the Protection of Personal Information Act 4 of 2013 (“POPI Act”). This is information relating to an identifiable, living natural person or existing juristic person. Please refer to the POPI Act for a detailed definition and various types or categories of personal information.

Categories of data subjects and personal information collected

The IOPSA only collects general personal information (some of which may be publicly available) and aims to only collect that personal information which is necessary for it to carry out its Services and other facilities provided to you. The IOPSA collects the following categories of personal information:

  1. Registered Individual – such as name, contact details, email, physical and postal addresses, company details, gender, racial status, disabilities, designations, professional experience, work experience (CVs) and qualifications. 
  2. Alumni (Training and Event Delegates and past Corporate Clients) – such as name, contact details, email, physical and postal addresses, company details and documents (where necessary), dietary requirements, and allergies. With regards to Corporate Services company documents required for services and specifically in respect to Board Appraisal Services, director’s personal opinions on the performance of the board is collected and stored to report. Further information may be requested by the IOPSA depending on the Service being provided or for statistical or healthy and safety reasons.
  3. Designations – same information as per Registered Individual s above including records of results and decisions, certification records such as date awarded and such information as may be required from the South African Qualifications Authority from time to time.
  4. Suppliers/Procurement – such as company name, address and contact details, banking details, VAT number and BEE certificate/level information.
  5. Website: – such as general website page analytics and usage information through the use of cookies (all such information is un-identifiable information for POPI, see IOPSA Cookie Policy here for further detail); as well as in some instances website user (i.e. non-Registered Individual and alumni) name and contact details for access to specific IOPSA content/services not freely available to the general public.
  6. Employees – all applicable employee information required to be kept from a labour law perspective and running of the organisation. Such information relates to internal employees and not external clients. As such the rest of this Policy will not cover Employee Information as this is dealt with in IOPSA internal HR Policies. Furthermore, external parties (unless with applicable court orders or legal reasons) shall not have access to such Employee Information.

How personal information is collected

Your personal information is obtained directly from you either via online forms on our website, email communications, requests for proposals, hard copy forms submitted to the IOPSA (such as training facilitator review forms); and on occasion telephonically (only under specific circumstances and at your request). In instances where Corporate Clients require services, the Corporate Client representative may provide individual director information to the IOPSA. It is the responsibility of the Corporate Client to ensure it has consent from such individuals to share their general personal contact information.

Purpose for collection personal information

The IOPSA collects personal information for the following purposes:

  1. To provide you with services offered and requested.
  2. To understand your specific needs and requirements, and to improve the IOPSA Registered Individual benefit, service and value offering.
  3. To provide you with IOPSA communications about the services being rendered, and keeping you informed of governance-related updates.
  4. To provide you with IOPSA related marketing material due to your past interaction and use of the IOPSA services.
  5. For health and safety purposes.
  6. For statistical, historical and/or reporting purposes. 

The IOPSA will always ask for your permission before it uses your personal information for any purpose not disclosed above or unrelated to the operations/services of the IOPSA and its use in the ordinary course of business.

Recipients of personal information 

The Personal information collected is used only by the IOPSA and its employees in the rendering of its organisational purpose and services. Only in instances where the sharing of personal information to recipients outside of the IOPSA is necessary to fulfil a IOPSA obligation or service will such information be provided. See clause 7 below for further information

Personal information shared to third parties 

As part of the Registered Individual Benefits provided to IOPSA Registered Individual s, the IOPSA may be required to provide third party service providers with minimal Registered Individual personal information (such as for example name, Registered Individual ship number, contact details) to provide such Registered Individual Benefits.

Personal information provided to third-party service providers for such purposes will be limited to only that information which is necessary for the Registered Individual to enjoy such benefit which he/she is entitled to. No further information will be provided and third-party service providers are prohibited from using Registered Individual details for any other purpose other than providing the Registered Individual Benefit or for statistical and historical purposes.

Your privacy is important to us. The IOPSA will therefore not sell, rent or provide your personal information to unauthorised entities or third parties for their independent use without your consent.

The IOPSA will release your personal information to a party if it believes that IOPSA is required by law or by a court to do so. The IOPSA will also disclose your personal information if the IOPSA believes that it is necessary to prevent or lessen any unlawful or harmful actions and to protect and defend legitimate business interests, rights or property of the IOPSA.

Protection of personal information

The IOPSA values the information that you choose to provide to us and will, therefore, take reasonable steps to protect your personal information from loss, misuse or unauthorised alteration. The IOPSA conducts regular security testing of its servers and ensures that its employees are trained around the protection of personal information to ensure that your personal information is used correctly and protected.

When you use the services or facilities provided by the IOPSA, you may be given an access number, username, password and/or personal identification number (“PIN”). You must always keep your username, access card, password and/or PIN a secret and ensure that you do not disclose it to anyone. The IOPSA shall not be held responsible for personal information accessed as a result of you providing someone with your IOPSA profile username and password.

Upon your request, IOPSA will provide you with its records of the personal information you provided to us. For security reasons, this information will only be sent to the e-mail address on file for the subscriber username and password associated with it.

Storage of personal information and retention thereof

Personal Information is stored on the DNL Consulting Services’ servers located at Sautech and in the cloud (which in this case may be hosted outside of South Africa see below Clause 9) which is accessed by yourself and IOPSA internal employees only. Personal Information will only be retained for so long as necessary to carry out the function, Services provided or facilitates your use by the IOPSA. Due to the nature of the service rendered ie professional body registration, personal information shall not be destroyed. 

Note: Registered Individual ship, Service Agreements, audit information, Certificate of Compliance, training attendance records, reports or deliverables provided to Corporate Clients in terms of the specific scope of work and personal information related thereto shall be kept for the IOPSA indefinitely. The purpose of which is to ensure a continuous and accurate record of your Registered Individual ship, training history and reports/advice provided by the IOPSA.

Trans-border flow of personal information

Your personal information may be stored on servers located outside of South Africa due to the IOPSA’s Registered Individual ship programme tool. The IOPSA, however, undertakes to ensure that service providers used for such cloud servers and/or services are obliged to comply with the highest standards of data protection to ensure the security of your personal information.

Links on IOPSA website or email communications

The IOPSA is not responsible for the content or the privacy policies of websites of other institutions to which it may link you to – mainly for information purposes and access to documents provided by such institutions. The use of other third-party websites and content is at your sole discretion. This Policy applies solely to information collected by the IOPSA.

The IOPSA is not responsible for any representations or information or warranties or content on any website of any third party (including websites linked to the IOPSA website). The IOPSA does not exercise control over third parties’ privacy policies and you should refer to the privacy policy of any third party to see how such party protects your privacy.

Personal information held by or disclosed to you by third parties

If you disclose any personal information to a third party, such as one of our business partners or anyone other than the IOPSA, you must be aware that the IOPSA does not regulate or control how that third party uses your personal information. You should always ensure that you read the privacy policy of any third party.

Correction of personal information

It is your responsibility to ensure that the personal information provided to the IOPSA is true, correct and accurate at all times. You may update and correct your personal information at any time either yourself via your online IOPSA profile, via email communications to the IOPSA or telephonically by calling the IOPSA. The IOPSA does not vet or check the information provided to it, and thus will not be held responsible for any incorrect or outdated information it may and which may be used to provide you with relevant and important communications.

Access to personal information held by the IOPSA

See the IOPSA PAIA Manual for detailed information around your rights to access information held by the IOPSA and applicable steps to follow.

Changes to the policy

The IOPSA may change this Policy at any time. Any change to this Policy will be displayed on the IOPSA website. If you use this website or any of the services or facilities offered by the IOPSA after the IOPSA has displayed a change to this Policy, you will be deemed to have read and agreed to the change.

Applicable laws

This Policy will be governed by the laws of the Republic of South Africa. Specifically, the IOPSA undertakes to comply with the spirit of the Protection of Personal Information Act No.4 of 2013 (“POPI”) and the Promotion of Access to Information Act No.2 of 2000 (“PAIA”).


You consent to the jurisdiction of the South African courts for any dispute which may arise out of this privacy policy.

Your privacy is critically important to us.

The Institute of Plumbing South Africa is located at: Suite 1, Dowerglen Plaza, 73 Sycamore Dr, Dowerglen, Edenvale, 1612

It is the Institute of Plumbing South Africa’s policy to respect your privacy regarding any information we may collect while operating our website. This Privacy Policy applies to https://iopsatraining.co.za (hereinafter referred to as, “us”, “we”, or “www.iopsatraining.co.za“). We respect your privacy and are committed to protecting personally identifiable information you may provide us through the Website. We have adopted this privacy policy (“Privacy Policy”) to explain what information may be collected on our website, how we use this information, and under what circumstances we may disclose the information to third parties. This Privacy Policy applies only to information we collect through the website and does not apply to our collection of information from other sources.

This Privacy Policy, together with the Terms and conditions posted on our Website, set forth the general rules and policies governing your use of our Website. Depending on your activities when visiting our Website, you may be required to agree to additional terms and conditions.

What do we do with your information?

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address. When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.


How do you get my consent? When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no. How do I withdraw my consent? If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at info@iopsa.co.za or mailing us at: Suite 1, Dowerglen Plaza, 73 Sycamore Dr, Dowerglen, Edenvale, 1612.


We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.


Our store is hosted on Woocommerce. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Woocommerce’s data storage, databases and the general Woocommerce application. They store your data on a secure server behind a firewall. Payment: If you choose a direct payment gateway to complete your purchase, then Woocommerce stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Third-party services

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service. Links When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.


To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Age of consent

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

Questions and contact information

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at info@iopsa.co.za or by mail at Suite 1, Dowerglen Plaza, 73 Sycamore Dr, Dowerglen, Edenvale, 1612.


To enrich and perfect your online experience, the Institute of Plumbing South Africa uses “Cookies”, similar technologies and services provided by others to display personalized content, appropriate advertising and store your preferences on your computer.

A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. The Institute of Plumbing South Africa uses cookies to help the Institute of Plumbing South Africa identify and track visitors, their usage of http://itfhrm.com/itfwordpress, and their website access preferences. the Institute of Plumbing South Africa visitors who do not wish to have cookies placed on their computers should set their browsers to refuse cookies before using the Institute of Plumbing South Africa’s websites, with the drawback that certain features of the Institute of Plumbing South Africa’s websites may not function properly without the aid of cookies.

By continuing to navigate our website without changing your cookie settings, you hereby acknowledge and agree to the Institute of Plumbing South Africa’s use of cookies.


Those who engage in transactions with the Institute of Plumbing South Africa – by purchasing the Institute of Plumbing South Africa’s services or products, are asked to provide additional information, including as necessary the personal and financial information required to process those transactions. In each case, the Institute of Plumbing South Africa collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with the Institute of Plumbing South Africa. The Institute of Plumbing South Africa does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities.

Changes to this privacy policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.