South Africa Protection of Personal Information Act (POPIA) (ZA POPIA)

South Africa's data protection law with specific child provisions requiring parental consent and restricting commercial use of children's data.

Key Provisions

What ZA POPIA requires

Parental consent required for processing children's data

Ban on commercial sale or sharing of minor data

Special safeguards for children's personal information

Rule Categories Covered

Phosra enforcement categories for ZA POPIA

Data Sharing Control

privacy

privacy_data_sharing

Controls what personal data can be shared with third parties and platform partners.

Parental Consent Gate

access control

parental_consent_gate

Blocks account creation and data collection until verifiable parental consent (VPC) is collected and signed.

Commercial Data Ban

privacy

commercial_data_ban

Bans the sale, license, or commercial transfer of minor user data to third parties under all circumstances.

Platforms Affected

Platforms covered by ZA POPIA

all

MCP Enforcement

Enforce ZA POPIA with a single API call

mcp-enforcement

// Enforce ZA POPIA compliance
tool: trigger_child_enforcement
input: {
  child_id: "ch_emma_01",
  law: "ZA_POPIA",
  rules: [
          "privacy_data_sharing",
          "parental_consent_gate",
          "commercial_data_ban"]
}

→ all          enforcement applied     ✓

Start building ZA POPIA-compliant features today

Phosra handles the complexity of multi-platform compliance so you can focus on building great products for families.

Get Started Free Read the Docs

Related Community Standards

5Rights Standard Fairplay Standard EU BIK+ Standard Screen-Smart Family ParentsTogether Standard

Related Parental Controls

Norton Family Canopy Securly Apple Screen Time Google Family Link