Skip to content
Cookie popup for South African Websites

Cookie popup: Do I need one for my South African website?

Cookie popups can be seen on most South African websites. For good reason. South Africa has a strict policy on how personal data is used, stored and spread.

The Protection of Personal Information Act, commonly known as POPIA, is widely known by South Africans. The details of the act and implications of non compliance are less well known. The act came into effect on 1 July 2020 and a one year period was given for businesses to get their ducks in a row and comply with these new laws.

According to the Western Cape Government, “The Act defines ‘processing’ as collecting, receiving, recording, organizing, retrieving, or the use, distribution or sharing of any such information.” Now you might think that your simple website does not collect or record any data so you don’t need to be covered by an “opt-in” cookie popup. However, modern browsers and websites are smart and yes, they may be collecting data with or without your knowledge. Let’s look at 2 types of data websites collect, relevant to the South African POPIA act.

1. Log Data

This is all the data, about each visit, logged when a user browses your website. This is often passed to third party software such as Google Analytics, Google Ads, Mailchimp etc or saved on the website backend or even sent to the companies email address.

Examples of information that could be recorded when you visit and interact with a website:

  • Device type
  • Software
  • The browser you are using
  • Your IP address
  • Your location
  • Date and time stamps
  • User activity (time on page, where you clicked, what you watched etc)
  • Any form fields you filled in

2. Cookies

Delicious warm chewy chocolate chip cookies fresh out the oven! Just one bite and there will be cookie crumbs, evidence of a cookie eaten. Website cookies are little crumbs of data, which are transferred to your computer or phone when you visit a website. Evidence of your time on the site.

These crumbs will sit on your device for a predefined period of time. A “persistent cookie” will last a month or a week where a “session cookie” would be eaten up at the time you close the window, ending the trail of cookie crumbs. These little crumbs give your browser clues to where you have been on the internet, and what you did when you were there. This information is then used to do things like remember your login details for your favourite sites, pre-populate forms with your name and address or retain the items in your cart when you return to a website a few days later.

I’m sure you can now guess where POPIA comes in? Cookies often include some personal information such as your name, email, address or phone number, if you have supplied that information. Users can set their browser with some general rules to control website cookies and protect their data.

Examples of when cookies crumbs are dropped:

  • A user simply browses your website and completes a chain of events, like scrolling through a page and clicking on a button
  • A user signs up for a newsletter or completes a form
  • A user creates an account
  • A user completes checkout your website

As a South African business, you will have access to both log and cookie information from your website users and it is your responsibility to protect it. You also need to inform users of this. We know you already have a privacy policy in place on your website and, if it is well written, it should include a portion on website cookies.

So do I need a cookie policy opt in popup?

Now back to the question of whether or not you need a cookie popup specifically. The act does not implicitly state that a cookie policy opt in is mandatory on a website. Older privacy policies might state that just by using the site you are “opting in”. This is not an active selection by the user and, according to POPIA, is not enough. Which, to us, indicates that having a cookie policy opt in is vital on your website. A cookie popup with an opt in button is like the tickbox at the end of your doctor’s office forms; the signup for your child’s extra murals; or the cell phone contract stating you consent to your data being stored and used.

A user that does not accept certain website cookies might not get to use and enjoy the full experience on that site. Their cart may be empty when they come back to complete checkout, or they may need to type out all their information. But that is their choice.

Don’t have a cookie popup on your website? Get in touch and we can help with this easy process and give you peace of mind.

Yes! I have an idea and I need your innovation to turn it into an online store invention!


Hayley is Flicker Leap's Creative Director and heads up the Creative team.

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top