top of page

Privacy Statement

We try our utmost to protect and respect your personal data. This statement explains how we collect that data, why we use it and how we keep it safe.

Who are we?

INTERNATIONAL PROJECT MANAGEMENT ASSOCIATION - SOUTH AFRICA NPC (IPMA-SA) is Non-Profit Company (Reg. No. 1998 / 018799 / 08).  ADDRESS OF REGISTERED OFFICE: 1028 HYDE AVENUE, ELDORAIGNE, CENTURION, GAUTENG, 0149. For general queries, contact us via our home page ( IPMA-SA is a Data Controller.

How will we collect your information?

We will obtain relevant personal information when you make initial contact with us through registering for our event (either in person or online), when you use our website forms, when you participate in our surveys, or join as a partner.

There may be instances where we obtain limited information about you indirectly, for example where a colleague has made an event delegate booking on your behalf.

What types of information do we store?

The information we collect might include your name, address, email address and phone numbers. Depending on the relationship you have with IPMA-SA and this event, you may be asked to provide further personal data.

On occasion, you may be asked to provide additional personal data, such as biographic information, country of origin], or gender for the purpose of publishing or if you are a speaker or host at our event. In such an event, IPMA-SA will only process this data with your consent.

We will record equal opportunities data you share with us such as your age and ethnicity. We will only process this data with your consent for the purpose of providing insight into the diversity of participants. This information will be stored securely and only used to provide anonymous statistics to help plan our services.

Photos and recordings

During the course of the congress, we will take photos and videos at the event itself and at the various social programmes on offer in order to share online in news articles, on our website or on social media. We will rely on Legitimate Interest for this. Before posting or distributing material, we will always endeavour to ensure that the images and videos are appropriate and do not offend or cause humiliation or similar harm to any individual.

Why do we collect your information?

We will only use your information in accordance with the law which gives us various powers to use your data. The following points are effectively the reasons for the collection and processing of data:

  • to perform or to take steps in order to enter into a contract with you (such as your participation);

  • for the purposes of our legitimate interests. This will include being able to send you marketing and event information and relevant updates.

  • compliance with a legal obligations;

  • if you consent for us to do so (all participants need to agree with terms of use if they want to participate in this event).

Collecting and using your data will mean we are able to manage your participation, process any orders or requests you have and to provide you with relevant and topical information relating to your interests, including events and publications. We may also ask for your feedback on our services.

We will send you marketing information of relevance to this congress. IPMA-SA reserves the right to send all participants regular newsletters and information regarding congress updates and related topics.  Recurring congress newsletters will be sent to all participants until completion of the congress to ensure that our entire community has the same access to the latest news and information.


Data protection applies to individual personal data but does not always cover ‘business to business’ contacts or information. We will also do our utmost, however, to secure and protect the contact details of our corporate contacts.

Who will have access to your information?

IPMA-SA will share personal data with third parties as necessary for the administration of the Congress. The staff and contractors of IPMA-SA will have controlled access to your information to enable the provision of congress services. If you choose to become involved with one of our volunteer groups, then data will be shared with volunteers running these services, for the purpose of offering you those particular services.

We will not sell or rent your information to third parties.

We will not share your information with third parties for their marketing purposes. We may pass your information to our third-party service providers, subcontractors, and other associated organisations to provide services on our behalf (for example digital qualification badges, and the professional congress organiser (PCO)). In some instances, we may use third party payment providers to process payments.


When we use third parties, however, we will only disclose the personal information that is necessary to deliver the service and your information will be kept secure and not used for other purposes. Third party services providers will delete all personal data when no longer required to perform their relevant services.


Your choices - Data Sharing Consent

By participating in this event, you have the option to choose whether you give your consent for the sharing of your personal data with organisations like IPMA (International Project Management Association) or other event partners. If you choose to give consent, please be aware that IPMA-SA (the local organisation hosting the event) assumes no responsibility for how these other organisations may use your personal information. Your consent to share your data will be limited to the following details: full name, company, country, and email. We encourage you to carefully consider your decision regarding data sharing and understand that it is your responsibility to review the privacy policies of IPMA and event partners if you have any concerns about how your data will be used by them.

Legal rights over your information

You have various legal rights over your information which we will always respect. These rights include the right to access a copy of the data we store about you, and to ask us to rectify or erase the data. You also have the right to data portability, you can ask us to restrict the processing of your data, or you can raise an objection to the processing. Where processing is based on your consent then you have the right to withdraw that consent.

If you wish to invoke any of these rights with regards to your data, then please contact us via our congress form. Should you exercise your right by making a verbal request, then we recommend that you follow this up in writing to provide a clear trail of correspondence and evidence of your actions. If you are unhappy with the way in which your personal data is handled by IPMA-SA then you also have the right to file a complaint to IPMA-SA.

Retention of your data

We will retain your personal data for no longer than is necessary in order to comply with our legal and participant obligations, noting that this may extend beyond your actual relationship with us. Following the end of your relationship with us we will restrict the processing of your data to those purposes which form a legal obligation for us, such as financial reporting.

All personal data relating to the event will be kept for as long as required for the purpose of the event or to applicable legal obligations. IPMA-SA will delete any event-related information from the personal data of individuals after the event. IPMA-SA will keep participant data for as long as required for the purposes of the IPMA-SA.

How do we protect your data?

We will take several steps to protect your data including IT security. All staff receive data protection training and our premises are secured. We have contracts with providers requiring them to protect your information. IPMA-SA use contracted services outside of Africa. When doing so, IPMA-SA ensures the relevant data protection is in place to ensure adequate security of your personal data.

Links to other websites

Our website contains links to websites run by other organisations. This statement applies only to our website, and we are not responsible for the policies and practices of other sites.


Privacy act POPI and GDPR

This event complies with the POPI Act and adheres to GDPR regulations to the best of our ability.

POPI stands for the "Protection of Personal Information Act" in South Africa. It is a piece of legislation that regulates how organisations in South Africa collect, process, store, and disclose personal information. POPI was signed into law in 2013, and its primary purpose is to protect the privacy of individuals by ensuring that their personal information is handled responsibly and in accordance with specific principles and requirements outlined in the Act. This legislation is similar in some respects to the European Union's General Data Protection Regulation (GDPR) and aims to give individuals greater control over their personal data and establish guidelines for data protection and privacy practices for businesses and organisations in South Africa.

16 or under?

We particularly wish to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission before you provide us with personal information.

Review of this statement

We keep this statement under review as part of our overall Data Protection Policy. It was last updated in February 2023.

Governing Law

This agreement shall be governed and construed in accordance with the Applicable Laws of the Republic of South Africa, jurisdiction of the Western Cape High Court, Cape Town.

bottom of page