Privacy Policy

How ISPA collects, uses, and protects your personal information

Last updated: March 09, 2026

Introduction

The Internet Service Providers' Association (ISPA) is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use ISPA Zero Rating Portal.

This policy is written in compliance with the Protection of Personal Information Act (POPIA) and other applicable South African privacy laws.

Information We Collect

Application Information

When you submit a zero-rating application, we collect:

  • Organization name and SARS tax number
  • Applicant name, email address, and contact number
  • Website URL and title
  • Technical details (IP addresses, ports, SNI)
  • Hosting location confirmation
  • Motivation for zero-rating

Account Information

If you create an account to manage your applications, We collect:

  • Login credentials (encrypted)
  • Account preferences and settings
  • Application history and status

Technical Information

We automatically collect certain technical information:

  • IP address and browser type
  • Device information and operating system
  • Pages visited and time spent on portal
  • Referral source and exit pages

How We Use Your Information

Process Applications

To review and process zero-rating applications

Communicate with You

To send application updates, notifications, and technical information

Regulatory Compliance

To comply with ICASA requirements and South African laws

Technical Support

To provide technical assistance and resolve issues

Portal Improvement

To analyze usage patterns and improve our services

Information Sharing

We may share your information in the following circumstances:

ICASA

Application details are shared with ICASA for regulatory review and approval

Operators

Technical information is shared with operators for zero-rating implementation

Public Information

Website URLs, titles, and organization names are publicly displayed for approved sites

Note: Personal contact information (email, phone numbers) is not made public and is only used for application-related communications.

Data Security

We implement appropriate security measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Limited access to personal information
  • Secure data storage and backup procedures

Your Rights

Under POPIA, you have the following rights regarding your personal information:

Access

Request access to your personal information

Correction

Request correction of inaccurate information

Deletion

Request deletion of your personal information (where legally permissible)

Objection

Object to processing of your personal information

Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

privacy@ispa.org.za
+27 11 312 5400
ISPA
PO Box 784292
Sandton 2146
South Africa

Policy Updates

ISPA may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.