Privacy Policy

Privacy Policy


The Gauteng Attorneys’ Association (“GAA“) comprises a federation of the Pretoria Attorneys’ Association (“PAA“), Johannesburg Attorneys’ Association (“JAA“), West Rand Attorneys’ Association (“WRAA“), Soweto Legal Fraternity, as well as the East Rand Attorneys’ Association and similar Associations, where each individual association shall keep its identity and members, and which Association forms part of this larger Association all of which work towards common goals and purposes as set out in the Constitution of the GAA.

Further information on the GAA and how we operate can be found in our Constitution and About pages.


This Privacy Policy may be updated from time to time. This version is dated 28 February 2024.


Personal information, as defined by the Protection of Personal Information Act, 2013 (“POPIA”), means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to: information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; information relating to the education or the medical, financial, criminal or employment history of the person; any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person; the biometric information of the person; the personal opinions, views or preferences of the person; correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; the views or opinions of another individual about the person; and the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.


We process your personal information in our capacity as a responsible party. This means that we are responsible for ensuring that we comply with relevant data protection laws when processing your personal information.


We have an Information Officer whose job is to oversee our data protection compliance in South Africa. You can contact our Information Officer by sending an email to:


We only collect personal information about you in connection with providing our services as the GAA. We will hold information about you if: you are a Member Firm of the JAA, PAA, WRAA; a Member of the JAA, PAA, WRAA or a representative of a Member Firm or Member of the JAA, PAA, WRAA you provide services to us (or you represent a company which provides services to us) you attend our seminars or events, receive our newsletters or visit our offices or website to comply with any legal and regulatory obligations.


The types of information we process about you may include:

  • Types of Personal Information
  • Details
  • Individual details
  • Title, full names, contact information (i.e. email address and telephone numbers), gender, firm name of employer, job title, firm address, firm contact information (i.e. telephone number, billing/accounts email address)
  • Identifiers
  • Information which can be traced back to you, such as an IP address or a website tracking code


We collect your personal information from various sources, including:

  • Directly from you, as the data subject; and
  • by actively obtaining your personal information ourselves, for example through the use of website tracking devices

Which of the sources apply to you will depend on why we are collecting your personal information.


The main purposes for which we use your personal information
  • Service providers We collect information about you in connection with your provision of services to us or your position as a representative of a provider of services to us. We do not generally look to collect special personal information for this purpose, other than where we are required to do so to meet our legal obligations.
  • Seminars, events and newsletters If you wish to attend our seminars or events or receive our newsletters, we ask you to provide us with a limited amount of information (usually your full names, contact information, your employer’s name, your job title and your employers billing/accounts contact information).  We use this information in order to communicate with you about our seminars and events provide you with our newsletters, to ensure that you are an appropriate audience for them. We do not generally look to collect special personal information for this purpose.
  • Visitors to our websites A number of facilities on our website may invite you to provide us with your personal information. Where you provide us with information, we will only use it for the purpose for which it has been provided by you.  Our website uses non-intrusive cookies to help it work more efficiently and to provide us with information on how the website is being used. In particular, the site uses Google Analytics, a web-based analytics tool that tracks and reports on the manner in which the website is used to help us to improve it. Google Analytics does this by placing ‘cookies’ on your device. Note that Google will also have its own control of this information and will hold it on its servers in the United States in accordance with its own privacy policies. You can control cookies through the settings or preferences of your browser, as well as through dedicated browser extensions or add-ons. We do not generally look to collect special personal information for this purpose on our website.


Where we are required to obtain your consent to process any personal information about you, we will ensure we obtain your consent to process your personal information. Where we do process your personal information based on your consent, you have the right to withdraw your consent at any time. To withdraw your consent please email us at or, to stop receiving our email newsletters, please click on the unsubscribe link in the relevant email you receive from us.


You do not have to provide personal information to us, however if you choose not to provide your personal information, we may not be able to provide our services or otherwise engage or communicate with you.


We do not sell your information nor make it generally available to others. But we do share your information in the following circumstances:

  • we use the services of various third party service providers and sub-contractors who provide a service to us (including but not limited to finance, events coordinating, data processing, IT and office services), in the course of providing our services and products to you
  • where we use external companies to organise or host events for us, we may need to provide these service providers with your relevant information
  • if we are legally required to comply with a request for information, we may provide your information to any competent authorities

In each case where we share your information with one of our service providers, the service provider is required to keep it safe and secure. They are also not permitted to use your information for their own purposes.


We are committed to protecting the information you provide us. We have implemented security measures to protect the personal information that we have under our control, in accordance with applicable data protection laws. The security measures are designed to prevent damage to, loss of, improper use or disclosure, unauthorised destruction or unlawful access to and processing of personal information.


We will keep your data only for as long as is necessary to respond to any queries or complaints, to improve the services that we offer to you or to comply with any legal obligations to which we may be subject.


Under certain conditions you have the right to request us to provide:

  • Access your information – request a copy of your personal information that we process about you, subject the obligation and/or right to refuse such access request in terms of applicable laws
  • Rectify your information – request us to amend or update your personal information where it is inaccurate, misleading or incomplete
  • Object to the processing of your personal information – where we are relying on our legitimate interest (or those of a third party) or to protect your legitimate interest
  • Object to the processing of your personal information – where such processing is for direct marketing purposes

If you have any questions in relation to our use of your personal information, would like to exercise any of your rights, or would like to share any comments with us, please email us at

Subject to any overriding legal obligations, requirements and/or exemptions, we will endeavour to respond to your request as soon as reasonably possible, unless we require further information from you. We may also ask you to provide proof of your identity.

If you feel that we do not comply with applicable data protection and privacy rules, you may lodge a complaint with the Information Regulator. Any dispute with the way we process your personal information may be reported to the Information Regulator per the below information:

  • The Information Regulator of South Africa is based at:
    • JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001.
    • P.O Box 31533, Braamfontein, Johannesburg, 2017
  • Email – Specific email addresses have been set up for specific purposes as outlined below:
    • General enquiries:
    • Complaints (complete POPIA/PAIA form 5)
    • – should your PAIA request be denied or there is no response from a public or private bodies for access to records you may use this email address to lodge a complaint.
    • – should you feel that your personal information has been violated, you may use this e-mail address to lodge a complaint
  • Manual registration of Information Officers:
    • – the registration portal for the registration of information officers is currently under construction. Manual applications may be submitted to the above email address.
  • Compliance
    • – This e-mail address should be used for POPIA compliance matters such as:
      • Applications for Prior Authorisations
      • Applications for Exemption
      • Applications for Processing of Information of Children
      • Applications for Processing Special Information
      • Applications for Codes of Conduct
      • Security Compromise notices (Data Breaches)
    • – This e-mail address should be used for:
      • Requests for assessment of non-compliance with PAIA.
      • Submission of PAIA annual report by public and private and bodies.
      • Requests for access to the records of the Information Regulator.