Data & Risk

Enterprise-grade protection for your cross-border team.

POPIA and GDPR-aligned contracts, IP assignment, and security controls — so hiring in South Africa strengthens your compliance posture instead of exposing it.

Controls we operate

Security and compliance, baked into every hire.

POPIA-compliant contracts

Every employment agreement includes lawful-basis clauses, processor terms, and subject-rights procedures aligned with POPIA and GDPR.

IP assignment & confidentiality

Present-and-future IP assigned to your entity, plus enforceable NDAs, non-solicits, and post-employment restraints where applicable.

Device & access controls

Managed laptops with disk encryption, MDM, and SSO enforcement. Access to your systems is provisioned and revoked with the employment lifecycle.

Audit trails

Onboarding, access grants, terminations, and payroll changes are logged. When your security team asks, we can show the evidence.

Incident response

Documented response plan for data incidents affecting SA employees — with US client notification SLAs and Information Regulator escalation paths.

DPAs & sub-processors

Signed data processing agreements, a maintained sub-processor list, and vendor due diligence for anything that touches your data.

Standards we align to

We meet the bar your security and legal teams expect from a US vendor.

  • POPIA (Protection of Personal Information Act, SA)
  • GDPR-aligned processing for EU data flows
  • SOC 2-aligned internal controls
  • ISO 27001-aligned security practices
  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Least-privilege access with quarterly reviews

Risks we remove

The four cross-border risks that actually bite.

Misclassification

Hiring contractors long-term across borders exposes you to reclassification, back taxes, and penalties. EOR employment eliminates the risk.

IP ownership

Without SA-law-compliant assignment clauses, work product may not belong to your US entity. Every EMPLOI contract closes that gap.

Data residency & POPIA

SA has its own privacy regime with real teeth. We handle lawful basis, DPAs, and subject requests so you don't have to become an expert.

Termination disputes

SA labour law protects employees strongly. We structure probation, warnings, and terminations so exits don't become CCMA cases.

Talk to us

Want our DPA, controls summary, or a security review?

We'll share our data processing agreement, sub-processor list, and controls documentation on request. Your security team is welcome to interrogate them.