IRS POPIA Declaration

1. IRS Forensic Investigations (Pty) Ltd, including IRS Technical Division, and all entities and subsidiaries, Registration Number 2011/122311/07 (IRS, it, we, us or our) has its head office at 388 Louis Botha Avenue, Maryvale, Johannesburg, 2192.
2. IRS is a registered Security Services Provider, Registration Number 2499707, entitled in law to perform private investigations in accordance with the Private Security Regulatory Act, pursuant to other applicable legislation, including the Protection of Personal Information Act, the National Credit Act, and all other applicable laws in force.
3. IRS is committed to treat all your personal information with care and in a responsible manner.
4. Personal information includes any information that lets IRS identify you, such as your forenames, middle names and surname, together with your physical address, contact details such as email address and phone numbers, and/or passport/identity number.
5. Personal information in South Africa also refers to the personal information that uniquely identifies a legal entity, such as the trading name of a company combined with the company registration number, and other identifying numbers such as those issued by statutory organisations.
6. Special personal information includes that which details your race or ethnic origin, religious and philosophical beliefs, political persuasion, trade union membership, health or sex life, biometric information (for example, your voice or fingerprints) or any criminal behaviour which relates to alleged criminal offences or proceedings.
7. Personal information may be given to or collected by IRS in writing when contacting IRS via email, via social media links, via telephone, via our website contact form, or via our "Report Corruption" link on our website. The "Report Corruption" link has a function to protect the identity of the person making the report in accordance with the Protected Disclosures Act.
8. IRS also collects your information when you fill out a client checklist. This information is used specifically to review your report to us and thereafter to use it to populate any other document or statement required in law should you appoint us to investigate a case on your behalf.
9. Processing of personal information includes any initial processing that IRS does when we first collect your personal information. It also includes any further and ongoing processing that IRS is allowed to carry out legitimately in terms of the reasons listed in paragraph 10 below. The term "processing" includes collecting, using, altering, merging, linking, organising, disseminating, storing, retrieving, disclosing, erasing, archiving, destroying or disposing of personal information.
10. IRS will only collect and process your personal information for the reason you provided it to us, or to enable us to comply with the requirements of specific local or foreign laws that we are governed by; or to comply with any regulations, directives, judgments or court orders, government sanctions or embargoes, reporting requirements under financial transactions legislation, and demands of any authority, regulator, tribunal, enforcement agency or exchange body.
11. IRS may process your personal information to protect your or our legitimate interests. IRS will not collect and process personal information about you that we do not need for this purpose. The general purposes for which IRS collects and processes your personal information include, but are not limited to:
    • Creating a record of you on our system to verify your identity, review your request for products and/or services, provide you with the products and/or services you have requested for and then communicate with and keep you informed about these products and/or services.
    • Assessing your personal financial circumstances and needs before providing either advice and/or products or services to you. In this regard, we may collect your personal information from you in your capacity as our prospective client.
    • Any purpose related to the prevention of financial crime, including fraud detection and prevention, sanctions screening, adverse media screening, monitoring of anti-money laundering and any financing of terrorist activities.
    • Managing our business and identifying potential trends within the market, to ensure our products or services are provided in a market-fit manner.
    • Where you have applied for employment at IRS or for an IRS internship or learnership, we perform applicant screening and background checks, and such screening may include social media screening and screening relating to any information about you we may obtain from publicly available sources such as search engine results.
    • Where you are an IRS employee (including contractors), we create an employment record of you on our system to facilitate continuous monitoring during your employment with us.
    • Where you are an IRS director, we create a record of you as a director on our system.
    • Where you have been identified as a next of kin by an employee or customer, we create a record of you on our system.
    • Where you are a supplier to IRS, we process your personal information for due diligence, risk assessment, administrative and payment purposes.
12. IRS will not process your special personal information unless:
    • You have consented to IRS processing it (in circumstances where we are legally obliged to obtain your consent); or
    • It is necessary to exercise or defend a right or obligation in law; or
    • It is necessary to comply with an international legal obligation of public interest; or
    • It is for certain historical, research or statistical purposes that would not adversely affect your privacy; or
    • You have deliberately made your personal information public.
13. There are some personal information fields that you have to fill in or provide if you want IRS to provide you with your chosen product and/or service or onboard you as an employee, supplier, director or job applicant. This information can be provided in writing, electronically or telephonically, but it must be accurate and complete.
14. IRS enters into a written mandate with all clients which has extensive legal protections for all parties.
15. In most cases, personal information will be collected directly from you, either via the IRS website Contact Page or via the Client Checklist, but there may be other instances when IRS will collect personal information from other sources. These may include public records, places where you may already have made your personal information public (for example, on social media where your settings on such social media are set to "public"), credit bureaus, or individuals/directors whom you have appointed as your representative, where you are a corporate entity. IRS will only collect your personal information from other sources where we are legally entitled or obliged to do so, and you are entitled to ask IRS which sources IRS used to collect your personal information. This information is used to fulfil our obligations to you as our client and to protect the interests of all parties.
16. For the purposes outlined in paragraph 10 above, IRS will, in most instances, collect and process your personal information internally. However, there are times when IRS needs to outsource these functions to third parties, including parties in other countries. Where your personal information is shared internally within IRS, such sharing will be carried out only for the purposes outlined in paragraph 10 above. IRS may also need to share your personal information with external organisations, such as credit bureaus, tax authorities or other regulatory or industry bodies, so that we can meet our due diligence or regulatory requirements. We may need to share your personal information with our counter-parties, where we are involved in mediated settlements on your behalf or negotiating financial restitution on your behalf or relating to the negotiated deferred prosecution of a suspect where the agreement is that of restorative justice for you, or to any party to whom we assign our rights under any of our agreements for particular products and services.
17. IRS will not share your personal information with third parties who do not need your personal information, or where IRS is not legally permitted to do so. When IRS decides to transfer your personal information to third parties, we will only provide it to organisations that have data privacy policies equivalent to that of IRS, or subject to appropriate contractual obligations, or to those who are subject to laws relating to the processing of personal information that are similar to those that apply to IRS.
18. We will adhere to your communication preferences whenever we can, but we may need to send you important communications via a channel that is not your preference. We will only do so in cases where we deem the information to be important and relevant for you.
19. To the extent that local legislation permits or if you are a resident of the European Union or United Kingdom, you have the following rights regarding your personal information:
    • The right to access your personal information that we have on record. Please refer to our PAIA manual on our website at irsa.co.za for the process to access your personal information.
    • You have the right to ask IRS to correct any of your personal information that is incorrect. These requests must be sent to us in writing to our information officer.
    • You can ask IRS to delete or destroy your personal information.
    • You can also object to IRS processing your personal information. These requests must be sent to IRS in writing to our information officer. However, the result of such a request will be that IRS may have to suspend the provision of products and/or services for a period of time, or even terminate our relationship with you. IRS's records are subject to regulatory retention periods, which means that IRS may not be able to delete or destroy your personal information immediately upon request.
    • You may also ask IRS to port your personal information to another party in terms of applicable laws. These requests must be sent to us in writing to our information officer.
20. If you have a complaint relating to the protection of your personal information, including the way in which it has been collected or processed by IRS, please contact us using the local contact details listed below. If you have not had your complaint dealt with satisfactorily, you may lodge a complaint with the Information Regulator in terms of applicable privacy laws such as POPIA.
21. In the case of a personal data breach, IRS shall without undue delay and where feasible after becoming aware of the data breach notify the Information Regulator of such a breach and pursuant to s22(3), the affected data subject in the required format; unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the Regulator is not made within the mandatory time frame it shall be accompanied by reasons for the delay.

IRS reserves the right to change this statement at any time. All changes to this statement will be posted on the website. Unless otherwise stated, the current version shall supersede and replace all previous versions of this statement.

Last updated: 01 May 2026

Contact Details

If you wish to exercise any of your rights or have any queries relating to your personal information, please contact our Information Officer:

Information Officer: Glenda Paul
South Africa: 0861 911 477
International: +27 11 486 1037
Email: Send us a message