POPIA and Homeschooling: Keeping Your Child’s Data Safe in South Africa
1 July 2026 · 6 min read
If you homeschool in South Africa and use any app to store your child’s photos and records, POPIA — the Protection of Personal Information Act — applies to how that data is handled. Here is a plain-language overview for parents.
Children’s data gets extra protection
POPIA treats information about children as special personal information. In practice that means it should only be processed with the consent of a competent person — usually the parent or guardian — and for a clear, limited purpose. When you upload a photo to build a portfolio, you are the one giving that consent.
Where your data lives matters
Section 72 of POPIA governs sending personal information outside South Africa. It is allowed when the destination offers a level of protection substantially similar to POPIA, when the data subject consents, or when the transfer is necessary to deliver the service you asked for. Hosting in the EU — which is governed by the GDPR — comfortably meets that “adequate protection” test.
Questions worth asking any homeschool app
- Where is my data stored, and under which privacy law?
- Are my children’s photos ever used to train AI models? (They should not be.)
- Can I export and permanently delete everything?
- Is data encrypted in transit and at rest?
How Homeschoolfolio approaches it
Homeschoolfolio is hosted in the European Union (Frankfurt) and handles data in line with both the GDPR and POPIA’s cross-border rules. Photos are stored privately and never used to train AI models, and you can export or delete your data at any time. You can read the full detail on our privacy policy.
This article is general information, not legal advice — for your specific obligations, check with a South African privacy professional.