The Protection of Personal Information Act (POPIA) treats driver location data as personal information. That means installing a tracker isn't just an operational decision — it's a data-protection one.
Most fleet operators we work with were unaware of three specific obligations:
1. Driver consent at install. Drivers must be informed, in writing, that the vehicle they operate is being tracked, what data is being collected, how long it will be retained, and who has access. We provide a template consent form at install.
2. Data minimisation. You can collect location data needed for legitimate operational purposes. You cannot collect data beyond that purpose — for example, continuous tracking of a driver's personal vehicle after hours when they take the company bakkie home.
3. Retention period. Personal information must not be retained for longer than necessary. We default to a 36-month retention period for trip data, configurable per operator.
What this means in practice
Your driver employment contracts should reference the tracking. Your install procedure should include the consent step. Your data access permissions inside the Wialon platform should be role-based — fleet managers see fleet data, but specific drivers can only be queried by authorised personnel.
We don't issue legal advice — we issue a compliance pack. Speak to your attorney about adapting the templates to your operation.