Welcome to

Real Estate Institute of Botswana


The Real Estate Institute of Botswana

The Real Estate Institute of Botswana (REIB) is an association registered under a Societies ACT of Botswana. It is a professional body representing the interest of property professionals, Government, parastatals, general public, commercial organisations, property investors, financial institutions and banks on matters relating to land and landed property. It promotes and encourages the highest level of professional standards on real estate services by members. The institute has a membership of more than 350 professionals specialising in areas of estate agency, property management, property valuations and auctioneering. This pool of professionals are the ones advising the Government, general public, property investors, commercial organisations, parastatals, financial institutions and banks on matters or transactions relating to land and landed property mostly on a daily basis.

Board Members


Status: Valuer

Position: President


Status: Estate Agent

Position: Vice President


Status: Estate Agent

Position: Treasurer


Status: Estate Agent

Position: Secretary General (Acting)



Feel free to browse the FAQ on regular data protection section or
contact our support

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

European Parliament and of the Council

27 April 2016

After a 2-year transition period, it is applicable as of May 25, 2018, without any enabling legislation passed by the government.

It applies to the following:

Any company or entity established within the EU processing personal data forming part of the activities of one of its branches; or

Any non-EU company or entity, outside the EU, like South Africa which offers goods and services to data subjects whether paid or for free. It also monitors EU individuals’ behavior.

You need to be a GDPR compliant if your company or entity is classified as a small and medium-sized enterprise, the business of which processes personal data, among others. However, if the core of the business is not focused on the processing of the data subject’s information and the same is not exposed to risks then some provisions of the GDPR do not apply. Provision not applied is the appointment of the Data Protection Officer. Core of the business refers to one of the activities of the controller or processor involving processing of data.

Breaching GDRP carries with it the penalty of fine. It is €20 Million, whichever is higher, or equivalent to 4% of annual global turnover. This is the calculated maximum fine. The most serious infringements include lacking sufficient customer consent for processing data subjects or violating the core of Privacy by Design concepts. For purposes of understanding the Privacy by Design, it is referring to data protection through the use of technology design. Under the GDPR, there is a tiered approach for imposing fines: either no notification effected for supervising authority (Art. 33 GDPR Notification of a personal data breach to the supervisory authority) as well as data subject concerning a breach or no impact assessment of the envisaged processing operations on the protection of personal data conducted (Art. 35 GDPR Data protection impact assessment). These foregoing rules apply to both controllers and processors. It means that 'clouds' are not exempted from GDPR enforcement.

GDPR key changes are proposed to the regulatory policies. They are the following:

Increasing territorial scope or applicability of extra-territoriality
Data subject rights such as the right to access, breach notification, data portability, right to be forgotten, and privacy by design For further information, read this

While processing of data carries with it risks resulting from the breach, it is mandatory for the controller to provide information on any evident risks as well as take steps to meet the obligations of the mandatory breach notification and communication requirements of the GDPR such individuals’ protection against any untoward potential consequences.