Menu
|
Client |
any natural or juristic person that received or receives services from the Company
|
|
Conditions for Lawful Processing |
the conditions for the lawful processing of Personal Information as fully set out in chapter 3 of POPI and in paragraph 12 of this Manual
|
|
Data Subject |
the person to whom personal information relates
|
|
Information Officer |
the individual who is identified in paragraph 3 of this manual
|
|
Manual |
this manual
|
|
PAIA |
the Promotion of Access to Information Act 2 of 2000
|
|
Personal Information |
means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to— a. information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; b. information relating to the education or the medical, financial, criminal or employment history of the person; c. any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person; d. the biometric information of the person; e. the personal opinions, views or preferences of the person; f. correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; g. the views or opinions of another individual about the person; and h. the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person
|
|
Personnel |
any person who works for, or provides services to or on behalf of the Company, and receives or is entitled to receive remuneration and any other person who assists in carrying out or conducting the business of the Company, which includes, without limitation, directors (executive and non-executive), all permanent, temporary and part-time staff as well as contract workers
|
|
POPI |
the Protection of Personal Information Act 4 of 2013 |
|
|
|
|
POPI Regulations |
the regulations promulgated in terms of section 112(2) of POPI
|
|
Private Body |
means— a. a natural person who carries or has carried on any trade, business or b. a partnership which carries or has carried on any trade, business or profession; or c. any former or existing juristic person, but excludes a public body
|
|
Processing |
means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including— a. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use; b. dissemination by means of transmission, distribution or making available in any other form; or c. merging, linking, as well as restriction, degradation, erasure or destruction of information
|
|
SAHRC |
the South African Human Rights Commission |
Any other terms not described herein will have the meaning as ascribed to it in terms of PAIA or POPI.
2.1. For the purpose of POPI and PAIA, the Company is defined as a private body. In accordance with the Company’s obligations in terms of POPI and PAIA, the Company has produced this manual.
2.2. This manual sets out all information required by both PAIA and POPI.
2.3. This manual also deals with how requests are to be made in terms of PAIA.
2.4. This manual also establishes how compliance with POPI is to be achieved.
Business Name | Antiseptol International co (PTY) LTD |
Registration Number | 1959/04502/07 |
Registered Office | 14 Roller Street, Spartan |
Postal Address | PO Box 172, Edenvale, 1610 |
Contact Number | |
Information Officer | Palma Stewart |
Email address |
Background information of the Company can be found at https://antiseptol.com/
4.1. A guide to PAIA and how to access information in terms of PAIA has been published pursuant to section 10 of PAIA.
4.2. The guide contains information required by an individual who may wish to exercise their rights in terms of PAIA.
4.3. Should you wish to access the guide you may request a copy from the Information Officer by submitting ANNEXURE A (Click Here), attached hereto, to the details specified above.
4.4. You may also inspect the guide at the Company’s offices during ordinary working hours.
4.5. You may also request a copy of the guide from Information Regulator at the following details:
Information Regulator:
Postal Address: P.O. Box 31533, Braamfontein, Johannesburg, 2017
Telephone: (010) 023 5200
Website: www.justice.gov.za
5.1. At this stage no Notice(s) has / have been published on the categories of records that are available without having to request access to them in terms of PAIA.
6.1 The Company holds and/or process the following records for the purposes of PAIA and POPI.
6.2 The following records may be requested, however it should be noted that there is no guarantee that the request will be honoured. Each request will be evaluated in terms of PAIA and any other applicable legislation.
Products and/or Services:
All products and/or services are available freely on the Company’s website as set out above.
Human Resources:
Employment Contracts
Employee benefits
Personnel records and correspondence
Training records
Internal policies
Information pertaining to share options, share incentives, bonus or profit sharing agreements of each employee
Pension and provident find records
Legal:
Agreements with Clients
Agreement with Suppliers
Shareholder agreements
Partnership agreements
Licenses and Permits
Power of Attorneys
Sale agreements
Lease agreements
Company Secretarial:
Memorandum of Incorporation
Secretarial records
Tradename registrations
Trademark registrations
Company registration documents
Statutory registers
Minutes of Shareholder’s meetings
Minutes of Director’s meetings
Register of Directors
Share Certificates
Financial:
Accounting records
Annual reports
Interim reports
Auditor details and reports
Tax returns
Insurance records
Client:
Client database
Credit Applications
Correspondence with Clients
Documentation prepared for Clients.
Invoices, receipts, credit and debit notes
Marketing:
Published Marketing material
Miscellaneous:
Internal Correspondence
Information technology records
Trade secrets
Domain name registrations
Website information
Asset registers
Title deeds
7.1 The Company may be in possession of records in terms of the following legislation as and when applicable:
7.1.1 Basic Conditions of Employment Act, No. 75 of 1997
7.1.2 Companies Act, No. 71 of 2008
7.1.3 Compensation for Occupational Injuries and Diseases Act, No. 130 of 1993
7.1.4 Competition Act, No. 89 of 1998
7.1.5 Constitution of the Republic of South Africa Act, No. 108 of 1996
7.1.6 Credit Agreement Act, No. 75 of 1980
7.1.7 Employment Equity Act, No. 55 of 1998
7.1.8 Identification Act, No. 68 of 1997
7.1.9 Inspection of Financial Institutions Act, No. 18 of 1998
7.1.10 The Labour Relations Act, No. 66 of 1995
7.1.11 The Long-Term Insurance Act, No. 52 of 1998
7.1.12 Pension Funds Act, No. 24 of 1956
7.1.13 Short Term Insurance Act, No. 53 of 1998
7.1.14 Skills Development Levies Act, No. 9 of 1999
7.1.15 Unemployment Insurance Act, No. 63 of 2001
7.1.16 Patents, Designs and Copyright Merchandise Marks Act, No. 17 of 1941
7.1.17 Income Tax Act, No. 58 of 1962
7.1.18 Occupational Health and Safety Act No. 85 of 1993
7.1.19 Customs and Excise Act No. 91 of 1964
7.1.20 Road Transportation Act No. 74 of 1977
7.1.21 Machinery and Occupational Safety Amendment Act No. 181 of 1993
7.1.22 Prescription Act No. 68 of 1969
8.1 An individual who wishes to place a request must comply with all the procedures laid down in PAIA.
8.2 The requester must complete ANNEXURE B (click here), which is attached hereto and submit it to the Information Officer at the details specified above.
8.3 The prescribed form must be submitted as well as payment of a request fee and a deposit, if applicable to the information officer at the postal or physical address, fax number or electronic mail as is stated herein.
8.4 The prescribed form must be completed with enough particularity to enable the information officer to determine:
8.4.1 The record(s) requested;
8.4.2 The identity of the requestor;
8.4.3 What form of access is required; and
8.4.4 The Postal address or fax number of the requestor.
8.5 The requestor must state that the records are required for the requestor to exercise or protect a right, and clearly state what the nature of the right is so to be exercised or protected. An explanation of why the records requested is required to exercise or protect the right.
8.6 The request for access will be dealt with within 30 days from date of receipt, unless the requestor has set out special grounds that satisfies the Information Officer that the request be dealt with sooner.
8.7 The period of 30 days may be extended by not more than 30 additional days, if the request is for a large quantity of information, or the request requires a search for information held at another office of the Company and the information cannot be reasonably obtained within 30 days. The information officer will notify the requestor in writing should an extension be necessary.
8.8 The requestor will be informed in writing whether access to the records have been granted or denied. If the requestor requires a reason for the decision the request must be expressed in the prescribed form, the requestor must be further stated what particulars of the reasoning the requestor requires.
8.9 If a requestor has requested the records on another individual’s behalf, the requestor must submit proof of the capacity the requestor submits the request in, to the satisfaction of the information officer.
8.10 Should the requestor have any difficulty with the form or the process laid out herein, the requestor should contact the Information Officer for assistance.
8.11 An oral request can be made to the Information Officer should the requestor be unable to complete the form due to illiteracy or a disability. The Information Officer will complete the form on behalf of the requestor and provide a copy of the form to the requestor.
9.1. The following are grounds upon which the Company may, subject to the exceptions in Chapter 4 of PAIA, refuse a request for access in accordance with Chapter 4 of PAIA:
9.1.1. Mandatory protection of the privacy of a third party who is a natural person, including a deceased person, where such disclosure of Personal Information would be unreasonable
9.1.2. Mandatory protection of the commercial information of a third party, if the Records contain:
9.1.2.1. Trade secrets of that third party;
9.1.2.2. Financial, commercial, scientific or technical information of the third party, the disclosure of which could likely cause harm to the financial or commercial interests of that third party; and/or
9.1.2.3. Information disclosed in confidence by a third party to The Company, the disclosure of which could put that third party at a disadvantage in contractual or other negotiations or prejudice the third party in commercial competition;
9.1.3. Mandatory protection of confidential information of third parties if it is protected in terms of any agreement;
9.1.4. Mandatory protection of the safety of individuals and the protection of property;
9.1.5. Mandatory protection of Records that would be regarded as privileged in legal proceedings;
9.1.6. Protection of the commercial information of the Company, which may include:
9.1.6.1. Trade secrets;
9.1.6.2. Financial/commercial, scientific or technical information, the disclosure of which could likely cause harm to the financial or commercial interests of the Company;
9.1.6.3. Information which, if disclosed, could put the Company at a disadvantage in contractual or other negotiations or prejudice the Company in commercial competition; and/or
9.1.6.4. Computer programs which are owned by the Company, and which are protected by copyright and intellectual property laws;
9.1.7. Research information of the Company or a third party, if such disclosure would place the research or the researcher at a serious disadvantage; and
9.1.8. Requests for Records that are clearly frivolous or vexatious, or which involve an unreasonable diversion of resources.
10.1. The Company does not have an internal appeal procedure in light of a denial of a request, decisions made by the information officer is final;
10.2. The requestor may in accordance with sections 56(3) (c) and 78 of PAIA, apply to a court for relief within 180 days of notification of the decision for appropriate relief.
11.1. The following fees shall be payable upon request by a requestor:
|
Request fee (Payable on every request) |
R140.00 |
|
Photocopy of an A4 page or part thereof |
R2.00 |
|
Printed copy of an A4 page or part thereof |
R2.00 |
|
Hard copy on flash drive (Flash drive to be provided by requestor) |
R40.00 |
|
Hard copy on a compact disc (Compact disc to be provided by requestor) |
R40.00 |
|
Hard copy on a compact disc (Compact disc to be provided by the Company) |
R60.00 |
|
Transcription of visual images per A4 page |
As per quotation of service provider |
|
Copy of visual images |
As per quotation of service provider |
|
Transcription of an audio record per A4 page |
R24.00 |
|
Copy of an audio record on flash drive (Flash drive to be provided by requestor) |
R40.00 |
|
Copy of an audio on a compact disc (Compact disc to be provided by requestor) |
R40.00 |
|
Copy of an audio on a compact disc (Compact disc to be provided by the Company) |
R60.00 |
|
To search for and prepare the record for disclosure for each hour or part of an hour, excluding the first hour, reasonably required for such search and preparation |
R145.00 |
|
To search for and prepare the record for disclosure for each hour or part of an hour, excluding the first hour, reasonably required for such search and preparation (cannot exceed total cost) |
R435.00 |
|
Postage, email or any other electronic transfer |
Actual expense, if any. |
12.1. Conditions fort lawful processing:
12.1.1. POPI has eight conditions for lawful processing and includes:
12.1.1.1. Accountability
12.1.1.2. Processing limitation
12.1.1.3. Purpose specification
12.1.1.4. Further processing limitation
12.1.1.5. Information quality
12.1.1.6. Openness
12.1.1.7. Security safeguards
12.1.1.8. Data subject participation
12.1.2. The Company is involved in the following types of processing:
12.1.2.1. Collection
12.1.2.2. Recording
12.1.2.3. Organization
12.1.2.4. Structuring
12.1.2.5. Storage
12.1.2.6. adaptation or alteration
12.1.2.7. retrieval
12.1.2.8. consultation
12.1.2.9. use
12.1.2.10. disclosure by transmission
12.1.2.11. dissemination or otherwise making available
12.1.2.12. alignment or combination
12.1.2.13. restriction
12.1.2.14. erasure
12.1.2.15. destruction
12.1.3. The Company processes information for the following purposes:
12.1.3.1. to fulfil agreements in relation to its employees;
12.1.3.2. to provide services to its clients in accordance with terms agreed to by the Clients;
12.1.3.3. to undertake activities related to the provision of services, such as
12.1.3.3.1. to fulfil domestic legal, regulatory and compliance requirements
12.1.3.3.2. to verify the identity of Customer representatives who contact the Company or may be contacted by The Company;
12.1.3.3.3. for risk assessment, information security management, statistical, trend analysis and planning purposes;
12.1.3.3.4. to monitor and record calls and electronic communications with the Client for quality, training, investigation and fraud prevention purposes;
12.1.3.3.5. to enforce or defend the Company or the Company affiliates’ rights;
12.1.3.3.6. to manage the Company’s relationship with its clients, which may include providing information to its clients and its clients affiliates about the Company’s and the Company affiliates’ products and services;
12.1.3.4. the purposes related to any authorised disclosure made in terms of agreement, law or regulation;
12.1.3.5. any additional purposes expressly authorised by the Company’s client;
12.1.3.6. any additional purposes as may be notified to the Client or Data Subjects in any notice provided by the Company.
12.2. The Company processes personal information the following categories of Data Subjects:
12.2.1. Juristic persons –
12.2.1.1. Corporate clients
12.2.1.2. Suppliers
12.2.2. Natural persons –
12.2.2.1. Individuals
12.2.2.2. Staff
12.2.2.3. Clients
12.2.2.4. Suppliers
12.3. The Company process the following categories personal information:
12.3.1. Client profile information;
12.3.2. Bank account details;
12.3.3. Payment information;
12.3.4. Client representatives;
12.3.5. Names;
12.3.6. Email Addresses;
12.3.7. Telephone numbers;
12.3.8. Facsimile numbers;
12.3.9. Physical addresses;
12.3.10. Tax numbers;
12.3.11. Identity Numbers;
12.3.12. Passport Numbers;
12.4. Recipients of Personal Information:
12.4.1. The Company, the Company’s affiliates, their respective representatives
12.5. When making authorised disclosures or transfers of personal information in terms of Section 72 of POPI, personal information may be disclosed to recipients in countries that do not have the same level of protection for personal information as South Africa does.
12.6. The following Security measures are implemented by the Company:
12.7. The Company implements numerous Security measures to protect personal information that is stored electronically and physically.
12.7.1.1. The Company ensures that appropriate security measures are taken and updates these measures on a regular basis.
12.7.1.2. The Company have also implemented various policies for additional security for personal information stored both physically and electronically.
12.7.2. The personal information that is stored physically is protected as follows:
12.7.2.1. Where physical records of the data exist, such records will be stored in a secure area that can be ‘locked-away’ as to avoid a breach of the personal information.
12.7.2.2. Such physical data records will be ‘locked-away’ and secured when not in use.
12.8. The Company may share personal information with third parties and in certain instances this may result in cross border flow of the personal information. The personal information will always be subject to protection, not less than the protection it is afforded under the Protection of Personal Information Act No.4 of 2013.
12.9. Objection to the processing of personal information by a data subject:
12.9.1. Section 11(3) of POPI and regulation 2 of the POPI regulations provides that a data subject may, at any time object to the processing of their personal information in the prescribed form attached to this manual as annexure “B”.
12.10. Request for correction or deletion of personal information:
12.10.1. Section 24 of POPI and regulation 3 of the POPI regulations provides that a data subject may request for their personal information to be corrected and/or deleted in the prescribed form attached hereto as ANNEXURE “C” (Click Here).