Privacy Policy
The Promotion of Access to Information Act No. 2 of 2000, (‘PAIA’) came into operation on 09 March 2001. Section 51 of this Act requires that the Company as a private body compile a Manual giving information to the public regarding the procedure to be followed in requesting information from the Company for the purpose of exercising or protecting rights. On request, the private body or government is obliged to release such information unless the PAIA Act expressly states that the records containing such information may or must not be released.
The Protection of Personal Information Act, 2013 (the “POPI Act”) provides for:
-
The protection of Personal Information processed by public and private bodies;
-
Certain conditions so as to establish minimum requirements for the processing of Personal Information;
-
The establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of the POPI Act and the PAIA Act;
-
The issuing of codes of conduct;
-
The rights of persons regarding unsolicited electronic communications and automated decision making;
-
The regulation of the flow of Personal Information across the borders of the Republic; and
-
Matters connected therewith.
Section 14 of the Constitution of the Republic of South Africa, 1996, provides that everyone has the right to privacy. The right to privacy includes a right to protection against the unlawful collection, retention, dissemination and use of personal information.
The POPI Act gives Data Subjects the right to, in the prescribed manner, request a Responsible Party to correct or delete Personal Information about the Data Subject in its possession or under its control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully; or destroy or delete a record of Personal Information about the Data Subject that the Responsible Party is no longer authorised to retain access and/or request the correction or deletion of any Personal Information held about them that may be inaccurate, misleading or outdated.
1. Confidentiality & Access to Information
The Company will protect the confidentiality of information provided to it by third parties, subject to its obligations to disclose information in terms of any applicable law or regulation or a court order requiring disclosure of information. If access is requested to a record that contains information about a third party, the Company is obliged to attempt to contact such third party to inform him/her/it of the request.
The Company will give the third party an opportunity of responding by either consenting to the access or by providing reasons why the access should be denied. In the event that the third-party furnishing reasons for the support or denial of access, the Deputy Information Officer will consider these reasons in determining whether access should be granted to the requestor or not.
2. Records Automatically Available [Section 51(1)(c)]
Records that are automatically available at the registered office of the Company are:
-
Records of the Company lodged in terms of government requirements such as the Registrar of Deeds;
-
Documentation and information relating to the Company which is held by the Companies and Intellectual Properties Commission in accordance with the requirements set out in section 25 of the Companies Act 71 of 2008;
-
Product and Services Brochures;
-
News and other Marketing Information; and
-
Certain other information relating to the Company is also made available on said website from time to time.
3. Records Not Automatically Available
Records of the Company which are not automatically available must be requested in terms of the required procedure in terms of the Regulations as set out in terms of POPIA and which may be subject to the restrictions and right of refusal to access as provided for in the PAIA Act and in POPIA.
No request shall be accepted telephonically, nor shall any information be supplied telephonically.
4. Request Procedure
Records held by the Company may be accessed, on request, only once the requirements for access have been met. A Requester is any person making a request for access to a record of the Company and in this regard, the Act distinguishes between two types of Requesters:
-
Personal Requester: A personal Requester is one who seeks access to a record containing the Requester’s own personal information.
-
Other Requester: Other Requesters are those who request access to information pertaining to third parties.
A request will not automatically be granted and short reasons for the refusal shall be supplied.
It should be noted that a request for access to information can be refused if the application does not comply with the requirement of the Act. Further the completion and submission of a request does not automatically allow the Requester access to the requested record.
The Requester must comply with all the procedural requirements contained in the PAIA and POPI Acts relating to the request for access to records.
If you wish to request access to any of the above categories of information you are required to complete a request form. These forms are available from:
-
The SAHRC website (www.sahrc.org.za);
-
The Department of Justice and Constitutional Development website (www.doj.gov.za).
A Requester must state that the information is required in order to exercise or protect a right, and clearly state what the nature of the right is so to be exercised or protected. The Requester must also provide an explanation of why the requested record is required for the exercise or protection of that right.
If an individual is unable to complete the prescribed form because of illiteracy or disability, such a person may make the request orally to the information officer.
If it is reasonably suspected that the Requester has obtained access to records through the submission of materially false or misleading information, legal proceedings may be instituted against such Requester.
The completed Access Request Form together with a copy of the identity document must be submitted via conventional mail or e-mail and must be addressed to the contact person as indicated above.
5. Grounds for Refusal of Access to Records
The Company has the right to refuse access to information on legal grounds as set out in POPIA and in PAIA which will mainly be on one or more of the following grounds:
-
Mandatory protection of the personal information, special personal information or privacy of a third party who is a natural person (including children), if such disclosure would involve the unlawful or unreasonable disclosure of Personal Information about a third party, including a deceased individual or child, subject to the provisions of section 63 (2) of PAIA or any section or regulation of POPIA.
-
Mandatory protection of the personal, confidential or commercial information of the third party (which may be a natural person or legal entity), if the record contains:
-
Trade secrets of that party;
-
Financial, commercial, scientific or technical information which disclosure could likely cause harm to the financial or commercial interest of that party;
-
Information disclosed in confidence by the third party to the Company if the disclosure could put the third party to a disadvantage in negotiations or commercial completion;
-
Mandatory protection of confidential information of third parties if it is protected in terms of any Agreement.
-
Mandatory protection of certain confidential information of third party, where the head of a private body must refuse a request for access to a record of the body if its disclosure would constitute an action for breach of a duty of confidence owed to a third party in terms of an Agreement.
-
Mandatory protection of the safety of individuals and the protection of property, where such disclosure could endanger the life or physical safety of an individual, or prejudice or impair the security of:
-
a building, structure or any system;
-
a means of transport; or
-
any other property.
-
Mandatory protection of records which could be regarded as privileged in legal proceedings, unless the legal privilege has been waived.
-
Mandatory protection of records and information as laid out in the National Key Point Act;
-
Commercial information of private body, in that a request for access to a record may be refused if the record contains:
-
trade secrets, financial, commercial, scientific or technical information of the institution, which disclosure, could likely cause harm to the financial or commercial interest of the institution;
-
Information which, if disclosed could prejudice or put the institution at a disadvantage in negotiations or commercial competition; and
-
A computer program which is owned by the institution and which is protected by copyright.
-
Mandatory protection of research information of the institution. A request will be refused if this disclosure would disclose the identity of the institution, the researcher or the subject matter of the research and would place the researcher at a serious disadvantage.
-
Mandatory disclosure in public interest. Despite any of the protections mentioned above, the Director of the Company shall grant a request for access to a record if:
-
the disclosure of the record would reveal evidence of:
-
-
a substantial contravention of, or failure to comply with, the law; or
-
imminent and serious public safety or environmental risk; and
-
the public interest in the disclosure of the record clearly outweighs the harm contemplated in the provision in question.
-
If disclosure of the record would prejudice or impair the security of property or means of transport;
-
If disclosure of the record would prejudice or impair the protection of a person in accordance with a witness protection scheme;
-
Disclosure of the record would put the Company at a disadvantage in contractual or other negotiations or prejudice it in commercial competition;
-
The record is a computer programme; and the record contains information about research being carried out or about to be carried out on behalf of a third party or the Company.
6. Remedies for Refusal
If the request for access is refused, the Information Officer of the Company must:
-
State adequate reasons for the refusal, including the provisions of this Act relied on;
-
Exclude, from any such reasons, any reference to the content of the record; and
-
State that the Requester may lodge an application with a court against the refusal of the request, and the procedure (including the period) for lodging the application.
​
7. Internal Remedies
The Company does not have an internal appeal procedure. As such, the decision made by the Information Officer and the Deputy Information Officer pertaining to a request is final, and requestors will have to exercise such external remedies at their disposal if a request is refused, and the requestor is not satisfied with the response provided by the information officer.
​
8. External Remedies
A requester that is dissatisfied with the information officer’s refusal to disclose information, may within 30 days of notification of the decision, apply to a court for appropriate relief. For purposes of the Act, courts that have jurisdiction over these applications are the Constitutional Court, the High Court or another court of similar status. The court will review the request and decide whether in fact the Deputy Information Officer of the Company should give the Requester the information requested or not. A court hearing an application in terms of the PAIA Act may grant any order that is just and equitable including orders:
-
Confirming, amending or setting aside the decision which is the subject of the application;
-
Requiring the Information Officer of the Company or relevant authority of a public body or the head of a private body to take such action or to refrain from taking such action, as the court considers necessary within the period mentioned in the court order;
-
Granting an interdict, interim or specific relief, a declaratory order or compensation; or
-
Granting an order as to costs.
9. Records that Cannot be Found/Do Not Exist
If the Company has searched for a record and it is believed that the record does not exist or cannot be found, the Requester will be notified by way of an affidavit or affirmation. This will include the steps that were taken to try to locate the record.
If after notice is given, the record in question is found, the Requester must be given access thereto unless the ground for the refusal of access exists.
If the request is declined for any reason the notice must include adequate reasons for the decision, together with the relevant provisions of the PAIA Act relied upon and provide the procedure to be followed should the Requester wish to appeal the decision.
Section 59 provides that the Deputy Information Officer of the Company may serve a record and grant access only to that portion which the law does not prohibit access to.