Kwali Group (Pty) Ltd – PAIA MANUAL
In terms of Section 51 of
The Promotion of Access to Information Act 2 of 2000
(as amended)
TABLE OF CONTENTS
Contact details
Abbreviations
Definitions
- Introduction
- Purpose of PAIA manual
- Guide on how to use PAIA and how to obtain access to the guide
- Categories of records available without formal request
- Description of the records in accordance with any other legislation
- Description of personal records and categories of records held
- Processing of personal information
- Availability of the manual
- Updating of the manual
Contact details for access to information from Kwali Group (Pty) Ltd
PAIA Chief Information Officer
Name: Niel Steyn
Tel: 082 213 6529
Email: info@kwali.co.za
Deputy Information Officer (no one appointed)
Access to information general contacts
Tel: 082 213 6529
Email: info@kwali.co.za
This PAIA Manual of Kwali Group (Pty) Ltd is available at: De Wilger Farm, Adam Tas Street, Klapmuts. As well as our website: www.kwaligroup.co.za
Head Office
Postal Address: PO Box 519, Brackenfell, 7561
Physical Address: 6 Quarry Close, Protea Heights, Brackenfell, 7560
Telephone: 021 982 6077
Email: info@kwali.co.za
Website: www.kwaligroup.co.za
LIST OF ABBREVIATIONS
“CEO” Chief Executive Officer
“DIO” Deputy Information Officer;
“CIO“ Chief Information Officer;
“PAIA” Promotion of Access to Information Act No. 2 of 2000( as Amended;)
“POPIA” Protection of Personal Information Act No.4 of 2013;
1. INTRODUCTION
The Promotion of Access to Information Act, No. 2of 2000 (PAIA) is giving effect to the constitutional right of all, in terms of section 32 of the Bill of Rights contained in the Constitution of the Republic of South Africa 108 of 1996 (“Constitution”) the of access to any information held by the state and any information that is held by another person and that is required for the exercise/protection of any rights
Promotion of Access to Information Act (PAIA) and the Protection of Personal Information Act (POPIA) could be confusing. They can be seen as “information” laws and are both from the 1st of July 2021 enforced by the same Information Regulator. PAIA is an “Access” law, all about access of Information and POPIA is a “Privacy” law all about privacy of personal information. They shouldn’t be seen as competing, but rather, both are there to help ensure that information is managed correctly.
2. PURPOSE OF PAIA MANUAL
In terms of section 51 of the PAIA, all Private Bodies are required to compile an Information Manual (“PAIA Manual”). This PAIA Manual is useful for the public to-
2.1 check the categories of records held by a Construction Company which are available without a person having to submit a formal PAIA request;
2.2 have a sufficient understanding of how to make a request for access to a record of a Construction Company, by providing a description of the subjects on which a Construction Company holds records and the categories of records held on each subject;
2.3 now the description of the records of a Construction Company which are available in accordance with any other legislation;
2.4 access all the relevant contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;
2.5 know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;
2.6 know if a Construction Company will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or categories of information relating thereto;
2.7 know the description of the categories of data subjects and of the information or categories of information relating thereto;
2.8 know the recipients or categories of recipients to whom the personal information may be supplied;
2.9 know if a Construction Company has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information may be supplied; and
2.10 know whether a Construction Company has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be processed.
3. GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE
3.1 The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably
be required by a person who wishes to exercise any right contained in PAIA and POPIA.
3.2 The Guide is available in each of the official languages and in braille.
3.3 The aforesaid Guide contains the description of-
3.3.1 the objects of PAIA and POPIA;
3.3.2 the postal and street address, phone and fax number and, if available, electronic mail address of-
3.3.2.1 the Information Officer of every public body, and
3.3.2.2 every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA and section 56 of POPIA;
3.3.3 the manner and form of a request for-
3.3.3.1 access to a record of a public body contemplated in section 11; and
3.3.3.2 access to a record of a private body contemplated in section 50;
3.3.4 the assistance available from the IO of a public body in terms of PAIA and POPIA;
3.3.5 the assistance available from the Regulator in terms of PAIA and POPIA;
3.3.6 all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-
3.3.6.1 an internal appeal;
3.3.6.2 complaint to the Regulator; and
3.3.6.3 an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;
3.3.7 the provisions of sections 14 and 51 requiring a public body and private body, respectively, to compile a manual, and how to obtain access to a manual;
3.3.8 the provisions of sections 15 and 52 providing for the voluntary disclosure of categories of records by a public body and private body, respectively;
3.3.9 the notices issued in terms of sections 22 and 54 regarding fees to be paid in relation to requests for access; and
3.3.10 the regulations made in terms of section 92.
3.4 Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.
3.5 The Guide can also be obtained-
3.5.1 upon request to the Information Officer;
3.5.2 from the website of the Regulator (https://www.justice.gov.za/inforeg/).
3.6 A copy of the Guide is also available in the following two official languages, for public inspection during normal office hours-
3.6.1 English
3.6.2 Afrikaans
The SA Information Regulator Address: P.O Box 31533, Braamfontein, Johannesburg, 2017 or JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001
General enquiries email: inforeg@justice.gov.za.
Complaint’s email: POPIAComplaints.IR@justice.gov.za & PAIAComplaints.IR.@justice.gov.za
4. CATEGORIES OF RECORDS OF KWALI GROUP CONSTRUCTION CC WHICH ARE AVAILABLE WITHOUT A PERSON HAVING TO
REQUEST ACCESS BY COMPLETING A FORM
Category of records | Types of the Record | Available on Website | Available upon request |
PAIA Manual | Guidance for agents & Clients | x | x |
POPIA Compliance Framework | Guidance for agents | x |
5. DESCRIPTION OF THE RECORDS OF KWALI GROUP CONSTRUCTION CC WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION
Category of Records | Applicable Legislation |
PAIA Manual | Promotion of Access to Information Act 2 of 2000 |
POPIA Compliance Framework | Protection of Personal Information Act of 2013 |
Memorandum of incorporation | Companies Act 71 of 2008 |
6. DESCRIPTION OF THE SUBTECTS ON WHICH THE BODY HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT
BY KWALI GROUP CONSTRUCTION CC
Subjects on which a Construction Company holds records | Categories of records |
Companies Act Records |
|
Income Tax Records |
|
Financial Records |
|
Human Resources |
|
IT Department |
|
7. PROCESSING OF PERSONAL INFORMATION
7.1 Purpose of Processing Personal Information
We only collect the minimum amount of information that is relevant to the purpose. If you interact with us on the internet, the personal information we collect depends on whether you just visit our website or, require our services. If you visit our website, your browser transmits some data automatically, such as your browsing times, the data transmitted and your IP address.
7.1.1 If you use our services, personal information is required to fulfil the requirements of that service. (Including FICA documents, when applicable)
7.1.2 We usually collect only name and contact details, financial qualification (if completed by you), with property needs and requirement when we assist a client.
7.1.3 To assist building a property we need to have basic personal info and financial info to know if our client will be able to finance the project, by which means finance the project and pay all fees.
7.2 Description of the categories of Data Subjects and of the information or categories of information relating thereto
Categories of Data Subjects |
Personal Information that may be processed |
|
|
|
|
|
|
7.3 The recipients or categories of recipients to whom the personal information may be supplied
Category of personal information |
Recipients or Categories of Recipients to whom the personal information may be supplied |
|
|
|
|
|
|
|
|
7.4 Planned transborder flows of personal information
Type of personal information |
Transborder flows / storage |
|
|
|
|
7.5 General description of Information Security Measures to be implemented by the responsible party to ensure the confidentiality, integrity and availability of the information
We restrict, secure, and control all our information against unauthorised access, interference, modification, damage, loss, or destruction; whether physical or electronic.
- We will do a safety and security risk assessment from time to time to ensure we keep up with requirements..
- Our staff must be informed / trained to be compliant with POPI Act, and this training must be ongoing and up to date.
- We do everything we can to prevent personal information from falling into unauthorized hands.
- Our business premises where records are kept must remain protected by burglar alarms and armed response.
- All our computer network is protected by passwords.
- We are using Outlook 365 which comply with industry standard security safeguards and meet the General Data Protection Regulation (GDPR), which is standard in the European Union. we have firewalls and use AVG Business Security.
- We are as small company, so it is easy to determine which employees are permitted access personal information and what information they are permitted to access.
- Personal information can only be accessed by those employees with access.
- The online profiles and access of staff who left the agency must be properly deleted.
- If there were a data breach, we will determine the source, neutralise it and prevent the re-occurrence of such a data breach.
- When we make use of an external operator our principal (responsible party) will, in terms of a written contract between our agency and the operator, ensure that the operator establishes and maintains the required security measures.
- The operator must advise immediately if there is the possibility that personal data has been accessed or acquired by any unauthorized person.
- The Data Subject will be advised via e-mail or in writing immediately if it is suspected that their personal information has been access by unauthorized persons. Sufficient information will be provided to allow the Data Subject to put measures in place to safeguard themselves against potential consequences of the security compromise.
- The Information Regulator will be informed in the event of a security breach where personal information could be compromised. It is the duty of the Principal to ensure this process is followed.
8. AVAILABILITY OF THE MANUAL
Availability Of The Manual:
- on www.kwaligroup.co.za;
- office of Kwali Group Construction for public inspection during normal business hours;
- to any person upon request and upon the payment of a reasonable prescribed fee; and
- to the Information Regulator upon request.
A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.
9. UPDATING OF THE MANUAL
The Information Officer of Kwali Group (Pty) Ltd will on a regular basis update this manual.
Issued by
Kwali Group (Pty) Ltd