PAIA Manual

1. LIST OF ACRONYMS AND ABBREVIATIONS

1.1. “CEO” Chief Executive Officer;

1.2. “DIO” Deputy Information Officer;

1.3. “IO“ Information Officer;

1.4. “Minister” Minister of Justice and Correctional Services;

1.5. “PAIA” Promotion of Access to Information Act No. 2 of 2000 (as Amended);

1.6. “POPIA” Protection of Personal Information Act No.4 of 2013;

1.7. “Regulator” Information Regulator; and

1.8. “Republic” Republic of South Africa.

2. PURPOSE OF PAIA MANUAL

This PAIA Manual is useful for the public to-

2.1. check the categories of records held by a body which are available without a person having to submit a formal PAIA request;

2.2. have a sufficient understanding of how to make a request for access to a record of the body, by providing a description of the subjects on which the body holds records and the categories of records held on each subject;

2.3. know the description of the records of the body which are available in accordance with any other legislation;

2.4. access all the relevant contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;

2.5. know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;

2.6. know if the body will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or categories of information relating thereto;

2.7. know the description of the categories of data subjects and of the information or categories of information relating thereto;

2.8. know the recipients or categories of recipients to whom the personal information may be supplied;

2.9. know if the body has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information may be supplied; and

2.10. know whether the body has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be processed.

3. KEY CONTACT DETAILS FOR ACCESS TO INFORMATION OF THE YOUR CAPITAL (PTY) LTD

3.1. Chief Information Officer

Name: Available upon request
Email: [email protected]

3.2. Deputy Informtion Officer

Name: N/A
Email: N/A

3.3. Access to information general contacts

Email: [email protected]

3.4. National Head Office

Postal Address: Midlands Office Park West, Mount Quray Road, Midstream, 1683
Physical Address: Midlands Office Park West, Mount Quray Road, Midstream, 1683
Email: [email protected]
Website: www.yourcapital.co.za

4. GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE

4.1. The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably be required by a person who wishes to exercise any right contemplated in PAIA and POPIA.

4.2.The Guide is available in each of the official languages and in braille.

4.3. The aforesaid Guide contains the description of-

4.3.1. the objects of PAIA and POPIA;

4.3.2. the postal and street address, phone and fax number and, if available, electronic mail address of-

4.3.2.1. the Information Officer of every public body, and

4.3.2.2. every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA[1] and section 56 of POPIA[2];

4.3.3. the manner and form of a request for-

4.3.3.1. access to a record of a public body contemplated in section 11[3]; and

4.3.3.2. access to a record of a private body contemplated in section 50[4];

4.3.4. the assistance available from the IO of a public body in terms of PAIA and POPIA;

4.3.5. the assistance available from the Regulator in terms of PAIA and POPIA;

4.3.6. all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-

4.3.6.1. an internal appeal;

4.3.6.2. a complaint to the Regulator; and

4.3.6.3. an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;

4.3.7. the provisions of sections 14[1] and 51[2] requiring a public body and private body, respectively, to compile a manual, and how to obtain access to a manual;

4.3.8. the provisions of sections 15[3] and 52[4] providing for the voluntary disclosure of categories of records by a public body and private body, respectively;

4.3.9. the notices issued in terms of sections 22[5] and 54[6] regarding fees to be paid in relation to requests for access; and

4.3.10. the regulations made in terms of section 92[7].

4.4. Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.

4.5. The Guide can also be obtained-

4.5.1. upon request to the Information Officer;

4.5.2. from the website of the Regulator (https://www.justice.gov.za/inforeg/).

4.6. A copy of the Guide is also available in the following official language, for public inspection during normal office hours-

4.6.1. English

[1] Section 17(1) of PAIA- For the purposes of PAIA, each public body must, subject to legislation governing the employment of personnel of the public body concerned, designate such number of persons as deputy information officers as are necessary to render the public body as accessible as reasonably possible for requesters of its records.

[2] Section 56(a) of POPIA- Each public and private body must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons, if any, as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of POPIA.

[3] Section 11(1) of PAIA- A requester must be given access to a record of a public body if that requester complies with all the procedural requirements in PAIA relating to a request for access to that record; and access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.

[4] Section 50(1) of PAIA- A requester must be given access to any record of a private body if-

that record is required for the exercise or protection of any rights;
that person complies with the procedural requirements in PAIA relating to a request for access to that record; and
access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.

[5] Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.

[6] Section 51(1) of PAIA- The head of a private body must make available a manual containing the description of the information listed in paragraph 4 above.

[7] Section 15(1) of PAIA- The information officer of a public body, must make available in the prescribed manner a description of the categories of records of the public body that are automatically available without a person having to request access

[8] Section 52(1) of PAIA- The head of a private body may, on a voluntary basis, make available in the prescribed manner a description of the categories of records of the private body that are automatically available without a person having to request access

[9] Section 22(1) of PAIA- The information officer of a public body to whom a request for access is made, must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.

[10] Section 54(1) of PAIA- The head of a private body to whom a request for access is made must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.

[11] Section 92(1) of PAIA provides that –“The Minister may, by notice in the Gazette, make regulations regarding-

(a) any matter which is required or permitted by this Act to be prescribed;

(b) any matter relating to the fees contemplated in sections 22 and 54;

(c) any notice required by this Act;

(d) uniform criteria to be applied by the information officer of a public body when deciding which categories of records are to be made available in terms of section 15; and

(e) any administrative or procedural matter necessary to give effect to the provisions of this Act.”

5. CATEGORIES OF RECORDS OF THE YOUR CAPITAL (PTY) LTD WHICH ARE AVAILABLE WITHOUT A PERSON HAVING TO REQUEST ACCESS

5.1. The records reflected in the table below are available without a person having to formally request access.

Category of records	Types of the Record	Available on Website	Available upon request
Company information	Complaints policy and procedure Conflicts of interest policy and register PAIA Manual Privacy notice/statement Terms and conditions	X	X
Company information	Other policies		X
Publications	Advertising Information documents Marketing material Newsletters Presentations Press releases Social media Videos Websites and content	X	X

6. DESCRIPTION OF THE RECORDS OF YOUR CAPITAL (PTY) LTD WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION

6.1. The records reflected in the table below are available, in accordance with legislation.

Category of Records	Applicable Legislation
Company information	Companies Act 71 of 2008
Collective investment schemes information	Collective Investment Schemes Control Act 45 of 2002
Communications information Information security and privacy policy Privacy notice/statement	Electronic Communications Act 36 of 2005 Electronic Communications and Transactions Act 25 of 2002 Regulation of Interception of Communications and Provision of Communication-related Information Act 70 of 2002
Competition information	Competition Act 89 of 1998
Copyright information	Copyright Act 98 of 1978
Credit information	Credit Rating Services Act 24 of 2012 National Credit Act 34 of 2005
Employment information	Basic Conditions of Employment Act 75 of 1997 Broad-Based Black Economic Empowerment Act 53 of 2003 Compensation for Occupational Injuries and Diseases Act 130 of 1993 Employment Equity Act 55 of 1998 Labour Relations Act 66 of 1995 Skills Development Act 97 of 1998 Unemployment Insurance Act 63 of 2001
Exchange control information	Currency and Exchanges Act 9 of 1933
Financial crime information	Financial Intelligence Centre Act 38 of 2001 Prevention and Combating of Corrupt Activities Act 12 of 2004 Prevention of Organised Crime Act 121 of 1998 Protection of Constitutional Democracy against Terrorist and Related Activities Act 33 of 2004
PAIA Manual Information security information	Promotion of Access to Information Act 2 of 2000 Protected Disclosures Act 26 of 2000 Protection of Personal Information Act 4 of 2013
Complaints management policy and procedure Financial services provider information	Financial Advisory and Intermediary Services Act 37 of 2002
Financial institutions information	Financial Institutions (Protection of Funds) Act 28 of 2001 Financial Sector Regulation Act 9 of 2017
Financial markets information	Financial Markets Act 19 of 2012
Health information	Council for Medical Schemes Levies Act 58 of 2000 Medical Schemes Act 131 of 1998 Occupational Health and Safety Act 85 of 1993 Tobacco Products Control Act 83 of 1993
Insurance information	Insurance Act 18 of 2017 Long-Term Insurance Act 52 of 1998 Short-Term Insurance Act 53 of 1998
Legal information	Interpretation Act 33 of 1957 Justices of the Peace and Commissioner of Oaths Act 16 of 1963 Legal Practice Act 28 of 2014 Promotion of Administrative Justice Act 3 of 2000 Small Claims Courts Act 61 of 1984
People information	Births and Deaths Registration Act 51 of 1992 Childrens Act 38 of 2005 Civil Union Act 17 of 2006 Consumer Protection Act 68 of 2008 Constitution of the Republic of South Africa (as amended) Maintenance Act 99 of 1998 Marriage Act 99 of 1998 Promotion of Equality and Prevention of Unfair Discrimination Act 4 of 2000
Retirement fund information	Friendly Societies Act 25 of 1956 Government Employees Pension Law (1996) Pension Funds Act 24 of 1956
Tax information	Employment Tax Incentive Act 26 of 2013 Income Tax Act 58 of 1962 Organisation for Economic Co-operation and Development (OECD) Common Reporting Standard for automatic exchange of financial account information (CRS) Securities Transfer Tax Act 25 of 2007 Securities Transfer Tax Administration Act 26 of 2007 Skills Development Levies Act 9 of 1999 Tax Administration Act 28 of 2011 Tax on Retirement Funds Act 38 of 1996 Unemployment Insurance Contributions Act 4 of 2002 United States Foreign Account Tax Compliance Act (FATCA) Value Added Tax Act 89 of 1991
Trust property information	Trust Property Control Act 57 of 1988

7. DESCRIPTION OF THE SUBJECTS ON WHICH THE BODY HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT BY YOUR CAPITAL (PTY)LTD.

7.1. The records reflected in the table below may be formally requested, in terms of the PAIA, but parts, or the whole, of the record may be subject to the grounds for refusal of access to records. Refer to the Guide on how to use the PAIA.

7.2. The Company reserves the right to refuse access to records if the processing of the record will substantially, and unreasonably, result in a diversion of its resources.

7.3. The Company reserves the right to refuse access to records that relate to the mandatory protection of:

7.3.1. privacy of a third party, who is a natural person, which would involve the unreasonable disclosure of personal information of that natural person

7.3.2. commercial information of a third party, if the record contains trade secrets of the third party; financial, commercial, or technical, information, which disclosure may cause harm to the 7.3.1.financial, or commercial, interests of the third party; and information disclosed in confidence by a third party to the Company, if the disclosure may place the third party at a disadvantage

7.3.3. confidential information of a third party, if it is protected in terms of an agreement, or legislation

7.3.4. safety of natural persons, and the protection of property

7.3.5. records that are regarded as privileged, in legal proceedings

7.3.6. records that are personal information, in terms of the POPIA

7.3.7. commercial activities of the Company, including, but not limited to, trade secrets, financial, commercial, or technical, information, and software platforms, or programmes, exclusively developed for the Company.

7.4. The Company will refuse access if the requests are frivolous and/or vexatious.

7.5. The IO, or DIO, may grant access to a record if disclosing the record would reveal evidence of a material contravention of, or failure to comply with, any law, and the public interest in disclosing the record outweighs the harm contemplated in the relevant grounds for refusal of access to records.

Subjects on which the body holds records	Categories of records
Company records	Incorporation documents Memorandum of incorporation Minutes Resolutions Registers of directors and officers Share registers and other statutory registers Statutory returns to relevant authorities Other statutory obligations Policies and procedures Records relating to appointment of directors, auditors, company secretary, public officer, and other officers
Accounting and finance records	Accounting (including books of account) Administration Annual financial statements Asset registers Audit reports Banking Budgets Intellectual property Invoices and credit notes Lease agreements Rental agreements Sale agreements Supporting schedules, and documents, to books of account
Tax records	Dividends withholding tax Income tax Pay As You Earn (PAYE) Skills Development Levies (SDL) Unemployment Insurance Fund (UIF) levies Workmen’s compensation Value Added Tax (VAT)
Legal records	Documents relating to litigation and/or arbitration General agreements and contracts Licenses, permits, and authorisations Regulator correspondence
Insurance records	Claims Details of insurance cover, limits, and insurers Insurance policies
Employee records	Arbitration awards Attendance registers Casual employees CCMA proceedings Code of conduct Income tax (PAYE/SDL/UIF) submissions for employees Confidentiality agreements Disciplinary proceedings and internal evaluations Employee personal details Employment conditions and policies Employment contracts Employment equity plan Internal correspondence Internal policies, and procedures Leave Operating manuals Other agreements/contracts Other interventions Medical aid Documents provided by employees Strikes, lockouts, or protest, action Remuneration and benefits Restraint of trade agreements Retirement funds Service Share option schemes registers Share option schemes rules Share purchase scheme register Share purchase scheme rules Training schedules and material Verification reports (credit, criminal, employment, FAIS, identity, qualification)
Client records	Client agreements/contracts and forms Complaints and/or queries Client documents, and information Proposals Transactions and supporting information Verification reports
Service supplier and third party records	Code of conduct Conflicts of interest Requests for information Service supplier and/or third party agreements/contracts (including service level agreements) Tenders Terms and conditions for dealing with suppliers Transactions and supporting information
Information technology	Asset issuing and custodian information Back-ups Disaster recovery testing Incidents and service requests Information and communication technologies (ICT) policies and procedures Network maintenance Operations reports Service level agreements System event logs System performance logs System maintenance checklists System development lifecycle documents
Publications	Advertising Information documents Marketing material Newsletters Presentations Press releases Social media Videos Websites and content

Subjects on which the body holds records

Categories of records

Company records

Incorporation documents

Memorandum of incorporation

Minutes

Resolutions

Registers of directors and officers

Share registers and other statutory registers

Statutory returns to relevant authorities

Other statutory obligations

Policies and procedures

Records relating to appointment of directors, auditors, company secretary, public officer, and other officers

Accounting and finance records

Accounting (including books of account)

Administration

Annual financial statements

Asset registers

Audit reports

Banking

Budgets

Intellectual property

Invoices and credit notes

Lease agreements

Rental agreements

Sale agreements

Supporting schedules, and documents, to books of account

Tax records

Dividends withholding tax

Income tax

Pay As You Earn (PAYE)

Skills Development Levies (SDL)

Unemployment Insurance Fund (UIF) levies

Workmen’s compensation

Value Added Tax (VAT)

Legal records

Documents relating to litigation and/or arbitration

General agreements and contracts

Licenses, permits, and authorisations

Regulator correspondence

Insurance records

Claims

Details of insurance cover, limits, and insurers

Insurance policies

Employee records

Arbitration awards

Attendance registers

Casual employees

CCMA proceedings

Code of conduct

Income tax (PAYE/SDL/UIF) submissions for employees

Confidentiality agreements

Disciplinary proceedings and internal evaluations

Employee personal details

Employment conditions and policies

Employment contracts

Employment equity plan

Internal correspondence

Internal policies, and procedures

Leave

Operating manuals

Other agreements/contracts

Other interventions

Medical aid

Documents provided by employees

Strikes, lockouts, or protest, action

Remuneration and benefits

Restraint of trade agreements

Retirement funds

Service

Share option schemes registers

Share option schemes rules

Share purchase scheme register

Share purchase scheme rules

Training schedules and material

Verification reports (credit, criminal, employment, FAIS, identity, qualification)

Client records

Client agreements/contracts and forms

Complaints and/or queries

Client documents, and information

Proposals

Transactions and supporting information

Verification reports

Service supplier and third party records

Code of conduct

Conflicts of interest

Requests for information

Service supplier and/or third party agreements/contracts (including service level agreements)

Tenders

Terms and conditions for dealing with suppliers

Transactions and supporting information

Information technology

Asset issuing and custodian information

Back-ups

Disaster recovery testing

Incidents and service requests

Information and communication technologies (ICT) policies and procedures

Network maintenance

Operations reports

Service level agreements

System event logs

System performance logs

System maintenance checklists

System development lifecycle documents

Publications

Advertising

Information documents

Marketing material

Newsletters

Presentations

Press releases

Social media

Videos

Websites and content

8. PROCESSING OF PERSONAL INFORMATION

8.1. Purpose of Processing Personal Information

The Company processes the personal information of data subjects in the following ways:

8.1.1. Executing and/or fulfilling its statutory obligations in terms of the PAIA and/or the POPIA

8.1.2. Executing and/or fulfilling its statutory obligations in terms of other applicable legislation

8.1.3. Executing and/or fulfilling its contractual obligations

8.1.4. Administering employees and potential employees

8.1.5. Keeping accounts, and records

8.1.6. Procurement processes

8.1.7. Visitors to the Company’s business premises

8.2. Description of the categories of Data Subjects and of the information or categories of information relating thereto

The Company may process information for itself, shareholders (and those of clients), employees (and those of clients), clients (and those of clients), service suppliers (and those of clients), and product suppliers (and those of clients).

Categories of Data Subjects	Personal Information that may be processed
Clients (and those of clients)	Full names; contact details (contact numbers; fax Numbers; email addresses); physical addresses; postal addresses; Unique identifier; identity/registration numbers; confidential correspondence; tax-related information; company information; information required in terms of the FAIS Act and the FICA (and other relevant legislation)
Service suppliers and product suppliers (and those of clients)	Full names of contact persons; registered, and trade, names of entities; full names of directors and shareholders, physical addresses; postal addresses; contact details (contact numbers, fax numbers, email addresses); financial information; identity/passport/registration numbers; founding documents; tax-related information; authorised signatories’ information; broad-based black economic empowerment (B-BBEE) status; associated entities; business strategies; information required in terms of the FAIS Act and the FICA (and other relevant information)
Employees/Key individuals/Representatives (and those of clients)	Gender; pregnancy; marital status; race; age; language; education information (qualifications); financial information; employment history; identity/passport/registration numbers; physical addresses; postal addresses; contact details (contact numbers; fax numbers; email addresses); credit record; FAIS related information; criminal record; well-being and family members; medical; nationality; ethnic and/or social origin; physical and/or mental health; disability; biometric information; professional affiliation; references; CVs/resumes; information required in terms of the FAIS Act and the FICA (and other relevant legislation)

8.3. The recipients or categories of recipients to whom the personal information may be supplied

8.3.1. The Company may supply the personal information of data subjects to service suppliers, who provide the following services:

8.3.1.1. Administration (for example, clients, investments, medical aids, retirement funds)

8.3.1.2. Accounting and/or auditing

8.3.1.3. Capturing, and organising, personal information

8.3.1.4. Compliance

8.3.1.5. Due diligence reviews

8.3.1.6. Information and communication technologies (ICT)

8.3.1.7. Storing of personal information

8.3.1.8. Verification checks (for example, credit (and payment history), criminal, employment history, FAIS related, financial sanctions, identity, qualifications, terrorism)

8.3.1. The Company may supply the personal information of data subjects to:

8.3.1.1. Courts, in terms of matters taken on judicial review

8.3.2.2. Enforcement agencies, for criminal investigation (for example, National Prosecuting Authority, South African Police Service)

8.3.2.3. People against whom complaints have been lodged

8.3.2.4. Regulators, ombuds, or tribunals, in terms of matters that fall under their jurisdiction

Category of personal information	Recipients or Categories of Recipients to whom the personal information may be supplied
Identity/passport/registration numbers, dates of birth, dates of incorporation, names	Companies and Intellectual Property Commission, Department of Home Affairs, Financial Intelligence Centre, South African Police Services, United Nations, and verification providers
Qualifications	South African Qualifications Authority and verification providers
Credit, and payment history	Credit Bureaus and verification providers
Tax information	South African Revenue Service

8.4. Planned transborder flows of personal information

8.4.1. The Company has not planned transborder flows of personal information.

8.4.2. If it becomes necessary to transfer personal information to another country for a lawful purpose, the Company will ensure that the person (both legal and natural) to whom the personal information will be transferred is subject to a law, binding company rules, and/or binding agreements, which provide a suitable level of protection, and the third party agrees to treat the personal information with the same level of protection as the Company is required to provide, in terms of the POPIA.

8.4.3. The cross border transfer of personal information will be done with the data subject’s consent. However, if it is not reasonably practicable to obtain the data subject’s consent, the Company will transfer the personal information if it will be for the data subject’s benefit, and the data subject would have provided consent, if it had been reasonably practicable to obtain the consent.

8.5. General description of Information Security Measures to be implemented by the responsible party to ensure the confidentiality, integrity and availability of the information

8.5.1. The Company has established, and maintains, suitable technical, and operational, measures to prevent loss of, damage to, or unauthorised destruction of, personal information, and unlawful access to, or processing of, personal information.

8.5.2. The suitable measures that the Company has taken includes, but is not limited to:

8.5.2.1. Access control

8.5.2.2. Agreements with operators, to ensure that they implement, and maintain suitable security controls

8.5.2.3. Anti-virus software

8.5.2.4. Anti-malware software

8.5.2.5. Awareness and vigilance of users

8.5.2.6. Data back-ups

8.5.2.7. Data encryption

8.5.2.8. Defensive measures

8.5.3. The suitable measures are in place to ensure that the Company:

8.5.3.1. Identifies the risks (both internal and external) to the personal information that is in its possession and/or under its control

8.5.3.2. Establishes, and maintains, suitable safeguards against the risks identified

8.5.3.3. Regularly verifies that the safeguards are effectively implemented

8.5.3.4. Updates the safeguards when new risks are identified, and when existing safeguards are found to be deficient

9. AVAILABILITY OF THE MANUAL

9.1. A copy of the Manual is available-

9.1.1. on yourcapital.co.za, if any;

9.1.2. head office of the Your Capital (Pty) Ltd for public inspection during normal business hours;

9.1.3. to any person upon request and upon the payment of a reasonable prescribed fee; and

9.1.4. to the Information Regulator upon request.

9.2. A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.

10. UPDATING OF THE MANUAL

The head of the Your Capital (Pty) Ltd will on a regular basis update this manual.

11. HOW TO REQUEST INFORMATION

11.1. Records will only be made available subject to the provisions of the Act. The Requester must use this prescribed form to make the request for access to a record. Link to Form 2: Request for Access to Record (Regulation 7).

11.2. If your request is granted If your request is granted the amount of the deposit is payable before your request is processed; and requested record/portion of the record will only be released once proof of full payment is received. Link to Form 3: Outcome of request and of fees payable (Regulation 8).