KWALI MARK CONSTRUCTION – PAIA MANUAL

In terms of Section 51 of
The Promotion of Access to Information Act 2 of 2000
(as amended)

TABLE OF CONTENTS

Contact details
Abbreviations
Definitions

  1. Introduction
  2. Purpose of PAIA manual
  3. Guide on how to use PAIA and how to obtain access to the guide
  4. Categories of records available without formal request
  5. Description of the records in accordance with any other legislation
  6. Description of personal records and categories of records held
  7. Processing of personal information
  8. Availability of the manual
  9. Updating of the manual

     

    Contact details for access to information from Kwali Mark Construction CC

    PAIA Chief Information Officer
    Name:                       Talitha Marais
    Tel:                             021 982 6077
    Email:                        info@kwali.co.za

    Deputy Information Officer (no one appointed)

    Access to information general contacts
    Tel:                             021 982 6077
    Email:                        info@kwali.co.za

    This PAIA Manual of Kwali Mark Construction CC is available at: 6 Quarry close, Protea Heights, Brackenfell. As well as our website: www.kwalimark.co.za

    Head Office
    Postal Address:         PO Box 519, Brackenfell, 7561
    Physical Address:      6 Quarry Close, Protea Heights, Brackenfell, 7560
    Telephone:                 021 982 6077
    Email:                          info@kwali.co.za
    Website:                      www.kwalimark.co.za

    LIST OF ABBREVIATIONS

    “CEO”           Chief Executive Officer
    “DIO”             Deputy Information Officer;
    “CIO“             Chief Information Officer;
    “PAIA”           Promotion of Access to Information Act No. 2 of 2000( as Amended;)
    “POPIA”        Protection of Personal Information Act No.4 of 2013;

    LIST OF ACRONYMS

    “Constitution”         Constitution of the Republic of South Africa 108 of 1996
    “PAIA Manual”        Information Manual
    “Minister”                 Minister of Justice and Correctional Services
    “Regulator”             Information Regulator
    “Republic”               Republic of South Africa

    1. INTRODUCTION

    The Promotion of Access to Information Act, No. 2of 2000 (PAIA) is giving effect to the constitutional right of all, in terms of section 32 of the Bill of Rights contained in the Constitution of the Republic of South Africa 108 of 1996 (“Constitution”) the of access to any information held by the state and any information that is held by another person and that is required for the exercise/protection of any rights

    Promotion of Access to Information Act (PAIA) and the Protection of Personal Information Act (POPIA) could be confusing.  They can be seen as “information” laws and are both from the 1st of July 2021 enforced by the same Information Regulator.  PAIA is an Access” law, all about access of Information and POPIA is a “Privacy” law all about privacy of personal information.  They shouldn’t be seen as competing, but rather, both are there to help ensure that information is managed correctly.

    2. PURPOSE OF PAIA MANUAL

    In terms of section 51 of the PAIA, all Private Bodies are required to compile an Information Manual (“PAIA Manual”). This PAIA Manual is useful for the public to-

    2.1  check the categories of records held by a Construction Company which are available without a person having to submit a formal PAIA request;

    2.2  have a sufficient understanding of how to make a request for access to a record of a Construction Company, by providing a description of the subjects on which a Construction Company holds records and the          categories of records held on each subject;

    2.3  now the description of the records of a Construction Company which are available in accordance with any other legislation;

    2.4  access all the relevant
    contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;

    2.5  know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;

    2.6  know if a Construction Company
    will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or          categories of information relating thereto;

    2.7  know the description of the
    categories of data subjects and of the information or categories of information relating thereto;

    2.8 
    know the recipients or categories of recipients to whom the personal information may be supplied;

    2.9   know if a Construction Company has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information          may be supplied; and

    2.10 know whether a Construction Company has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be processed.

    3. GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE

    3.1  The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably
    be required by a person who wishes to exercise any right contained in PAIA and POPIA
    .

    3.2   The Guide is available in each of the official languages and in braille.

    3.3   The aforesaid Guide contains the description of-

    3.3.1   the objects of PAIA and POPIA;
    3.3.2   the postal and street address, phone and fax number and, if available, electronic mail address of-

    3.3.2.1   the Information Officer of every public body, and
    3.3.2.2   every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA and section 56 of POPIA;

    3.3.3   the manner and form of a request for-

    3.3.3.1   access to a record of a public body contemplated in section 11; and
    3.3.3.2   access to a record of a private body contemplated in section 50;

    3.3.4   the assistance available from the IO of a public body in terms of PAIA and POPIA;

    3.3.5   the assistance available from the Regulator in terms of PAIA and POPIA;

    3.3.6   all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-

    3.3.6.1   an internal appeal;
    3.3.6.2   complaint to the Regulator; and
    3.3.6.3   an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;

    3.3.7   the provisions of sections 14 and 51 requiring a public body and private body,   respectively, to compile a manual, and how to obtain access to a manual;

    3.3.8   the provisions of sections 15 and 52 providing for the voluntary disclosure of categories  of records by a public body and private body, respectively;

    3.3.9   the notices issued in terms of sections 22 and 54 regarding fees to be paid in relation to requests for access; and

    3.3.10   the regulations made in terms of section 92.

    3.4   Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.

    3.5   The Guide can also be obtained-

    3.5.1   upon request to the Information Officer;
    3.5.2   from the website of the Regulator (https://www.justice.gov.za/inforeg/).

    3.6   A copy of the Guide is also available in the following two official languages, for public inspection during normal office hours-

    3.6.1   English
    3.6.2   Afrikaans

    The SA Information Regulator Address: P.O Box 31533, Braamfontein, Johannesburg, 2017 or JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

    General enquiries email: inforeg@justice.gov.za.

    Complaint’s email: POPIAComplaints.IR@justice.gov.za  & PAIAComplaints.IR.@justice.gov.za

      4. CATEGORIES OF RECORDS OF KWALI MARK CONSTRUCTION CC WHICH ARE AVAILABLE WITHOUT A PERSON HAVING TO
          REQUEST ACCESS BY COMPLETING A FORM

       Category of records  Types of the Record Available on Website Available upon request
      PAIA Manual Guidance for agents & Clients x x
      POPIA Compliance Framework Guidance for agents x

       

      5. DESCRIPTION OF THE RECORDS OF KWALI MARK CONSTRUCTION CC WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER
          LEGISLATION

       Category of Records  Applicable Legislation
      PAIA Manual Promotion of Access to Information Act 2 of 2000
      POPIA Compliance Framework Protection of Personal Information Act of 2013
      Memorandum of incorporation Companies Act 71 of 2008

       

      6. DESCRIPTION OF THE SUBTECTS ON WHICH THE BODY HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT
          BY KWALI CONSTRUCTION CC

      Subjects on which a Construction Company holds records  Categories of records
      Companies Act Records
      • All trust deeds / Documents of Incorporation /Index of names of Directors / Memorandum of Incorporation
      • Minutes of meetings of the Board of Directors / Shareholders / Proxy forms /
      • Share certificates/Register and other statutory registers
      • Records relating to the appointment of:
      • Auditors / Directors
      • Resolutions / Special Resolutions
      Income Tax Records
      • VAT
      • ü PAYE Records- Documents to employee’s income tax & Payments made to SARS on behalf of  employees
      • Regional Services Levies / Skills Development Levies / UIF / Workmen’s Compensation
      Financial Records
      • Annual Financial Reports / Statements
      • Banking details and bank accounts / Statements /Accounting & Banking Records / Paid Cheques
      • Debtors / Creditors statements & invoices / Reconciliations
      • Policies and procedures
      • Tax Returns / Audit reports
      • Risk management frameworks / plans.
      • Contractor, client and supplier agreements
      • Lists of suppliers, products, services
      Human Resources
      • HR policies and procedures
      • Employees records
      IT Department
      • Information technology systems / user manuals
      • Software licensing / System documentation / manuals

       

      7. PROCESSING OF PERSONAL INFORMATION

      7.1    Purpose of Processing Personal Information
      We only collect the minimum amount of information that is relevant to the purpose. If you interact with us on the internet, the personal information we collect depends on whether you just visit our website or, require our services. If you visit our website, your browser transmits some data automatically, such as your browsing times, the data transmitted and your IP address.

      7.1.1   If you use our services, personal information is required to fulfil the requirements of that service. (Including FICA documents, when applicable)
      7.1.2   W
      e usually collect only name and contact details, financial qualification (if completed by you), with property needs and requirement when we assist a client.
      7.1.3   
      To assist building a property we need to have basic personal info and financial info to know if our client will be able to finance the project, by which means finance the project and pay all fees.

      7.2   Description of the categories of Data Subjects and of the information or categories of information relating thereto

       Categories of Data Subjects

       Personal Information that may be processed

      • Purchasers / Clients / Employers
      • Name, Surname, And Maiden Name
      • Identification Number/S
      • Married/Single Status.
      • E-Mail Address
      • Physical / Postal Address / Erf Number / Complex Details
      • Telephone Number/S
      • Financial & Banking Details (For Bond Qualification)
      • Service Providers
      • Names, Registration Number, Vat Numbers, Address,  Trade Secrets And Bank Details
      • Employees
      • Address, Qualifications, Gender And Race

      7.3   The recipients or categories of recipients to whom the personal information may be supplied

       Category of personal information

       Recipients or Categories of Recipients to whom the personal information may be supplied 

      • Identity number and names, for criminal checks
      • South African Police Services
      • Qualifications, for qualification verifications
      • South African Qualifications Authority
      • Credit and payment history, for credit information
      • Credit Bureaus
      • Name, Surname, And Maiden Name
      • Identification Number/S
      • Married/Single Status
      • E-Mail Address
      • Physical / Postal Address / Erf Number / Complex Details
      • Telephone Number/S
      • Financial & Banking Details (For Bond Qualification)
      • Colleague’s,
      • Attorneys,
      • Bond Consultants,
      • Compliance Inspectors,
      • Homeowner Association,
      • Trustees,
      • In Some Cases, Public Or Legal Authorities

      7.4   Planned transborder flows of personal information

       Type of personal information

       Transborder flows / storage

      • Name, Surname, And Maiden Name
      • Identification Number/S
      • Married/Single Status.
      • E-Mail Address
      • Physical / Postal Address / Erf Number / Complex Details
      • Telephone Number/S
      • Financial & Banking Details (For Bond Qualification – Buyers And Bond Cancellations -Sellers And Rentals)
      • Photos
      • One Drive: Cloud Storage
      • If there is an international component to the work which we are doing while selling / letting
      • Personal information will be protected in this foreign country, and we will endeavour to assist you finding their countries procedures and laws.

      7.5   General description of Information Security Measures to be implemented by the responsible party to ensure the confidentiality, integrity and availability of the information

      We restrict, secure, and control all our information against unauthorised access, interference, modification, damage, loss, or destruction; whether physical or electronic.

      • We will do a safety and security risk assessment from time to time to ensure we keep up with requirements..
      • Our staff must be informed / trained to be compliant with POPI Act, and this training must be ongoing and up to date.
      • We do everything we can to prevent personal information from falling into unauthorized hands.
      • Our business premises where records are kept must remain protected by burglar alarms and armed response.
      • All our computer network is protected by passwords.
      • We are using Outlook 365 which comply with industry standard security safeguards and meet the General Data Protection Regulation (GDPR), which is standard in the European Union. we have firewalls and use AVG Business Security.
      • We are as small company, so it is easy to determine which employees are permitted access personal information and what information they are permitted to access.
      • Personal information can only be accessed by those employees with access.
      • The online profiles and access of staff who left the agency must be properly deleted.
      • If there were a data breach, we will determine the source, neutralise it and prevent the re-occurrence of such a data breach.
      • When we make use of an external operator our principal (responsible party) will, in terms of a written contract between our agency and the operator, ensure that the operator establishes and maintains the required security measures.
      • The operator must advise immediately if there is the possibility that personal data has been accessed or acquired by any unauthorized person.
      • The Data Subject will be advised via e-mail or in writing immediately if it is suspected that their personal information has been access by unauthorized persons. Sufficient information will be provided to allow the Data Subject to put measures in place to safeguard themselves against potential consequences of the security compromise.
      • The Information Regulator will be informed in the event of a security breach where personal information could be compromised. It is the duty of the Principal to ensure this process is followed.

        8. AVAILABILITY OF THE MANUAL

        Availability Of The Manual:

        • on www.kwalimark.co.za;
        • office of Kwali Mark Construction CC for public inspection during normal business hours;
        • to any person upon request and upon the payment of a reasonable prescribed fee; and
        • to the Information Regulator upon request.

        A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.

        9. UPDATING OF THE MANUAL

        The Information Officer of Kwali Mark Construction CC will on a regular basis update this manual.

         

        Issued by

        Kwali Mark Construction CC