PAIA - Informational Officer
December 9, 2023
herewith, and with immediate effect, appoints you as the Information Officer as required by the Protection of Personal Information Act (Act 4 of 2013). The appointment may, at any time, be withdrawn or amended in writing.
Your responsibilities in relation to the POPI Act include:
I, , hereby accept the appointment as Information Officer for .
I confirm that the full content of this letter has been explained to me and I am aware of my duties as Information Officer in relation to the POPI Act and PAI Act.
INFORMATION OFFICER’S SIGNATURE
Prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (as amended)
Date of Completion:December 9, 2023
Date of Revision: December 9, 2023
1.1 “CEO” Chief Executive Officer
1.2 “DIO” Deputy Information Officer;
1.3 “IO“ Information Officer;
1.4 “Minister” Minister of Justice and Correctional Services;
1.5 “PAIA” Promotion of Access to Information Act No. 2 of 2000 (as Amended;
1.6 “POPIA” Protection of Personal Information Act No.4 of 2013;
1.7 “Regulator” Information Regulator; and
1.8 “Republic” Republic of South Africa
This PAIA Manual is useful for the public to-
2.1 check the categories of records held by a body which are available without a person having to submit a formal PAIA request;
2.2 have a sufficient understanding of how to make a request for access to a record of the body, by providing a description of the subjects on which the body holds records and the categories of records held on each subject;
2.3 know the description of the records of the body which are available in accordance with any other legislation;
2.4 access all the relevant contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;
2.5 know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;
2.6 know if the body will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or categories of information relating thereto;
2.7 know the description of the categories of data subjects and of the information or categories of information relating thereto;
2.8 know the recipients or categories of recipients to whom the personal information may be supplied;
2.9 know if the body has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information may be supplied; and
2.10 know whether the body has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be processed.
Access to information general contacts
3.4 National or Head Office
4.1. The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably be required by a person who wishes to exercise any right contemplated in PAIA and POPIA.
4.2. The Guide is available in each of the official languages and in braille.4.3. The aforesaid Guide contains the description of-
4.3.1. the objects of PAIA and POPIA;
4.3.2. the postal and street address, phone and fax number and, if available, electronic mail address of-
184.108.40.206. the Information Officer of every public body, and
220.127.116.11. every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA and section 56 of POPIA ;
4.3.3. the manner and form of a request for-
18.104.22.168. access to a record of a public body contemplated in section 11 ; and
22.214.171.124. access to a record of a private body contemplated in section 50 ;
4.3.4. the assistance available from the IO of a public body in terms of PAIA and POPIA;
4.3.5. the assistance available from the Regulator in terms of PAIA and POPIA;
4.3.6. all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-
126.96.36.199. an internal appeal;
188.8.131.52. a complaint to the Regulator; and
Section 17(1) of PAIA- For the purposes of PAIA, each public body must, subject to legislation governing the employment of personnel of the public body concerned, designate such number of persons as deputy information officers as are necessary to render the public body as accessible as reasonably possible for requesters of its records.
Section 56(a) of POPIA- Each public and private body must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons, if any, as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of POPIA.
Section 11(1) of PAIA- A requester must be given access to a record of a public body if that requester complies with all the procedural requirements in PAIA relating to a request for access to that record; and access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.
Section 50(1) of PAIA- A requester must be given access to any record of a private body if-a) that record is required for the exercise or protection of any rights;b) that person complies with the procedural requirements in PAIA relating to a request for access to that record; andc) access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.
Section 51(1) of PAIA- The head of a private body must make available a manual containing the description of the information listed in paragraph 4 above.
Section 15(1) of PAIA- The information officer of a public body, must make available in the prescribed manner a description of the categories of records of the public body that are automatically available without a person having to request access
Section 52(1) of PAIA- The head of a private body may, on a voluntary basis, make available in the prescribed manner a description of the categories of records of the private body that are automatically available without a person having to request access
Section 22(1) of PAIA- The information officer of a public body to whom a request for access is made, must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
Section 54(1) of PAIA- The head of a private body to whom a request for access is made must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
Section 92(1) of PAIA provides that –“The Minister may, by notice in the Gazette, make regulations regarding-(a) any matter which is required or permitted by this Act to be prescribed;(b) any matter relating to the fees contemplated in sections 22 and 54;(c) any notice required by this Act;(d) uniform criteria to be applied by the information officer of a public body when deciding which categories of records are to be made available in terms of section 15; and(e) any administrative or procedural matter necessary to give effect to the provisions of this Act.”
184.108.40.206. an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;
4.3.7. the provisions of sections 14 and 51 requiring a public body and private body, respectively, to compile a manual, and how to obtain access to a manual;
4.3.8. the provisions of sections 15 and 52 providing for the voluntary disclosure of categories of records by a public body and private body, respectively;
4.3.9. the notices issued in terms of sections 22 and 54 regarding fees to be paid in relation to requests for access; and
4.3.10. the regulations made in terms of section 92 .4.4. Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.
4.5. The Guide can also be obtained-
Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.
4.6.1 English and Afrikaans
NB: Please specify the categories of records held by the body which are available without a person having to request access by completing Form C, types of the records and how the records can be accessed. These are mostly records that maybe available on the website and a person may download or request telephonically or by sending an email or a letter.
Below is an example of the table that can be used.
Category of records
Types of the Record
Available on Website
Available upon request
NB: Please specify all the records which are created and available in accordance with any of the South African legislation. Below is an example of the table that can be used in describing the records and applicable legislation.
Category of Records
Memorandum of incorporation
Companies Act 71 of 2008
Promotion of Access to Information Act 2 of 2000
DESCRIPTION OF THE SUBJECTS ON WHICH THE BODY HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT BY THE
NB: Describe the subjects (i.e. Finance, SCM or HR), in respect of which the body holds records and the categories of records held on each subject. Below is an example of the table that can be used. .
Subjects on which the body holds records Categories of recordsStrategic Documents, Plans, Proposals Annual Reports, Strategic Plan, Annual Performance Plan.Human Resources - HR policies and procedures- Advertised posts- Employees records
8.1 Purpose of Processing Personal Information
NB: Describe the purpose or reasons for processing personal information in your organisation.
8.2 Description of the categories of Data Subjects and of the information or categories of information relating thereto
NB: Specify the categories of data subjects in respect of whom the body processes personal information and the nature or categories of the personal information being processed.
Below is the template that can be used to set out the categories of data subjects and the description of the nature or categories of the personal information to be processed. Note that the nature or categories of the personal information is dependent on the purpose of the body in performing its functions or services. .
Categories of Data Subjects Personal Information that may be processedCustomers / Clients name, address, registration numbers or identity numbers, employment status and bank detailsService Providers names, registration number, vat numbers, address, trade secrets and bank detailsEmployees address, qualifications, gender and race
8.3 The recipients or categories of recipients to whom the personal information may be supplied
NB: Specify the person or category of persons to whom the body may disseminate personal information. Below is an example of the category of personal information which may be disseminated and the recipient or category of recipients of the personal information.
Category of personal information Recipients or Categories of Recipients to whom the personal information may be supplied
Identity number and names, for criminal checks South African Police Services Qualifications, for qualification verifications South African Qualifications Authority
Credit and payment history, for credit information Credit Bureaus
8.4 Planned transborder flows of personal information
NB: Indicate if the body has planned transborder flows of personal information. For example, some personal information may be stored in the cloud outside the Republic. Please specify the country in which personal information will be stored and categories of personal information.
8.5 General description of Information Security Measures to be implemented by the responsible party to ensure the confidentiality, integrity and availability of the information
NB: Specify the nature of the security safeguards to be implemented or under implementation to ensure the confidentiality and integrity of the personal information under the care of the body. This may, for example, include Data Encryption; Anti-virus and Anti-malware Solutions.
9.1 A copy of the Manual is available-
9.1.1 on , if any;
9.1.2 head office of the for public inspection during normal business hours;
9.1.3 to any person upon request and upon the payment of a reasonable prescribed fee; and
9.1.4 to the Information Regulator upon request.
9.2 A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.
The head of a will on a regular basis update this manual.
Issued by CEO
Deputy Information Officer/s:
We may process the following categories of Personal Information about you –
The Personal Information provided to our business should be accurate, complete, and up to date. Should Personal Information change, the onus is on the provider of such data to notify of the change and provide us with accurate data. We will endeavour to monitor and keep Personal Information relevant and up to date, wherever possible, to the best of our knowledge.
will restrict its’ processing of Personal Information to data which is sufficient for the fulfilment of the primary purpose and applicable legitimate purpose for which it was collected.
shall only retain and store Personal Information for the period for which the data is required to serve its primary purpose or a legitimate interest or for the period required to comply with an applicable legal requirement, whichever is longer.
The Information Officer
Complaint’s email: complaints.IR@justice.gov.za
General enquiries email: firstname.lastname@example.org
Physical : JD House, 27 Stiemans Street, Braamfontein, Johannesburg, 2001
ANNEXURE A - DEFINITIONS
"Associates" means shareholders, subsidiaries and the directors, employees, and consultants of or of any of its subsidiaries.
"Cookie" means a small file that is placed on your device when you visit a website. In this Policy, a reference to a "Cookie" includes analogous technologies such as web beacons and clear Graphic Interchange Format files ("GIFs").
"Operator" means any person or entity that processes Personal Information on behalf of the Responsible Party.
“Person” means any natural or juristic person.
A “Record” is any recorded information regardless of the form or medium, in the possession or under the control of the entity irrespective of whether or not it was created by themselves.
A “Data Subject” means the person to whom personal information identifies.
"Personal Information" means information that is about any individual, or from which any individual is directly or indirectly identifiable, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.
"POPIA" means the Protection of Personal Information Act 4 of 2013.
"Process", "Processing" or "Processed" means anything that is done with any Personal Information, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
"Responsible Party" means the entity that decides how and why Personal Information is processed.
"Sensitive Personal Information" means Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.
"Service Provider" – third party providers of various services whom we engage, including, but not limited to, providers of information technology, communication, file storage, data storage, copying, printing, accounting, or auditing services, human resource consultation services, translators, taxation consultants and our insurers and professional advisors.
"Website" means any website operated, or maintained, by us or on our behalf.
Leave this empty:
Your legal name
Your email address
If you have questions about the contents of this document, you can email the document owner.
Document Name: PAIA - Informational Officer
Agree & Sign