PAIA Manual
of
KIDZ PHYSIO (PTY) LTD
(trading as Early Bird Therapy Centre)
Initial approval date
18/06/2021 Revision number
0 Date of last review
N/A Date of next review
18/06/2022
2
Table of Contents
1. INTRODUCTION TO THE COMPANY ....................................................................................................... 3
2. CONTACT DETAILS ............................................................................................................................... 3
3. GUIDE OF THE SA HUMAN RIGHTS COMMISSION / INFORMATION REGULATOR ............................................. 3
4. RECORDS ............................................................................................................................................ 4
5. INFORMATION AVAILABLE IN TERMS OF OTHER LEGISLATION ...................................................................... 5
6. RECORDS AUTOMATICALLY AVAILABLE .................................................................................................... 6
7. PURPOSE OF PROCESSING PERSONAL INFORMATION ................................................................................. 6
8. DATA SUBJECTS, THEIR PERSONAL INFORMATION AND POTENTIAL RECIPIENTS OF THIS INFORMATION .............. 6
9. PLANNED TRANSBORDER FLOWS OF PERSONAL INFORMATION .................................................................... 8
10. SECURITY MEASURES TO PROTECT PERSONAL INFORMATION ...................................................................... 9
11. PROCEDURE TO OBTAIN ACCESS TO RECORDS OR INFORMATION ................................................................. 9
12. FEES PAYABLE TO OBTAIN THE REQUESTED RECORDS OR INFORMATION ..................................................... 10
13. AVAILABILITY OF THIS MANUAL ............................................................................................................ 10
ANNEXURE A: INFORMATION AND RECORD REQUEST FORM ............................................................................. 11
ANNEXURE B: FEES .................................................................................................................................... 12
3
1. INTRODUCTION TO THE COMPANY
KIDZ PHYSIO (PTY) LTD (trading as Early Bird Therapy Centre) is a private therapy facility, which is conducted in accordance with the requirements of the Companies Act 71 of 2008. The Company is registered with the Companies and Intellectual Property Commission (CIPC).
2. CONTACT DETAILS
Company Name: KIDZ PHYSIO (PTY) LTD (trading as Early Bird Therapy Centre)
Registration Number: 2018/242147/07
Head of the Company: Jessica Tucker and Samantha Rosie
Information Officer: Samantha Rosie
Physical Address:
Telephone Number: 0796310596
E-mail address: info@earlybirdtherapy.co.za
Website address: www.earlybirdtherapy.co.za
3. GUIDE OF THE SA HUMAN RIGHTS COMMISSION / INFORMATION REGULATOR
The South African Human Rights Commission (“SAHRC”) / Information Regulator compiled a Guide, in terms of Section 10 of the Promotion of Access to Information Act (Act 2 of 2000) (“PAIA”), to assist persons wishing to exercise their rights in terms of this Act. This Guide is available in all the official languages and contains, amongst others, the following information:
• The purpose of PAIA;
• The manner, form and costs of a request for access to information held by a body;
• Legal remedies when access to information is denied;
• When access to information may be denied; and
• The contact details of Information Officers in the national, provincial and local government.
Any person wishing to obtain the Guide may either access it through the website of the SAHRC at https://www.sahrc.org.za/home/21/files/Section%2010%20guide%202014.pdf or should contact the Information Regulator at:
Physical address: 33 Hoofd Street, Forum III, 3rd Floor Braampark, Braamfontein, Johannesburg
Postal address: PO Box 31533, Braamfontein, Johannesburg, 2017
4
Telephone: +27 (0) 10 023 5207 / +27 (0) 82 746 4173
E-mail address: inforeg@justice.gov.za
Website: https://www.justice.gov.za/inforeg/
The publication of the abovementioned Guide will be the responsibility of the Information Regulator with effect from 30 June 2021.
4. RECORDS
The Company holds the following categories of records:
4.1 Records relating to the form of company:
Documents related to the establishment of the company, such as documents required in terms of the Companies Act 71 of 2008 / a shareholders’ agreement; other statutory records; governance documents (e.g. company policies); minutes of meetings; and other related documents.
4.2 Company management records:
Documentation relevant to the management structure and the management of the company; protocols, guidelines and related documentation in respect of the management of the company.
4.3 Employment / Appointment records:
Employment contracts; conditions of employment and work place policies; employment equity and skills development plans and reports; attendance records; salary and wage register; performance management records; collective agreements; complaints and disciplinary records; relevant tax records; training records; leave records; medical scheme and pension fund membership records; essential services’ permits; correspondence.
4.4 Health and safety records:
Evacuation plan; information related to the Health and Safety Committee / health and safety officer; and health and safety incident reports.
4.5 Financial records:
South African Revenue Services (“SARS”) registration; Annual Financial Statements; auditor’s reports; accounting records; bank statements; invoices, statements, receipts and related documents; VAT records; tax returns and related documentation.
5
4.6 Records related to assets:
Asset register; purchase records; financing and lease agreements; sale and purchase agreements; delivery notes and orders.
4.7 Agreements:
Agreements (and related documentation) with contractors, consultants, suppliers and vendors, including agreements with funders.
4.8 Public and private body records:
Documents published in the public domain; correspondence.
4.9 Legal records:
Legal opinions and advice; complaints, pleadings, briefs and other documents pertaining to any actual, pending or threatened litigation, mediation, and arbitration.
4.10 Insurance records:
Insurance policies and related records; claims records.
5. INFORMATION AVAILABLE IN TERMS OF OTHER LEGISLATION
The company as may be required in terms of the following legislation subject to the specific protection offered by these laws:
1. Basic Conditions of Employment Act 75 of 1997;
2. Companies Act 71 of 2008;
3. Compensation for Occupational Injuries and Diseases Act 130 of 1993;
4. Consumer Protection Act 68 of 2008;
5. Disaster Management Act 57 of 2002;
6. Electronic Communications and Transactions Act 25 of 2002;
7. Employment Equity Act 55 of 1998;
8. Income Tax Act 58 of 1962;
9. Labour Relations Act 66 of 1995;
10. Occupational Health and Safety Act 85 of 1993;
11. Promotion of Access to Information Act 2 of 2000;
12. Protection of Personal Information Act 4 of 2013;
6
13. Skills Development Levies Act 9 of 1999;
14. Skills Development Act 97 of 1998;
15. Unemployment Contributions Act 4 of 2002;
16. Unemployment Insurance Act 63 of 2001; and
17. Value Added Tax Act 89 of 1991.
6. RECORDS AUTOMATICALLY AVAILABLE
No notice has been submitted by the company to the Minister of Justice and Correctional Services regarding the categories of records, which are available without a person having to request access in terms of Section 52(2) of PAIA. However, the information on the website of the company is automatically available without having to request access in terms of PAIA. Access and usage of the information on the website are subject to the Website Terms and Conditions as well as the Privacy Statement of the company.
7. PURPOSE OF PROCESSING PERSONAL INFORMATION
The company processes personal information of data subjects for the following purposes:
1. to conduct and manage the company in accordance with the law, including the administration of the company and claiming and collecting payment for services rendered;
2. for communication purposes;
3. for the maintenance of tenant records;
4. for employment and related matters of employees;
5. for reporting to persons and bodies as required and authorised in terms of the law or by the data subjects;
6. for historical, statistical and research purposes;
7. for proof;
8. for enforcement of the Company’s rights; and/or
9. for any other lawful purpose related to the activities of a private company.
8. DATA SUBJECTS, THEIR PERSONAL INFORMATION AND POTENTIAL RECIPIENTS OF THIS INFORMATION
The company holds the categories of records and personal information in respect of the categories of data subjects specified below. The potential recipients of the personal information processed by the company are also specified. Information and records are only disclosed as may be necessary in the circumstances and authorised in terms of the law or otherwise with the consent of the relevant data subjects.
7
8.1 Employees
Categories of personal information:
Names and surnames; Curriculum Vitae (“CVs”); contact details; identity numbers / dates of birth; race; gender; nationality; qualifications; registered professions and category of registration; employment history and related information; position and job description; bank details; relevant health information; relevant information on criminal behaviour; complaint and disciplinary-related information; records created in the performance of their duties; tax numbers and related tax information; leave records; remuneration; employment benefits; absenteeism information; vetting reports; references; opinions; next-of-kin details; health and safety-related incidents; COVID-19-related information; correspondence.
Potential Recipients:
Company owners; SARS; relevant statutory and other public bodies (e.g. Department of Employment and Labour); Companies and Intellectual Property Commission (“CIPC”); funders; contractors and suppliers; visitors; bodies performing peer review and company audits; banks; vetting agencies; members of the public; legal and professional advisers; auditors; executors of estates; purchaser of company.
8.2 Job Applicants
Categories of personal information:
Names and surnames; Curriculum Vitae (CVs); contact details; identity numbers / dates of birth; race; gender; nationality; qualifications; registered professions and category of registration; statutory council registration numbers; employment history and related information; relevant health information; relevant information on criminal behaviour; vetting reports; interview notes; references; COVID-19-related information; correspondence.
Potential Recipients:
Company owners and relevant other employees; vetting agencies; legal and professional advisers; auditors; purchaser of company.
8
8.3 Visitors
Categories of personal information:
Names and surnames; contact details; identity numbers / dates of birth; race; gender; COVID-19-related information; complaint-related information; compliments; opinions; correspondence.
Potential Recipients:
Relevant statutory and other public bodies (e.g. the Compensation Commissioner of Occupational Injuries and Diseases); legal and professional advisers; auditors; purchaser of company.
8.4 Contractors, Vendors and Suppliers
Categories of personal information:
Names and surnames; organisation names and details; relevant staff / office bearer details; contact details; website addresses; opinions; correspondence; COVID-19-related information; market information; price structures; financial arrangements; bank details; VAT numbers; Broad-Based Black Economic Empowerment (BBBEE) related information.
Potential Recipients:
Banks; auditors; legal and professional advisers; funders; purchaser of company.
8.5 Insurers
Categories of personal information:
Names and contact details; premiums; correspondence.
Potential Recipients:
Auditors; legal and professional advisers; relevant public bodies; purchaser of the company.
9. PLANNED TRANSBORDER FLOWS OF PERSONAL INFORMATION
The company stores electronic information, including personal information of data subjects, in the ‘cloud’, the servers of which may be located outside of the borders of the Republic of South Africa. Due care is taken in the selection of appropriate cloud service providers to ensure compliance with the law and protect the privacy of data subjects. The company is not planning to send any other
9
personal information about any data subject to any other third party in a foreign country. Should this be required, relevant data subject consent will be obtained, where required, and transfers of such information will occur in accordance with the requirements of the law.
10. SECURITY MEASURES TO PROTECT PERSONAL INFORMATION
The company is committed to ensuring the security of the personal information in its possession or under its control in order to protect it from unauthorised processing and access as well as loss, damage or unauthorised destruction. It continually reviews and updates its information protection measures to ensure the security, integrity and confidentiality of this information in accordance with industry best practices. The measures it adopts to ensure the security of personal information, includes technical and organisational measures and internal policies to prevent unauthorised access, loss or use of personal information, for example, the physical securing of the offices where information is held; locking of cabinets with physical records; password control to access electronic records, which passwords are regularly updated; server access control; and off-site data back-ups. In addition, only those employees that require access to the information are permitted access to the relevant information and only if they have concluded agreements with or provided undertakings to the company requiring them to implement appropriate security measures and to maintain the confidentiality of the information. Contractors are required to adhere to the strict policies and processes implemented by the company and are subject to sanctions for any security breach. All security breaches are taken seriously and are addressed in accordance with the law.
11. PROCEDURE TO OBTAIN ACCESS TO RECORDS OR INFORMATION
The fact that information and records are held by the company as listed in this Manual should not be construed as conferring upon any requester any right to that information or record. PAIA grants a requester access to records of a private body, if the record is required for the exercise or protection of any right. If a public body lodges a request, the public body must be acting in the public interest. Access to records and information is not automatic. Any person, who would like to request access to any of the above records or information, is required to complete a request form, which is attached to this Manual as Annexure A, and pay the prescribed fees as referenced below. The request form is also available from -
• the Information Officer of the company at the contact details stipulated above; and
• the Information Regulator at the contact details stipulated above.
10
The requester must provide sufficient detail on the request form to enable the Information Officer to identify the record and the requester. The requester must identify the right he/she is seeking to exercise or protect and explain why the record requested is required for the exercise or protection of that right. If a request is made on behalf of another person, the requester must submit proof of the capacity in which the request is made to the satisfaction of the Information Officer. Access to the requested records or information or parts of the records or information may be refused in terms of the law. Requesters will be advised of the outcome of their requests.
12. FEES PAYABLE TO OBTAIN THE REQUESTED RECORDS OR INFORMATION
The fees for requesting and accessing information and records held by the company are prescribed in terms of PAIA. The fees payable, which may be amended from time to time in accordance with notices published in the Government Gazette, are attached hereto as Annexure B. Details of the fees payable and any change to such fees may be obtained from the Information Officer. The fees are also available on the website of the Information Regulator. A requester may be required to pay the fees prescribed for searching and compiling the information, which has been requested, including copying charges.
13. AVAILABILITY OF THIS MANUAL
A copy of this Manual is available for inspection, free of charge, at the company and on its website. A copy of the Manual may also be requested from the Information Officer against payment of the appropriate fee, which may be obtained from the Information Officer.
11
ANNEXURE A: INFORMATION AND RECORD REQUEST FORM
Annexure A.pdf
https://www.justice.gov.za/forms/paia/J752_paia_Form%20C.pdf
12
ANNEXURE B: FEES
Annexure B.pdf
https://www.sahrc.org.za/home/21/files/PAIA%20Notice%20on%20fees.pdf