CEREAL AND MALT EXTRACT PTY (LTD)

This manual has been prepared in terms of the section 51 of the Promotion of Access to Information Act 2 of 2000 and to address the requirements of the Protection of Personal Information Act 4 of 2014.

December 2021

Version 1

 

 

1.   DEFINITIONS

Client

any natural or juristic person that received or receives services from the Company

Conditions for Lawful Processing

the conditions for the lawful processing of Personal Information as fully set out in chapter 3 of POPI and in paragraph 12 of this Manual

Data Subject

the person to whom personal information relates

Information Officer

the individual who is identified in paragraph 3 of this manual

Manual

this manual

PAIA

the Promotion of Access to Information Act 2 of 2000

Personal Information

means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to—a.    information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;b.    information relating to the education or the medical, financial, criminal or employment history of the person;c.    any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;d.    the biometric information of the person;e.    the personal opinions, views or preferences of the person;f.     correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;g.    the views or opinions of another individual about the person; andh.    the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person

Personnel

any person who works for, or provides services to or on behalf of the Company, and receives or is entitled to receive remuneration and any other person who assists in carrying out or conducting the business of the Company, which includes, without limitation, directors (executive and non-executive), all permanent, temporary and part-time staff as well as contract workers

POPI

the Protection of Personal Information Act 4 of 2013

  

POPI Regulations

the regulations promulgated in terms of section 112(2) of POPI

Private Body

means—a.    a natural person who carries or has carried on any trade, business or

profession, but only in such capacity;b.    a partnership which carries or has carried on any trade, business or profession; orc.    any former or existing juristic person, but excludes a public body

Processing

means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including—a.    the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;b.    dissemination by means of transmission, distribution or making available in any other form; orc.    merging, linking, as well as restriction, degradation, erasure or destruction of information

SAHRC

the South African Human Rights Commission

Any other terms not described herein will have the meaning as ascribed to it in terms of PAIA or POPI.

 

 

2.   INTRODUCTION

  • For the purpose of POPI and PAIA, the Company is defined as a private body. In accordance with the Company’s obligations in terms of POPI and PAIA, the Company has produced this manual.

  • This manual sets out all information required by both PAIA and POPI.

  • This manual also deals with how requests are to be made in terms of PAIA.

  • This manual also establishes how compliance with POPI is to be achieved.

 

3.   CONTACT DETAILS

Business Name

CEREAL AND MALT EXTRACT PTY (LTD)

Registration Number

2000/003586/07

Registered Office

 

Postal Address

P O Box 43034, Industria, 2042

Contact Number

011) 474 2424

Information Officer

Petro von Allemann

Email address

petro@cerealandmalt.com

Background information of the Company can be found at https://cerealandmalt.com

 

 

4.   GUIDE OF SAHRC

  • A guide to PAIA and how to access information in terms of PAIA has been published pursuant to section 10 of PAIA.

  • The guide contains information required by an individual who may wish to exercise their rights in terms of PAIA.

  • Should you wish to access the guide you may request a copy from the Information Officer by submitting ANNEXURE A, attached hereto, to the details specified above.

  • You may also inspect the guide at the Company’s offices during ordinary working hours.

  • You may also request a copy of the guide from Information Regulator at the following details:

Information Regulator:

Postal Address:        P.O. Box 31533, Braamfontein, Johannesburg, 2017

Telephone:                (010) 023 5200

Website:                     www.justice.gov.za

Email:                         PAIAComplaince.IR@justice.gov.za

 

5.   LATEST NOTICES IN TERMS OF SECTION 52(2) OF PAIA

  • At this stage no Notice(s) has / have been published on the categories of records that are available without having to request access to them in terms of PAIA.

6.   AVAILABILITY OF CERTAIN RECORDS IN TERMS OF PAIA

  • The Company holds and/or process the following records for the purposes of PAIA and POPI.

  • The following records may be requested, however it should be noted that there is no guarantee that the request will be honoured. Each request will be evaluated in terms of PAIA and any other applicable legislation.

Products and/or Services:

  • All products and/or services are available freely on the Company’s website as set out above.

Human Resources:

  • Employment Contracts

  • Employee benefits

  • Personnel records and correspondence

  • Training records

  • Internal policies

  • Information pertaining to share options, share incentives, bonus or profit sharing agreements of each employee

  • Pension and provident find records

Legal:

  • Agreements with Clients

  • Agreement with Suppliers

  • Shareholder agreements

  • Partnership agreements

  • Licenses and Permits

  • Power of Attorneys

  • Sale agreements

  • Lease agreements

Company Secretarial:

  • Memorandum of Incorporation

  • Secretarial records

  • Tradename registrations

  • Trademark registrations

  • Company registration documents

  • Statutory registers

  • Minutes of Shareholder’s meetings

  • Minutes of Director’s meetings

  • Register of Directors

  • Share Certificates

Financial:

  • Accounting records

  • Annual reports

  • Interim reports

  • Auditor details and reports

  • Tax returns

  • Insurance records

Client:

  • Client database

  • Credit Applications

  • Correspondence with Clients

  • Documentation prepared for Clients.

  • Invoices, receipts, credit and debit notes

Marketing:

  • Published Marketing material

Miscellaneous:

  • Internal Correspondence

  • Information technology records

  • Trade secrets

  • Domain name registrations

  • Website information

  • Asset registers

  • Title deeds

7.   RECORDS AVAILABLE IN TERMS OF OTHER LEGISLATION

  • The Company may be in possession of records in terms of the following legislation as and when applicable:

    • Basic Conditions of Employment Act, No. 75 of 1997

    • Companies Act, No. 71 of 2008

    • Compensation for Occupational Injuries and Diseases Act, No. 130 of 1993

    • Competition Act, No. 89 of 1998

    • Constitution of the Republic of South Africa Act, No. 108 of 1996

    • Credit Agreement Act, No. 75 of 1980

    • The Criminal Procedure Act, No. 51 of 1977

    • Debt Collectors Act, No. 114 of 1998

    • Deed Registries Act, No. 47 of 1937

    • Employment Equity Act, No. 55 of 1998

    • Financial Intelligence Centre Act, No. 38 of 2001

    • Identification Act, No. 68 of 1997

    • National Credit Act, No. 34 of 2005

    • Insolvency Act, No. 24 of 1936

    • Inspection of Financial Institutions Act, No. 18 of 1998

    • The Labour Relations Act, No. 66 of 1995

    • The Long Term Insurance Act, No. 52 of 1998

    • Pension Funds Act, No. 24 of 1956

    • Short Term Insurance Act, No. 53 of 1998

    • Skills Development Levies Act, No. 9 of 1999

    • Unemployment Insurance Act, No. 63 of 2001

    • Unit Trust Control Act, No. 54 of 1981

    • Value Added Tax Act, No. 89 of 1991

    • Electronic Communication and Transactions Act, No. 25 of 2002

    • Financial Advisory and Intermediary Service Act, No. 37 of 2002

    • Patents, Designs and Copyright Merchandise Marks Act, No. 17 of 1941

    • Income Tax Act, No. 58 of 1962

    • Occupational Health and Safety Act No. 85 of 1993

    • Co-operatives Act No. 14 of 2005

    • Customs and Excise Act No. 91 of 1964

    • Insider Trading Act No. 135 of 1998

    • Prevention of Organised Crime Act No. 121 of 1998

    • Road Transportation Act No. 74 of 1977

    • Stock Exchanges Control Act No. 54 of 1995

    • Transfer Duty Act No. 40 of 1949

    • Machinery and Occupational Safety Amendment Act No. 181 of 1993

    • National Payment Systems Act No. 78 of 1998

    • National Water Act No. 36 of 1998

    • Prescription Act No. 68 of 1969

    • Trademark Act No. 194 of 1993

    • Intellectual Property Laws Amendment Act No.38 of 1997

    • Financial Markets Act No. 19 of 2012

8.   REQUEST PROCESS

  • An individual who wishes to place a request must comply with all the procedures laid down in PAIA.

  • The requester must complete ANNEXURE B, which is attached hereto and submit it to the Information Officer at the details specified above.

  • The prescribed form must be submitted as well as payment of a request fee and a deposit, if applicable to the information officer at the postal or physical address, fax number or electronic mail as is stated herein.

  • The prescribed form must be completed with enough particularity to enable the information officer to determine:

    • The record(s) requested;

    • The identity of the requestor;

    • What form of access is required; and

    • The Postal address or fax number of the requestor.

  • The requestor must state that the records are required for the requestor to exercise or protect a right, and clearly state what the nature of the right is so to be exercised or protected. An explanation of why the records requested is required to exercise or protect the right.

  • The request for access will be dealt with within 30 days from date of receipt, unless the requestor has set out special grounds that satisfies the Information Officer that the request be dealt with sooner.

  • The period of 30 days may be extended by not more than 30 additional days, if the request is for a large quantity of information, or the request requires a search for information held at another office of the Company and the information cannot be reasonably obtained within 30 days. The information officer will notify the requestor in writing should an extension be necessary.

  • The requestor will be informed in writing whether access to the records have been granted or denied. If the requestor requires a reason for the decision the request must be expressed in the prescribed form, the requestor must be further stated what particulars of the reasoning the requestor requires.

  • If a requestor has requested the records on another individual’s behalf, the requestor must submit proof of the capacity the requestor submits the request in, to the satisfaction of the information officer.

  • Should the requestor have any difficulty with the form or the process laid out herein, the requestor should contact the Information Officer for assistance.

  • An oral request can be made to the Information Officer should the requestor be unable to complete the form due to illiteracy or a disability. The Information Officer will complete the form on behalf of the requestor and provide a copy of the form to the requestor.

9.   GROUNDS FOR REFUSAL

  • The following are grounds upon which the Company may, subject to the exceptions in Chapter 4 of PAIA, refuse a request for access in accordance with Chapter 4 of PAIA:

    • Mandatory protection of the privacy of a third party who is a natural person, including a deceased person, where such disclosure of Personal Information would be unreasonable

    • Mandatory protection of the commercial information of a third party, if the Records contain:

      • Trade secrets of that third party;

      • Financial, commercial, scientific or technical information of the third party, the disclosure of which could likely cause harm to the financial or commercial interests of that third party; and/or

      • Information disclosed in confidence by a third party to The Company, the disclosure of which could put that third party at a disadvantage in contractual or other negotiations or prejudice the third party in commercial competition;

    • Mandatory protection of confidential information of third parties if it is protected in terms of any agreement;

    • Mandatory protection of the safety of individuals and the protection of property;

    • Mandatory protection of Records that would be regarded as privileged in legal proceedings;

    • Protection of the commercial information of the Company, which may include:

      • Trade secrets;

      • Financial/commercial, scientific or technical information, the disclosure of which could likely cause harm to the financial or commercial interests of the Company;

      • Information which, if disclosed, could put the Company at a disadvantage in contractual or other negotiations or prejudice the Company in commercial competition; and/or

      • Computer programs which are owned by the Company, and which are protected by copyright and intellectual property laws;

    • Research information of the Company or a third party, if such disclosure would place the research or the researcher at a serious disadvantage; and

    • Requests for Records that are clearly frivolous or vexatious, or which involve an unreasonable diversion of resources.

10.        REMEDIES SHOULD A REQUEST BE REFUSED

 

  • The Company does not have an internal appeal procedure in light of a denial of a request, decisions made by the information officer is final;

  • The requestor may in accordance with sections 56(3) (c) and 78 of PAIA, apply to a court for relief within 180 days of notification of the decision for appropriate relief.

11.        Fees

  • The following fees shall be payable upon request by a requestor:

Request fee(payable on every request)

R140.00

Photocopy of an A4 page or part thereof

R2.00

Printed copy of an A4 page or part thereof

R2.00

Hard copy on flash drive(flash drive to be provided by requestor)

R40.00

Hard copy on a compact disc(compact disc to be provided by requestor)

R40.00

Hard copy on a compact disc(compact disc to be provided by the Company)

R60.00

Transcription of visual images per A4 page

As per quotation of service provider

Copy of visual images

As per quotation of service provider

Transcription of an audio record per A4 page

R24.00

Copy of an audio record on flash drive(flash drive to be provided by requestor)

R40.00

Copy of an audio on a compact disc(compact disc to be provided by requestor)

R40.00

Copy of an audio on a compact disc(compact disc to be provided by the Company)

R60.00

To search for and prepare the record for disclosure for each hour or part of an hour, excluding the first hour, reasonably required for such search and preparation

R145.00

To search for and prepare the record for disclosure for each hour or part of an hour, excluding the first hour, reasonably required for such search and preparation(cannot exceed total cost)

R435.00

Postage, email or any other electronic transfer

Actual expense, if any.

12.        POPI

  • Conditions fort lawful processing:

    • POPI has eight conditions for lawful processing and includes:

      • Accountability

      • Processing limitation

      • Purpose specification

      • Further processing limitation

      • Information quality

      • Openness

      • Security safeguards

      • Data subject participation

    • The Company is involved in the following types of processing:

      • Collection

      • Recording

      • Organization

      • Structuring

      • Storage

      • adaptation or alteration

      • retrieval

      • consultation

      • use

      • disclosure by transmission

      • dissemination or otherwise making available

      • alignment or combination

      • restriction

      • erasure

      • destruction

    • The Company processes information for the following purposes:

      • to fulfil agreements in relation to its employees;

      • to provide services to its Clients in accordance with terms agreed to by the Clients;

      • to undertake activities related to the provision of services, such as

        • to fulfil domestic legal, regulatory and compliance requirements

        • to verify the identity of Customer representatives who contact the Company or may be contacted by The Company;

        • for risk assessment, information security management, statistical, trend analysis and planning purposes;

        • to monitor and record calls and electronic communications with the Client for quality, training, investigation and fraud prevention purposes;

        • to enforce or defend the Company or the Company affiliates’ rights;

        • to manage the Company’s relationship with its clients, which may include providing information to its clients and its clients affiliates about the Company’s and the Company affiliates’ products and services;

      • the purposes related to any authorised disclosure made in terms of agreement, law or regulation;

      • any additional purposes expressly authorised by the Company’s client;

      • any additional purposes as may be notified to the Client or Data Subjects in any notice provided by the Company.

    • The Company processes personal information the following categories of Data Subjects:

      • Juristic persons –

        • Corporate clients

        • Suppliers

      • Natural persons –

        • Individuals

        • Staff

        • Clients

        • Suppliers

      • The Company process the following categories personal information:

        • Client profile information;

        • Bank account details;

        • Payment information;

        • Client representatives;

        • Names;

        • Email Addresses;

        • Telephone numbers;

        • Facsimile numbers;

        • Physical addresses;

        • Tax numbers;

        • Identity Numbers;

        • Passport Numbers;

      • Recipients of Personal Information:

        • The Company, the Company’s affiliates, their respective representatives

      • When making authorised disclosures or transfers of personal information in terms of Section 72 of POPI, personal information may be disclosed to recipients in countries that do not have the same level of protection for personal information as South Africa does.

      • The following Security measures are implemented by the Company:

      • The Company implements numerous Security measures to protect personal information that is stored electronically and physically.

        • The Company ensures that appropriate security measures are taken and updates these measures on a regular basis.

        • The Company have also implemented various policies for additional security for personal information stored both physically and electronically.

      • The personal information that is stored physically is protected as follows:

        • Where physical records of the data exist, such records will be stored in a secure area that can be ‘locked-away’ as to avoid a breach of the personal information.

        • Such physical data records will be ‘locked-away’ and secured when not in use.

      • The Company may share personal information with third parties and in certain instances this may result in cross border flow of the personal information. The personal information will always be subject to protection, not less than the protection it is afforded under the Protection of Personal Information Act No.4 of 2013.

      • Objection to the processing of personal information by a data subject:

        • Section 11(3) of POPI and regulation 2 of the POPI regulations provides that a data subject may, at any time object to the processing of their personal information in the prescribed form attached to this manual as annexure “B”.

      • Request for correction or deletion of personal information:

        • Section 24 of POPI and regulation 3 of the POPI regulations provides that a data subject may request for their personal information to be corrected and/or deleted in the prescribed form attached hereto as ANNEXURE “C”.