PAIA/POPIA Manual

1.     Company Background

1.1.   H Systems (Pty) Ltd (previously Hinges and Hardware (Pty) Ltd) was established in 1995 in the city of Pietermaritzburg.

 

1.2.   Over the past 25+ years, the company has been built into a leading service provider in aluminium profiles, aluminium systems and aluminium accessories to the window, facade and door manufacturing industry of South Africa.

 

1.3.   In 2016 H Systems was acquired by Corialis. Corialis (Core Innovative Aluminium Integrated Solutions) is a leading player in the design and manufacturing of high quality, technologically 

        advanced aluminium profile systems including windows, doors, sliding elements and curtain walls.

 

1.3.1.Corialis’ headquarters are located in Lokeren, Belgium. In addition to its production facility in Belgium, Corialis has several plants around the world.

 

2.     What We Do

2.1.   H Systems (Pty) Ltd specialize in the design, development and assisted implementation of cutting-edge solutions for both the commercial and residential, façade and fenestration industries.

 

2.2.   Our offering includes, but not limited to; thermally broken and non-thermally broken aluminium windows, doors, internal aluminium partitioning, sliding doors, conservatories, cladding, curtain wall façades, shopfronts, fixed sun-control, and ventilated louvres, accompanying hardware products and more.

 

 

3.     Definitions

Consent                             Means any voluntary, specific, and informed expression of will in terms of which permission is given for the processing of personal information.

 

Data subject                      Means the person to whom personal information relates.

 

Information Officer           Means in the case of any other public body, means the chief executive officer, or equivalent officer, of that public body or the person  who is acting as such, 

                                           In relation to, a private body.

 

Person                               Means a natural person or a juristic person.

 

Personal information       Means information relating to an identifiable natural person, including, but not limited to –

a)   information relating to the race, gender, sex, pregnancy, marital status, national, ethnic, or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person.

b)     information relating to the education or the medical, financial, criminal or employment history of the person.

c)     any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assigned to the person.

d)     the biometric information of the person.

e)     the personal opinions, views, or preferences of the person.

f)      correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence.

g)     the views or opinions of another individual about the person; and

h)     the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person,

i)        but excludes information about an individual who has been dead for more than 20 years.

 

    Processing                         As defined in POPIA, means any operation or activity or any set of operations, whether by automatic means, concerning personal information, including

a)     the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, or use.

b)     dissemination by means of transmission, distribution or making available in any other form; or

c)     merging, linking, as well as restriction, degradation, erasure, or destruction of information.

 

    Request for access                 In relation to a private body, means a request for access to a record of a private body in terms of section 50;

    Responsible party                  Means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information.

   Special Personal Information  As referred to in section 26 of POPIA, refers to the personal information concerning the following:

a)     the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a data subject; or

b)     the criminal behaviour of a data subject to the extent that such information relates to-

a.     the alleged commission by a data subject of any offence; or

b.     any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings.

 

4.     Abbreviations

H Systems             Refers to H Systems (Pty) Ltd.

POPIA                    Protection of Personal Information Act.

PAIA                       Promotion of Access to Information Act, No 2 of 2000.

SAHRC                  South African Human Rights Commission.

 

5.     Introduction

5.1.   PAIA, as amended by section 110 of POPIA, was promulgated to give effect to the constitutional right of access to information held by the State or by another person, which information is required for the exercise or protection of any rights.

5.2.   In short, the objective of POPIA is to give effect to the constitutional right of privacy whereas PAIA is essentially an access law to give effect to the constitutional right to access to information. It is worthwhile noting that PAIA is also not restricted to personal information. Both these laws are complimentary.

5.3.   The Information Regulator (South Africa) is an independent body established in terms of section 39 of the protection of personal information act 4 of 2013. It is subject only to the law and the constitution and it is accountable to the national assembly.

5.4.   The Information Regulator is, among others, empowered to monitor and enforce compliance by public and private bodies with the provisions of the promotion of access to information act, 2000 (act 2 of 2000), and the protection of personal information act, 2013 (act 4 of 2013)

5.5.   This Manual is prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (as amended).

 
6.     Particulars in terms of Section 51
6.1.   Contact Details

            [Section 51 (1) (a)]

Company Name

H Systems (Pty) Ltd

Registration number

2005/009864/07

Postal Address

PO Box 6527

Dunswart

1508

Street Address

Unit 3 Poplar Park

16 Lancaster Road

Benoni South

1501

Website

www.hsystems.co.za

Contact details

(011) 748 2660

Information Officer

Warren Munro

Email

warrenm@hsystems.co.za

General

H Systems have 5 branches nationally.

  • Benoni
  • Nelspruit
  • Durban
  • Port Elizabeth
  • Cape Town

 

The directors have duly authorized Warren Munro (warrenm@hsystems.co.za) to deal with all matters in connection with requests for information in terms of the Promotion of Access to Information Act, 2 of 2000 (PAIA).

 

6.2.   Further Guidance

            [Section 51 (1) (b)]

6.2.1.The South African Human Rights Commission (SAHRC) has issued a guide on how to use the PAIA Act (As prescribed by section 10 of PAIA) and is available on the SAHRC website. www.sahrc.org.za or https://www.sahrc.org.za/index.php/understanding-paia

 

6.2.2.For further guidance on PAIA or POPIA, please direct any queries to:

 

            The Information Regulator (South Africa)

            JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001.

            P.O Box 31533, Braamfontein, Johannesburg, 2017

 

            Tel: 010 023 5200

            Website: https://inforegulator.org.za/

            General enquiries E mail: enquiries@inforegulator.org.za

            Complaints email:  POPIAComplaints@inforegulator.org.za

 
7.     Categories of records H Systems Maintains
 
7.1.   Records which are freely available [Section 51 (1) (C) of PAIA]

7.1.1.This section refers to categories of records of H Systems which are available without a person having to request access to the information in terms of the Act.

 

7.1.2.The company’s website and the information contained on it is freely accessible at www.hsystems.co.za.

7.1.2.1.           The web page at www.hsystems.co.za is accessible to anyone who has access to the Internet.

 

7.2.   Records available in terms of any legislation. [Section 51 (1) (d) of PAIA]

7.2.1.H Systems retains various records for the purposes of PAIA in terms of the following main laws, among others:

7.2.1.1.           Basic Conditions of Employment Act 75 of 1997.

7.2.1.2.           Close Corporations Act, 1984.

7.2.1.3.           Companies Act, 1973 Companies Act 71 of 2008.

7.2.1.4.           Compensation for Occupational Injuries and Disease Act 130 of 1993.

7.2.1.5.           Consumer Protection Act 68 of 2008.

7.2.1.6.           Employment Equity Act 55 of 1998.

7.2.1.7.           Financial Intelligence Centre Act, 2001.

7.2.1.8.           Income Tax Act, 1962.

7.2.1.9.           Labour Relations Act 66 of 1995.

7.2.1.10.        National Credit Act 34 of 2005.

7.2.1.11.        Occupational Health and Safety Act 85 of 1993.

7.2.1.12.        Protection of Personal Information Act 4 of 2013.

7.2.1.13.        Skills Development Act 97 of 1998.

7.2.1.14.        Skills Development Levies Act 9 of 1999.

7.2.1.15.        Unemployment Insurance Act, 2001.

7.2.1.16.        Unemployment Insurance Contributions Act 4 of 2002.

7.2.1.17.        Value Added Tax, 1991.

7.2.1.18.        Workmen’s Compensation Act, 1941

7.2.1.19.        Any other relevant regulatory statute.

 

7.3.   Categories of records held by H Systems. [Section 51 (1) (e) of PAIA]
 

7.3.1.Company records and Shareholders agreements

7.3.1.1.           Company records are all our records related to the incorporation and administration of our company. Some of them are available from the Companies and Intellectual Property Commission (CIPC).

 

7.3.2.Business records

7.3.2.1.           Business records include any documents that have economic value to the business.

 

7.3.3.Financial records

7.3.3.1.           Financial records are all our records related to the company’s finances, including accounting records together with information required in terms of the Financial Intelligence Centre Act, Electronic Communications and Transaction Act and any other regulatory statutes.

 

7.3.4.Insurance records

7.3.4.1.           Insurance records are all our records related to our insurable assets.

 

7.3.5.Income tax records

7.3.5.1.           Income tax records are all our records related to our income tax obligations.

 

7.3.6.Personnel records

7.3.6.1.           Personnel records are all our records about anyone who works for us, provides services to us, or provides services on our behalf and who receives or is entitled to receive remuneration, including our employees, contractors, and other personnel.

 

7.3.7.Policies and directives

7.3.7.1.           Policies and directives include both internal and external documents.

 

7.3.8.Agreements or contracts

7.3.8.1.           Agreements or contracts include the documents themselves and all related documents.

 

7.3.9.Regulatory documents

7.3.9.1.           Regulatory documents include any documents required to comply with and laws.

 

7.3.10.   Customer information and ledgers

7.3.10.1.        Customer information relates to any information about any entity that we provide goods or services to, including our customers, leads, or prospects.

 

7.3.11.   Operational information

7.3.11.1.        Operational Information includes any information required in the day-to-day running of the company.

 

7.3.12.   General

7.3.12.1.        H Systems process personal information of various categories of people for various business-related purposes.

 

7.3.12.2.        H Systems provides personal information of various categories of people, to third party providers, in the ordinary course of business, to fulfil our business obligations.

 

8.     Transborder flow of information

8.1.   Only information relating to the organisation and its operations are shared expressly with Corialis Group and its subsidiaries. Personal information will only be shared with information processes outside of the jurisdictions of South Africa if it can be determined that adequate safeguards are applied by the operators conducting the information processing.

8.2.   All personal information will be adequately protected through redaction, encryption, or any other appropriate means of protection.

8.3.   Express permission will be sought from any individual whose personal information will be shared and the purpose of the information sharing as well as how the information will be used will be communicated to the individual.


 9.     Information Security Measures

9.1.   H Systems has implemented information security measures to ensure the confidentiality, integrity, and availability of its own information as well as the information of external parties held by H Systems.

9.2.   For more information on the controls implemented, please consult the H Systems IT policy. Access to the policy can be requested via email at info@hsystems.co.za

 

10.  Process to request access to information

10.1.   Any requests for access to records of H Systems are subject to PAIA and, in respect of personal information, POPIA.

10.2.   A request for access to information is to be made on the prescribed form (Form C) accessible on the SAHRC website www.sahrc.org.za.

10.3.  The request is to be made to the Information Officer addressed to the contact details set out above, together with the relevant request fee. http://www.sahrc.org.za/home/21/files/PAIA%20Notice%20on%20fees.pdf

10.4.   Please ensure that the completed form:

10.4.1.   has enough information for the information officer to identify you, the requested records, and which form of access you require.

10.4.2.   specifies your email address, postal address, or fax number.

10.4.3.   describes the right that you seek to exercise or protect.

10.4.4.   explains why you need the requested record to exercise or protect that right.

10.4.5.   provides any other way you would like to be informed of our decision other than in writing; and

10.4.6.   provides proof of the capacity in which you are making the request if you are making it on behalf of someone else (we will decide whether this proof is satisfactory).

 

10.5.   If you do not use the standard form, we may:

10.5.1.   reject the request due to lack of procedural compliance.

10.5.2.   refuse it if you do not provide sufficient information; or

10.5.3.   delay it.

 
11.  Grounds for refusal
 

11.1.    Access to certain records may be refused in terms of PAIA to protect:

11.1.1.   someone else’s privacy.

11.1.2.   another company’s commercial information.

11.1.3.   someone else’s confidential information.

11.1.4.   company’s confidential information.

11.1.5.   the safety of individuals and property.

11.1.6.   records privileged from production in legal proceedings; or

11.1.7.   research information.

 

11.2.  H Systems will notify you in writing whether your request has been approved or denied, within 30 calendar days after we have received a completed request for access form.

11.3.  If H Systems cannot find any requested record, or it does not exist, then we will notify you by way of affidavit that it is not possible to give access to that record.

 

11.4.   If request for access to information is denied, the applicant may:

11.4.1.   apply to a court with appropriate jurisdiction, or

11.4.2.   lodge a complaint with the Information Regulator, for the necessary relief.

 

12.  General

 

12.1. This procedure is subject for review on the date stipulated; prior review is permitted based on legislative requirements, or business requirements and at the discretion of H Systems Management.