Trust Centre

PAIA

Privacy Policy

Terms & Conditions

Cookie Information

PAIA MANUAL

Prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (as amended)

   

DATE OF COMPILATION: 01/10/2021

DATE OF REVISION: 01/03/2025

TABLE OF CONTENTS

 1……… LIST OF ACRONYMS AND ABBREVIATIONS. 3

2……… PURPOSE OF PAIA MANUAL. 3

3……… KEY CONTACT DETAILS FOR ACCESS TO INFORMATION OF SOLUMED.. 4

4……… GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE. 4

5……… CATEGORIES OF RECORDS OF SOLUMED WHICH ARE AVAILABLE WITHOUT A PERSON HAVING TO REQUEST ACCESS. 7

6.…….. DESCRIPTION OF THE RECORDS OF SOLUMED WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION.. 7

7……… DESCRIPTION OF THE SUBJECTS ON WHICH SOLUMED RIS HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT BY SOLUMED.. 7

8……… PROCESSING OF PERSONAL INFORMATION.. 9

9……… AVAILABILITY OF THE MANUAL. 12

10……. UPDATING OF THE MANUAL. 13

 

LIST OF ACRONYMS AND ABBREVIATIONS

NB: please insert relevant applicable acronyms and abbreviations

  • “DIO” Deputy Information Officer;
  • “IO“ Information Officer;
  • “PAIA” Promotion of Access to Information Act 2 of 2000( as Amended;
  • “POPIA” Protection of Personal Information Act 4 of 2013;
  • “Regulator” Information Regulator; and
  • “Republic” Republic of South Africa

    PURPOSE OF PAIA MANUAL 

    This PAIA Manual is useful for the public to-

    • check the categories of records held by a body which are available without a person having to submit a formal PAIA request;
    • have a sufficient understanding of how to make a request for access to a record of the body, by providing a description of the subjects on which the body holds records and the categories of records held on each subject;
    • know the description of the records of the body which are available in accordance with any other legislation;
    • access all the relevant contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;
    • know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;
    • know if the body will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or categories of information relating thereto;
    • know the description of the categories of data subjects and of the information or categories of information relating thereto;
    • know the recipients or categories of recipients to whom the personal information may be supplied;
    • know if the body has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information may be supplied; and
    • know whether the body has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be

     

    KEY CONTACT DETAILS FOR ACCESS TO INFORMATION OF SOLUMED RIS

     

    • Chief Information Officer

    Name:                          NORMAN HILTON KRETZMER

    Tel:                              +27117192000

    Email:                          normank@avantedge.co.za

    Fax number:                N/A

     

    • Deputy Information Officer (NB: if more than one Deputy Information Officer is designated, please provide the details of every Deputy Information Officer of the body designated in terms of section 17 (1) of PAIA.

     

    Name:                          RAPHAEL SEGAL

    Tel:                              +27117192000

    Email:                          privacy@avantedge.co.za

    Fax Number:               N/A

     

    • Access to information general contacts

    Email:                          privacy@avantedge.co.za

     

    • National or Head Office

     

    Postal Address: Same as Physical Address

    Physical Address:      70 Melville Road, Illovo Central Building, 6th Floor

    Telephone:                 +27117192000

    Email:                          privacy@avantedge.co.za

    Website:                      www.Solumedris.co.za

     

    GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE

     

    • The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably be required by a person who wishes to exercise any right contemplated in PAIA and POPIA.
    • The Guide is available in each of the official languages and in
    • The aforesaid Guide contains the description of-
    • the objects of PAIA and POPIA;
    • the postal and street address, phone and fax number and, if available, electronic mail address of-
    • the Information Officer of every public body, and
    • every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA[1] and section 56 of POPIA[2];
    • the manner and form of a request for-
    • access to a record of a public body contemplated in section 11[3]; and
    • access to a record of a private body contemplated in section 50[4];
    • the assistance available from the IO of a public body in terms of PAIA and POPIA;
    • the assistance available from the Regulator in terms of PAIA and POPIA;
    • all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-
    • an internal appeal;
    • a complaint to the Regulator; and
    • an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;
    • the provisions of sections 14[5] and 51[6] requiring a public body and private body, respectively, to compile a manual, and how to obtain access to a manual;
    • the provisions of sections 15[7] and 52[8] providing for the voluntary disclosure of categories of records by a public body and private body, respectively;
    • the notices issued in terms of sections 22[9] and 54[10] regarding fees to be paid in relation to requests for access; and
    • the regulations made in terms of section 92[11].Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.
    • The Guide can also be obtained- 
    • upon request to the Information Officer;
    • from the website of the Regulator (https://www.justice.gov.za/inforeg/).
    • A copy of the Guide is also available in the following two official languages, for public inspection during normal office hours-
    • English

      

    CATEGORIES OF RECORDS OF SOLUMED RIS WHICH ARE AVAILABLE WITHOUT A PERSON HAVING TO REQUEST ACCESS

     

    Category of records Types of the Record Available on Website Available upon request
    PAIA PAIA Manuel Yes
    Disclaimer Terms & Conditions Yes
    Privacy Documents Privacy Policy Yes

     

     

    DESCRIPTION OF THE RECORDS OF SOLUMED RIS WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION

     

    Category of Records Applicable Legislation
    Memorandum of incorporation Companies Act 71 of 2008
    PAIA Manual Promotion of Access to Information Act 2 of 2000

     

     

    DESCRIPTION OF THE SUBJECTS ON WHICH SOLUMED RIS HOLDS RECORDS AND CATEGORIES OF RECORDS HELD ON EACH SUBJECT BY SOLUMED RIS

     

    Subjects on which SOLUMED RIS holds records Categories of records
    Customers from a commercial perspective — such as through sales or customer servicing activities

    Name, surname, email address, cell phone number, ID number, employment history, education history, gender.

    social media account name, name, email address, phone number
    Customers from an administrative perspective — such as through customer administration or customer credit activities
    Debtors or creditors — such as through managing creditors’ books
    Prospective customers — such as through advertising or direct marketing activities
    Employees — such as through monitoring, payroll or training activities
    Directors or shareholders — such as through company administration activities involving directors or shareholders
    Vendors, contractors or other suppliers — such as through supply chain management
    IT users — such as through IT support, data processing or other IT-related activities;
    Prospective customers — such as through advertising or direct marketing activities
    Customers from a commercial perspective — such as through sales or customer servicing activities
    Customers from a commercial perspective — such as through sales or customer servicing activities. Vendors, contractors or other suppliers — such as through supply chain management

     

     

    PROCESSING OF PERSONAL INFORMATION

     

    • Purpose of Processing Personal Information 
    • Direct marketing of goods or services
    • Entering into a contract
    • Providing goods or services
    • Profiling
    • Paying employees
    • Law enforcement
    • Credit reporting
    • Entering into a contract
    • Historical, statistical or research
    • Providing goods or services
    • Providing medical services

     

    • Description of the categories of Data Subjects and of the information or categories of information relating thereto

     

    Categories of Data Subjects Personal Information that may be processed
    Customers / Clients name, address, registration numbers or identity numbers, employment status and bank details
    Service Providers names, registration number, vat numbers, address, trade secrets and bank details
    Employees address, qualifications, gender and race

     

    • The recipients or categories of recipients to whom the personal information may be supplied

     

    Category of personal information Recipients or Categories of Recipients to whom the personal information may be supplied

    Identity number and names, for

    criminal checks

    		 South African Police Services

    Qualifications, for qualification

    verifications

    		 South African Qualifications Authority

    Credit and payment history, for

    credit information

    		 Credit Bureaus

     

    • Planned transborder flows of personal information
    • Ireland
    • South Africa
    • India

     

    General description of Information Security Measures to be implemented by the responsible party to ensure the confidentiality, integrity and availability of the information

     

    Access control lists (subcontractors and third-parties)
    Anti-virus protection, user access management, firewalls, data backup, internal awareness and training, internal policies and plans, user password management, need-to-know restrictions.
    On the data centre side: Breach detection tools, intrusion detection tools, secure premises.
    Email scanning, Mobile device management tools
    Vendor risk management
    Network authentication, Secure disposal, Regular software updates, Pseudonymization
    Multi-factor authentication, penetration tests, anonymization, segmented access control, encryption.
    Anti-virus protection, user access management, firewalls, data backup, internal awareness and training, internal policies and plans, user password management, need-to-know restrictions.
    On the data centre side: Breach detection tools, intrusion detection tools, secure premises, data backup.
    From the software side: Multi-factor authentication, penetration tests, anonymization, segmented access control, encryption.
    Anti-virus protection, user access management, firewalls, internal awareness and training, internal policies and plans, user password management, need-to-know restrictions.
    On the data centre side (the WebWindi data and product data are on our server on the cloud): Breach detection tools, intrusion detection tools, secure premises, data backup.
    From the software side (WebWindi): Segmented access control.
    From the software side (product): Multi-factor authentication, penetration tests, anonymization, segmented access control, encryption.

     

     

    AVAILABILITY OF THE MANUAL

     

    • A copy of the Manual is available-
    • on Solumedris.co.za , if any; head office of SOLUMED for public inspection during normal business hours; 
    • to any person upon request and upon the payment of a reasonable prescribed fee; and 
    • to the Information Regulator upon 
    • A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.

      

    UPDATING OF THE MANUAL

     

    The head of SOLUMED RIS  will on a regular basis update this manual.

    Issued by

    RAPHAEL SEGAL (DPO)

     

    [1] Section 17(1) of PAIA- For the purposes of PAIA, each public body must, subject to legislation governing the employment of personnel of the public body concerned, designate such number of persons as deputy information officers as are necessary to render the public body as accessible as reasonably possible for requesters of its records

    [2] Section 56(a) of POPIA- Each public and private body must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons, if any, as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of POPIA.

    [3] Section 11(1) of PAIA- A requester must be given access to a record of a public body if that requester complies with all the procedural requirements in PAIA relating to a request for access to that record; and access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.

    [4] Section 50(1) of PAIA- A requester must be given access to any record of a private body if-

    1. that record is required for the exercise or protection of any rights;
    2. that person complies with the procedural requirements in PAIA relating to a request for access to that record; and
    3. access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this

     

    [5] Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.

    [6] Section 51(1) of PAIA- The head of a private body must make available a manual containing the description of the information listed in paragraph 4 above.

    [7] Section 15(1) of PAIA- The information officer of a public body, must make available in the prescribed manner a description of the categories of records of the public body that are automatically available without a person having to request access

    [8] Section 52(1) of PAIA- The head of a private body may, on a voluntary basis, make available in the prescribed manner a description of the categories of records of the private body that are automatically available without a person having to request access

    [9] Section 22(1) of PAIA- The information officer of a public body to whom a request for access is made, must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.

    [10] Section 54(1) of PAIA- The head of a private body to whom a request for access is made must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.

    [11] Section 92(1) of PAIA provides that –“The Minister may, by notice in the Gazette, make regulations regarding-

    • any matter which is required or permitted by this Act to be prescribed;
    • any matter relating to the fees contemplated in sections 22 and 54;
    • any notice required by this Act;
    • uniform criteria to be applied by the information officer of a public body when deciding which categories of records are to be made available in terms of section 15; and
    • any administrative or procedural matter necessary to give effect to the provisions of this ”