Privacy and PAIA - IO Privacy

YOUR PRIVACY PARTNER

Don’t worry about POPIA. That’s our job.

Privacy Policy

1. introduction

1.1. Who we are

We are IO Privacy and we help organisations manage their data protection obligations practically and effectively.

1.2. Who you are

This policy applies to you if you are our customer or prospective customer.

1.3. What these terms cover

We care about your privacy and want you to know exactly what happens with your personal information when you work with us. This policy explains what we collect, why we collect it, and how we keep it safe.

2. what personal information we collect

2.1. What we collect

We collect the following personal information about you:

your identification details, like your name, birth date and ID number;
your contact details, like your email address and phone number;
your location details, like your physical address and postal address;
your business details, like your business identification, contact and location details;
your business activity details, like your compliance reports, customer queries and replies.

All of the information we collect is necessary for us to provide our services to you.

2.2. How we collect it

We collect your personal information in the following ways:

from you directly, via our webform;
from you indirectly, via your website.

3. why we collect your personal information

3.1. Why we collect it

We collect your personal information for the following purposes:

to provide our services, like processing your order and responding to queries;
to market our services, like sending marketing messages or advertising;
to manage our business, like settling accounts or handling legal claims.

3.2. Who we share it with

We may share your personal information with the following parties, who may be located outside of South Africa:

our group, like related entities in our business providing the services;
our service providers, like parties providing services that our services rely on;
our regulators, like law enforcement (including to third parties on the instruction of law enforcement).

We do not sell your personal information or share it with any other third party.

4. how we protect your personal information

We protect your personal information in the following ways:

appropriate technical measures, like a secure hosting environment;
appropriate organisational measures, like secure access control;
limited retention periods, like keeping your information only as necessary to provide the services or comply with the law.

5. your rights

You have the following rights regarding your personal information under data protection law:

to request access to a copy of it;
to update or correct it;
to object to our use of it;
to complain to the Information Regulator about us.

You can exercise your rights via the contact information in our PAIA manual.

6. changes to this policy

We may update this policy from time to time, in which case they will apply to your use of this site immediately.

7. contact us

If you have any questions about this policy or how we handle your personal information, you can contact us at the details in our PAIA manual.

Paia manual

1. purpose of this paia manual

This PAIA Manual exists to help you understand:

what records we keep,
how you can access them,
where to find guidance on PAIA, and
how we process personal information under POPIA.

2. our key contact details

You can contact us directly using the details below.

Our name: IO Privacy
Website: ioprivacy.com
Physical address: 9A, Regus, 1st Floor, Century Way, The Colosseum, Cape Town, 7441
Information officer name: Kevin Hoole
Information officer email: kevin@ioprivacy.com

3. guidance from the information regulator

The Information Regulator has compiled a guide on how to use PAIA, which you can download from their website at https://inforegulator.org.za/paia-guidelines/.

You can also contact the Information Regulator directly using the details below.

Website: www.inforegulator.org.za
Physical address: Woodmead North Office Park, 54 Maxwell Drive, Woodmead, Johannesburg, 2191
Postal address: PO Box 31533, Braamfontein, Johannesburg, 2017
Phone: 08000 17 169 / 010 023 5200
Email for enquiries: enquiries@inforegulator.org.za
Email for complaints: PAIAComplaints@inforegulator.org.za

4. categories of records that are freely available

The list below shows the categories of records we hold that you can access without having to make an official access request, including how you can access them.

Governance
Business background and details – website or email
Law and contract
Public-facing legal terms or notices – website or email
Marketing
Announcements and media statements – website or email
Brochures and marketing materials – website or email
Product and service descriptions – website or email
Product and service price lists – website or email
Contacts
Office contact details – website or email
Information officer contact details – website or email

5. categories of records that we hold in terms of legislation

The list below shows the principal legislation that may require us to hold certain records. You may ask our information officer for more information.

Money
Financial Intelligence Centre Act
Income Tax Act
South African Revenue Service Act
Tax Administration Act
Value Added Tax Act
Technology
Copyright Act
Cybercrimes Act
Electronic Communications and Transactions Act
Regulation of Interception of Communications and Provision of Communication-related Information Act
Information
Promotion of Access to Information Act
Protection of Personal Information Act

6. categories of records that we hold in general

The list below shows the categories of records we hold that you can request access to via an official access request.

Business
Audit and risk records
Meeting records and resolutions
Policies and procedures
Money
Accounting records
Asset registers
Banking records
Financial statements
Insurance records
Tax records
Contracts
Customer contracts
Non-disclosure agreements
Supplier contracts
Operations
Business plans
Correspondence and complaints
Customer records
Management information
Marketing databases
Operational procedures
Technology
Access control records
Data processing records
IT policies and procedures
IT system records

7. requesting access

You can request access to a record by sending our information officer an email with a completed Form 2, which you can download from the Information Regulator’s website at: https://inforegulator.org.za/paia-forms/.

Your request must include enough information for us understand and verify:

your identity and authority to request access;
what information you want to access;
what you need that information for;
how to contact you with our decision.

Your request must also include payment of a R140 request fee. If we grant your request, we may charge you the access fees in the list below.

Paper
A4 page (photocopy or print) – R2.00 / page
Computer readable
Copy on your flash-drive – R40.00
Copy on your CD – R40.00
Copy on our CD – R60.00
Visual image
A4 transcription of visual images – Fee quoted by outsourced provider
Copy of visual images – Fee quoted by outsourced provider
Audio recording
A4 transcription – R24.00 / page
Copy on your flash-drive – R40.00
Copy on your CD – R40.00
Copy on our CD – R60.00
Search required
Search and preparation per hour after the first – R145.00 / hour, not exceeding R435.00
Deposit if search exceeds 6 hours – One-third of the amount per request
Transfer required
Postage, email or other electronic transfer – Actual expense, if any

We may refuse access to a record if you don’t provide the require information or fee, or if your request might harm:

a third party’s privacy,
our or a third party’s commercial information,
a third party’s confidential information,
a person or property’s safety, or
our or a third party’s research information.

8. Availability

We have made this manual available on the Information Regulator’s portal, and may also make it available on our website or head office.

9. updates

We will update this manual regularly, when required.