Privacy policy.

Privacy and Protection of Personal Information  (POPI)

 

for

Open Access Energy (Pty) Ltd and its subsidiaries and trading divisions

 

(hereinafter referred to as OA Energy)

1. Introduction

1.1 OA Energy provides a variety of energy technology solutions in the course of which it enters into data transactions which includes the processing, use, disclosure and collection of some Personal Information about its employees, clients, customers, partners and members of the public.  It is obligated to comply with POPI.

1.2  OA Energy is committed to processing data, and specifically Personal Information, in an open, transparent and responsive manner.

2. Purpose and Scope

2.1 This Policy applies to OA Energy, all of its subsidiaries, affiliates, business partners, trade divisions and employees, including Operators.

2.2 The purpose of this Policy is to demonstrate OA Energy’s commitment to safeguarding the Personal Information of all persons, including juristic persons, with whom it interacts and to ensure that OA Energy and its employees comply with the requirements imposed by POPI.

2.3 In particular, the purpose is to establish an institution wide policy that will provide direction with respect to the manner of compliance, give effect to the right of privacy and at the same time, balance the right to privacy against other rights such as the right of access to information, the right to protect important interests such as the free flow of information, regulate the manner in which Personal Information may be processed and establish measures to ensure respect for, and to promote, enforce and fulfil the rights protected.

2.4 The Policy sets out the objectives and directives on applicable protocols within OA Energy to maintain and uphold to the legal requirements and conditions as set out in Chapter 3 of POPI, including the safeguards pertaining to information transactions and specifically when processing Personal Information. OA Energy has aligned and developed its data protection strategies with its statutory obligation to effectively implement the reasonable and necessary technical, structural and organisational measures and operational controls in accordance with the relevant national data legislation and internationally recognised information and communication technology (ICT) standards and recommendations.

2.5 OA Energy is resolute in processing data in an open, lawful and transparent way. This Policy sets out the processes and procedures to align OA Energy’s business strategy and the applicable national legislation, i.e. POPI, in terms of processing Personal Information when it is collected, stored, used, disclosed and destroyed.

2.6 OA Energy will only Process data for the clear, precise and specific purpose for which it is collected from the Data Subject.

2.7 The Policy has application to all stakeholders.  It applies to all employees, service providers and administrators and any person handling Personal Information of customers, suppliers and employees of OA Energy.

2.8 The Policy has application to all information transactions where data is processed, including but not limited to data being exchanged and/or transmitted and which may constitute and/or include Personal Information.

2.9 Parties to an information transaction must therefore understand and comply with this Policy. In the event that a party to such a transaction does not understand any part of this Policy, or has any questions regarding data compliance protocols, that party must approach the Information Officer of the relevant OA Energy Entity.

2.10 Data and Personal Information shall only be collected from Data Subjects who have business dealings with OA Energy for, inter alia, administrative needs, conducting of business operations, and for legislative data compliance and risk analysis.

3.Definitions

In this Policy:

3.1 “Consent” means any voluntary, specific and informed expression agreeing to the processing of Personal Information;

3.2  “Data Subject” means the person to whom the Personal Information relates and in relation to OA Energy, Data Subject would include employees, customers, service providers and administrators and any other individual with whom OA Energy may interact, from time to time, whether or not such person is a natural person or a juristic person;

3.3 “Access Energy” means OA Energy’s free solution which, inter alia, enables municipalities and utilities to access smart meters, collect and interpret data, apply tariffs and bill customers in a single interface;

3.4 “De-identify”, in relation to Personal Information of a Data Subject, means to delete information that:

(a)identifies the Data Subject;

(b) can be used or manipulated by reasonably foreseeable method to identify the Data subject; or

(c)can be linked by a reasonable foreseeable method or other information that identifies a Data Subject,

and “De-identified” has a corresponding meaning;

3.5 “Energy Pro” means OA Energy’s peer-to-peer wheeling solution that, inter alia, uses smart meter data acquired using Access Energy to enable accurate multilateral wheeling transactions;

3.6 “Information Officer” in accordance with section 1 of PAIA means, in respect of any OA Energy Entity: 

(a) the chief executive officer or equivalent officer of that OA Energy Entity or any person duly authorised by that officer; or

(b) the person who is acting as such or any person duly authorised by such acting person;

3.7 “OA Energy” means OA Energy (Pty) Ltd, registration number 2021/109590/07, and includes any and all of OA Energy’s affiliates, business partners, Operators, subsidiaries and trading divisions, including each OA Energy Entity;

3.8 “OA Energy Entity” means each of those entities recorded in Annexure F;

3.9 “OA Energy’s Solutions” means all of OA Energy’s solutions, including Access Energy and Energy Pro;

3.10 “Operator” means a person who processes Personal Information for or on behalf of OA Energy in terms of a contract or mandate, without coming under the direct authority of OA Energy;

3.11  “PAIA” means the Promotion of Access to Information Act;

3.12        “Personal Information” means information that could be used to identify a Data Subject and includes:

(a) race, gender, sex, pregnancy, marital status, national or ethnic origin, colour, sexual orientation, age, physical or mental health, disability, religion, conscience, belief, culture, language;

(b)  education, medical history, financial history, criminal history, employment history;

(c) any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to a person (such as postal address);

(d)biometric information, including physical, psychological or behavioural characterisation including blood typing, finger printing, DNA analysis, retinal scanning and voice recognition;

(e) opinions, views, preferences of the Data Subject and opinions or views of another person about the Data Subject;

(f) correspondence; and

(g) a name;

3.13 “Policy” means this Data Privacy Policy;

3.14 “POPI” means the Protection of Personal Information Act, 4 of 2013;

3.15 “Processing”, as it relates to processing of Personal Information, means any operation or activity, whether or not by automatic means, including:

(a) collecting, receipt, recording, organising, collating, storage, updating, modification, retrieval, alteration, consultation or use;

(b) dissemination by means of transmission, distribution, or making available in any form;

(c) merging, linking, degrading, erasure or destruction

and “Process” shall have the corresponding meaning;

3.16 “Record” means any recorded Personal Information, regardless of its form or medium, including any writing, electronic information, label, marking, image, film, map, graph, drawing, tape and that is in the possession, or under control, of a Responsible Party, irrespective of whether it has been created by the Responsible Party or not and regardless when it came into existence;

3.17 “Regulator” means the information regulator established in terms of section 39 of POPI;

3.18 “Responsible Party” means OA Energy, or an Operator, who engages in the act of Processing Personal Information;

3.19 “Special Personal Information” means personal information concerning:

(a) the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a Data Subject; or

(b) the criminal behaviour of a Data Subject to the extent that such information relates to:

(i) the alleged commission by a Data Subject of any offence; or

(ii) any proceedings in respect of any offence allegedly committed by a Data Subject or the disposal of such proceedings; and

3.20 “Unique Identifier” means any identifier that is assigned to a Data Subject and is used by OA Energy for the purposes of its operations and which uniquely identify the Data Subject in relation to OA Energy.

4. Lawful Processing of Information

4.1 OA Energy collects and receives information from a number of sources, including the following:

(a) directly from the Data Subject;

(b) during the course of OA Energy’s interactions with the Data Subject;

(c) when the Data Subjects uses any of OA Energy’s Systems;

(d) when the Data Subject visits and/or interacts with OA Energy’s website(s) or any other social media platforms or information technology services;

(e)  from publicly available sources; or

(f) from a third party who is authorised to share that information.

4.2 Personal Information may also be generated in the course and scope of OA Energy’s operational activities and in the fulfilment of obligations and duties as specified in contracts with its customers, service providers, business partners and if applicable, any other party, including Operators, to an information transaction where Personal Information is being transferred. OA Energy’s processing protocols are aligned with the conditions set out in Chapter 3 of POPI.

4.3 OA Energy may Process the Personal Information for, inter alia, the following purposes:

(a) to verify the Data Subject’s identity;

(b) to assess, enter into and/or perform in terms of a contract with the Data Subject, including analysing and reporting to a Data Subject who has used any of OA Energy’s Systems;

(c) for training and assessment purposes;

(d) for audit and record-keeping purposes;

(e)  to confirm the Data Subject’s credit worthiness and suitability as a customer or supplier;

(f) to comply with legal, regulatory and/or contractual obligations;

(g) to undertake security and monitoring the measures;

(h) to provide advertising, marketing and the media services to the Data Subject;

(i) to defend any legal claims in connection with the Data Subject contract with the relevant OA Energy or for OA Energy to establish, bring or pursue a claim against the Data Subject; or

(j) otherwise for OA Energy’s legitimate interests or those of a third party.

4.4  Where it is lawful and practicable for OA Energy to allow it, the Data Subject has the right not to identify himself when dealing with OA Energy.  However, if the Data Subject does not provide OA Energy with his/her Personal Information, it may impact OA Energy’s ability to engage with the Data Subject and/or provide services to the Data Subject.

4.5 Chapter 3 of POPI stipulates 8 (eight) provisions for the lawful Processing of information namely accountability, processing limitation, purpose specification, further processing, information quality, openness, security safeguards and Data Subject participation.

4.6 Any employee, service provider or administrator must ensure that:

(a) all Personal Information of employees, service providers and stakeholders is Processed in accordance with the 8 (eight) standards for the lawful Processing of information; and

(b) no Special Personal Information or Personal Information concerning a child is Processed unless the express prior consent of a competent person is first obtained. In the event that either of these categories of information is required to be Processed and it is not possible to first obtain prior written consent, the matter shall be referred to the Information Officer for direction.

4.7 Failure to adhere to these provisions may result in disciplinary or other action being taken.

4.8 In the course of information transactions, certain information may be collected by OA Energy which may be held and labelled as Special Personal Information. Special Personal Information will only be collected where necessary for the purpose for which it is being collected and with the Data Subject’s Consent, unless such collection is demanded and/or authorised by law.

5. Rights of Data Subjects

5.1 OA Energy respects a Data Subject’s right to have his or her or its Personal Information Processed lawfully.

5.2 Data Subjects have the right:

(a) to be notified that Personal Information about him, her or it is being collected or that his, her or its Personal Information has been accessed or acquired by an authorised person;

(b) to establish whether OA Energy holds Personal Information of that Data Subject and to request access thereto;

(c) to request, where necessary, the correction, destruction or deletion of his, her or its Personal Information;

(d) to object, on reasonable grounds relating to his, her or its particular situation to the Processing of his, her or its Personal Information;

(e) to object to the Processing of his, her or its Personal Information at any time for the purposes of direct marketing;

(f) not to be subject, under certain circumstances, to a decision which is based solely on the basis of automated Processing of his, her or its Personal Information intended to provide a profile of such a person;

(g)to submit a complaint to the Regulator regarding the alleged interference with the protection of his, her or its Personal Information; and

(h) to institute civil proceedings regarding the alleged interference with the protection of his, her or its Personal Information.

5.3 To the extent that the legal basis for OA Energy to process a Data Subject’s Personal Information is informed consent, the Data Subject has the right to withdraw such consent at any time. If the Data Subject’s consent is required for further transactions, then such a request must be clear, concise and specific to the use of the service or product for which it is provided.

5.4 Consent, whenever it is obtained, should cover all Processing activities carried out for a specific purpose or purposes. When the Processing has multiple purposes, Consent should be given for each such purpose.

5.5 Withdrawal of Consent will not affect the lawfulness of Processing which occurred prior to such withdrawal.

5.6 All Data Subjects participating in information transactions with OA Energy are entitled to exercise any of their rights by clear, concise communication by email to the Information Officer.

5.7 Data Subjects furthermore have the right to object to Processing of their Personal Information for scientific or historical research purposes or statistical purposes on grounds relating to such Data Subject’s situation or circumstances, unless the Processing is necessary for the performance of a task which is carried out for reasons of public interest.

6. Accountability

6.1 OA Energy holds ultimate responsibility to ensure that the provisions of POPI are complied with for the collection, retention, dissemination and use of the Personal Information.

6.2 This places substantial and ultimate accountability on OA Energy, employees, service providers and administrators to ensure that Personal Information is processed in a lawful manner.

6.3 OA Energy remains responsible for the Processing of information regardless of whether or not the information is passed on to a third party (such as an administrator) or not; provided that agreements must be concluded with those third parties in terms of which they agree to be bound by and comply with the requirements of this Policy and of POPI. Notwithstanding this, OA Energy’s website may contain links to other websites. OA Energy will not be held liable for the privacy controls of third-party websites. Data Subjects may be associated with a unique identifier, which may leave traces which, when combined with other information received by the third-party websites, could be used to create profiles of the Data Subjects and identify them.

6.4 In order to ensure that the provisions of POPI are adhered to by employees, service providers and Operators, OA Energy Entity will appoint an Information Officer, and register the Information Officer with the Regulator.  

6.5 A substantial amount of Personal Information is in electronic form. Employees, service providers and administrators of OA Energy are responsible for information technology and providing the tools to manage and safeguard information.

6.6 Employees, managers, supervisors, service providers and administrators are accountable to OA Energy to report any breaches in data security and to ensure that any risks of breaches are identified and reported.

7. Processing Limitation

7.1 The Personal Information must be processed lawfully and in a reasonable manner, which does not infringe the privacy of the Data Subject.

7.2 The notion of reasonableness incorporates the requirements of balance and proportionality. Employees, service providers and administrators must therefore take into account the interests and reasonable expectations of Data Subjects as well as all of the provisions which are incorporated in these conditions.

7.3 The Processing must be adequate, relevant and not excessive given the purpose for which it is processed.

7.4 Subject to the provisions of section 11(1) of POPI, the Data Subject must consent to the processing of the Personal Information. The consent must be voluntary and clear, however, it does not have to be in writing. Employees, service providers and administrators must ensure that the Data Subject has provided consent when they request Personal Information.

7.5 The Data Subject may at any time withdraw consent, on reasonable grounds, to the processing of its Personal Information.  If a Data Subject withdraws consent, the Personal Information must be deleted or De-identified so that it will no longer be associated with that Data Subject.

7.6 The Processing must be necessary to carry out the actions for the conclusion or performance of a contract to which the Data Subject is a party.

7.7 The Processing must protect a legitimate interest of the Data Subject, and the Processing must be necessary for pursuing the legitimate interest of OA Energy.

7.8 The Personal Information must be collected directly from the Data Subject, except if:

(a) the Personal Information is a matter of public record;

(b) the Data Subject has consented to the collection of the Personal Information from another source;

(c) the collection of the Personal Information from another source would not prejudice a legitimate interest of the Data Subject;

(d) the collection of the Personal Information is necessary by law;

(e) compliance would prejudice a lawful purpose of the collection; or

(f) compliance is not reasonably practicable in the circumstances.

8. Purpose Specification

8.1 The collection of the Personal Information must be for a specific expressly defined purpose, such as for Processing a potential employee or customer’s application, and further examples of which are recorded in clause 4.3 above.

8.2 The purpose of the collection and Processing of Personal Information influences every aspect of the processing of the information, the manner of its collection, periods of retention, further processing, disclosure to third parties and any further issues which may apply.

8.3 While OA Energy will have a duty to notify the Regulator of its purposes and functions, the factor determining the purpose for the collection of Personal Information will always be the specified purpose communicated to the Data Subject.

8.4  The Data Subject must be made aware of the purpose. This enables the Data Subject to make an informed decision as to whether the Personal Information should be made available to the Responsible Party. The purpose for the collection of the Personal Information should be explained to the Data Subject, either telephonically or by the relevant inclusion in the customer application form and/or trading terms and conditions. Examples of the purposes for which Personal Information is obtained are recorded in clause 4.3 above.

8.5 Records of Personal Information must not be retained any longer than is necessary for achieving the purpose for which the information was collected or Processed. OA Energy will determine, with regard to the circumstances surrounding the collection of the Personal Information, the length of time personal records are to be kept for and implement procedures in order to ensure that records are destroyed or De-identified when no longer required.

8.6 The Data Subject must consent in the event that the Personal Information is kept for a period which is longer than necessary for achieving the purpose for which the information was collected. This can be done by way of a contractual arrangement such as provision to this effect in the customer application form and/or trading terms and conditions.

8.7 Where Personal Information is disclosed to Operators as referred to in clauses 13.3 and 13.4 below, such disclosure will only be insofar as is reasonably necessary for the maintenance and completion of business and operational functions.

8.8 OA Energy will ensure that its Vendor Application Process document and Customer Contracts are in compliance with the contents of this Policy and the relevant data legislation.

9. Further Processing

9.1 Any further processing of the Personal Information must be compatible with the purpose for which the Personal Information was initially collected.

9.2 For example, if OA Energy collects Personal Information for the purposes of providing services to a customer, the information cannot be Processed further for the purpose of profiling and marketing products to that customer. The only exception to this is if the Data Subject consents to such use.

9.3 To assist in determining whether further Processing is compatible with the initial purpose of collection, the employee, service provider or administrator must take account of:

(a) the relationship between the purpose for which the Personal Information was originally collected and the intended purpose of any further Processing;

(b) the nature of the Personal Information concerned;

(c)  the consequences of further processing;

(d) the manner in which the Personal Information was collected; and

(e) contractual rights and obligations between the parties.

9.4 Personal Information may be Processed by OA Energy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for such Processing is the Responsible Party’s legitimate interest in the protection and assertion of the Responsible Party’s rights, a Data Subject’s rights and the legitimate interest(s) of any other person(s).

9.5 Personal Information may be Processed by OA Energy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for such Processing is the legitimate interest of OA Energy in diligently protecting its business from risk.

9.6 Financial transactions relating to the OA Energy websites and services may be handled by its payment service providers such as recognised financial institutions. OA Energy will share transaction data with such service providers only to the extent necessary for the purposes of processing payments, refunding of payments, and dealing with complaints and queries relating to payments and refunds.

10. Information Quality

10.1 The employee, service provider or administrator responsible for the Processing of the Personal Information must take reasonable steps to ensure that the Personal Information remains complete, is accurate, is not misleading and is updated where necessary.

10.2 In essence, this condition requires that appropriate Personal Information security measures safeguarding the integrity of the Personal Information be employed.

11. Openness

11.1 The Personal Information must be Processed in a transparent and fair manner.

11.2 The Data Subject must be provided with information which allows the Data Subject to be aware that Personal Information is being collected, the identity of the Responsible Party, the purpose for the collection of the information and whether the supply of the information by the Data Subject is voluntary or mandatory.

11.3 Further, the party responsible for the Processing of the information, whether it be the employee, service provider, Operator or administrator, must maintain all documentation of the Processing operations.

12. Security Safeguards

12.1 OA Energy, as well as all Responsible Parties, undertake to ensure that the appropriate controls are in place to ensure that confidential, internal and Personal Information is disclosed only to those who are authorised and who have a legitimate business related need for such access.

12.2  OA Energy will take all reasonable steps to establish and maintain sufficient security controls, technological and organisational, to ensure that all Personal Information which is Processed by OA Energy is protected against unauthorised alteration, destruction and/or access that may change the integrity of the Personal Information and that it is backed up and stored in a format which is readily accessible by OA Energy.

12.3 The back up solution utilised by OA Energy is designed and based on the principles of lawful Processing and retention policies as set out in the relevant data legislation.

12.4 The party responsible for the Processing of the Personal Information, if not OA Energy (but an Operator), must ensure that the integrity of the Personal Information remains secure against loss, destruction or unlawful access.

12.5 Any service provider, administrator or third-party Processing Personal Information for OA Energy, must do so only with the knowledge and express authorisation of OA Energy and must treat the Personal Information as strictly confidential.

12.6 Employees, managers, supervisors, service providers and administrators have a duty to ensure that Personal Information is not mislaid or inadvertently disclosed by, for example, leaving it displayed on a computer screen or leaving printouts at the printer.

12.7 Any Personal Information which is Processed or accessed outside the office premises of OA Energy must be encrypted to guard against theft.

12.8 Where Personal Information is to be moved to another country in order for business activities to be conducted, the interested and/or authorised parties must consult with their departmental manager, the Data Subject(s) concerned, as well as the Information Officer in order to ensure compliance with POPI and any further applicable legislation, with particular reference to Consent and jurisdictional complications.

12.9 Should OA Energy receive unsolicited Personal Information, it will assess whether it is Personal Information which it is entitled or authorised to collect and Process. If the Personal Information is that which OA Energy is authorised to collect and Process, it will treat this Personal Information in accordance with the principles set out in this Policy. If the Personal Information is not capable of being collected and Processed by OA Energy, it shall destroy or De-Identify the Personal Information as soon as is practicable.

12.10 OA Energy’s automated information technology back-up solution is designed and implemented in accordance with accepted and effective security standards and controls and daily monitoring alerts. In the event of data which is no longer to be retained, and when lawfully able to do so, it will be destroyed and De-Identified as soon as practicably possible and/or upon specific request by completion of the requisite Form 2, a copy of which is attached to this Policy as Annexure D.

12.11 All hard copies of documents must be shredded once the documents are no longer required.

12.12 Once the Personal Information is no longer required or no longer authorised, the records must be destroyed, deleted or De-identified. Records may be kept longer for historical, statistical or research purposes and the appropriate safeguards must be implemented against the use of the records for any other purposes, provided that the consent of the Data Subject is obtained.

13. Disclosure of Information

13.1 The Responsible Parties shall make all reasonable efforts to ensure that the parties to information transactions agree on non-disclosure provisions and consent to transactions which are within the scope of his/ her/ its specific mandate.

13.2 OA Energy will not use or disclose Personal Information for purposes other than the purpose for which it was collected (the “Primary Purpose”) unless:

(a) the Data Subject has consented to the use or disclosure;

(b) the secondary use or disclosure is related to the Primary Purpose, in the case of Personal Information which is not Special Personal Information, or is directly related to the Primary Purpose, in the case of Personal Information which is Special Personal Information; or

(c) it is otherwise required or authorised by or under law or a court/tribunal order.

13.3 It may at times be necessary for OA Energy to disclose Personal Information to third parties, including Operators and/or service providers and as may be permitted or required by law. Where this is the case, OA Energy will enter into a written agreement with the Responsible Party and/or third party.

13.4 An agreement such as that referred to in clause 13.3 must contain an assurance from the Operator or service provider, as the case may be, that such Operator or service provider will, at a minimum, subscribe, match and adhere to the same prescriptions and restrictions pertaining to the processing of Personal Information as is required by the relevant data legislation and this Policy, and that it has adequate or equivalent infrastructure and organisational measures in place which are in accordance with accepted industry standards, and that it will Process Personal Information in strict accordance with an issued mandate and specified instructions from OA Energy only.

13.5 OA Energy reserves the right to disclose Personal Information to any member of the group of companies which comprises OA Energy, together with all of its subsidiaries, partners and affiliates.

13.6 If the recipient of Personal Information is not OA Energy (including its related entities, subsidiaries and trading divisions) then such recipient must be verified as a legitimately interested party and confirm whether the Personal Information is required for the legitimate performance of tasks within the competence of the recipient. The grounds for the request must be verified by OA Energy, as well as the recipient’s competence to receive the Personal Information.

13.7 The necessity of the transmission of Personal Information as referred to in clause 13.6 will be evaluated together with the recipient’s organisational and technical security safeguards and measures as required by law and by this Policy.

13.8 OA Energy may disclose Personal Information to its insurers and/or professional advisors insofar as is reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

13.9 Operators must enter into a data transfer agreement which is subject to limitations on the condition of further Processing and secondary Processing regarding the obtaining of Consent from the Data Subject.

13.10 All requests for confidential, internal or Personal Information which originate from a person or entity outside of OA Energy must be forwarded to the Information Officer or any such duly authorised and appointed representative.

13.11 All requests for confidential, internal or Personal Information which fall outside of the standard business practice or procedure, and which originate from an employee of OA Energy, must be forwarded to the human resources department of OA Energy for employee authentication and thereafter to the Information Officer and/or the employee’s line manager as may be necessary for final authorisation.

13.12 Requests referred to in clause 13.11 must be reasonably considered by the Information Officer and/or the employee’s line manager, as the case may be, and further directives must be issued on the approval thereof.

14. Data Subject Participation

14.1 The Data Subject has the right to request OA Energy to confirm, free of charge, whether OA Energy holds Personal Information about the Data Subject.

14.2 The Data Subject may request OA Energy to provide it with a description of the Personal Information held by it or by a third party within a reasonable time. Any fees charged for providing the Data Subject with the information required shall not be excessive. OA Energy should also advise the Data Subject that the Personal Information may be corrected upon request.

14.3 The Data Subject has a right to access the Personal Information and request a correction or deletion of the Personal Information. OA Energy, employees, service providers and administrators each have a duty to investigate the request and to respond thereto. Any such request must be forwarded to the Information Officer or his or her duly authorised representative.

14.4 Where the Data Subject is an employee, any requests to correct Personal Information must be directed at the Data Subject’s line manager, the human resources department of OA Energy and the Information Officer.

14.5 If there are circumstances where OA Energy believes that the information is accurate and no agreement between the Data Subject and OA Energy can be reached to amend the information, OA Energy is obliged to link the Personal Information in dispute in such a manner that it will always be read with an indication that the correction of the Personal Information has been requested by the Data Subject, but has not been made.

14.6 In instances where changes have been made which may impact on decisions taken using Personal Information, POPI imposes a duty on OA Energy to advise, if reasonably practical, any third parties to whom the information may have been disclosed.

14.7 OA Energy, as a Responsible Party, will only use Personal Information for direct marketing with the Data Subject’s Consent. Such Consent will be obtained either:

(a)  in writing, by requesting completion of a prescribed form which must be returned to OA Energy via email at legalnotices@openaccess.energy. A copy of the prescribed Form 4 is attached to this Policy as Annexure E; or

(b) electronically, by requesting the Data Subject to tick an electronic box on email, or otherwise, it being recorded that the relevant provisions of Form 4 (Annexure E) are to be complied with.

14.8 Data Subjects retain the right to object to OA Energy’s processing of Personal Information for direct marketing purposes. If such an objection is made, OA Energy will cease to process such Data Subject’s Personal Information.

15. Breach of Policy

15.1 Failure to comply with the rules and standards set out in this Policy, and those policies which have been incorporated by reference herein, may be regarded as a transgression of company policy and must be reported to the relevant Information Officer.

15.2 Incidents of any breach of this Policy must be reported immediately to the relevant Information Officer by email. The Information Officer must investigate the breach as soon as practically possible and notify the Regulator as may be appropriate, necessary and applicable.

15.3 Where there are reasonable grounds to believe that Personal Information has been accessed, acquired, destroyed or altered by any unauthorised person, the Responsible Party must notify the Regulator and the Data Subject(s), unless the identity of the Data Subject(s) cannot be established.

15.4 Where there are reasonable grounds to believe that Personal Information has been accessed, acquired, destroyed or altered by any unauthorised person, notifications will be actioned and sent to the Data Subject(s) concerned, unless the identity of the Data Subject(s) cannot be established, in which case a notification shall be published on OA Energy’s website and sent to all relevant parties via email or otherwise. Such notification must be sent via email, as soon as is reasonably possible after discovery of the compromise and to enable a Data Subject to take pre-emptive measures as may be available and/or appropriate, taking into account the legitimate needs of law enforcement and any measures which may be necessary to determine the scope of the compromise and to restore the integrity of the Responsible Party’s Records.

16. Policy Maintenance

  • OA Energy shall review this Policy at least every (3) three years or more frequently as needed to respond to changes in the regulatory and legislative environment, as well as technological advancement in privacy protection.

Annexure A: Rights of Data Subjects

Section 5 of POPI states that a Data Subject has the right to have his, her or its Personal Information Processed in accordance with the conditions for the lawful Processing of Personal Information, including the right:

· to be notified that:

  • Personal Information about them is being collected as provided for in terms of section 18; or

  • their Personal Information has been accessed or acquired by an unauthorised person as providedfor in terms of section 22;

  • to establish whether a Responsible Party holds Personal Information of that Data Subject and to request access to their Personal Information as provided for in terms of section 23;

  • to request, where necessary, the correction, destruction or deletion of their personal information as provided for in terms of section 24;

  • to object, on reasonable grounds relating to their particular situation to the processing of their personal information as provided for in terms of section 11(3)(a);

  • to object to the processing of their personal information: 

  • at any time for purposes of direct marketing in terms of section 11(3)(b); or

  • in terms of section 69(3)(c)

  • not to have his, her or its personal information processed for purposes of direct marketing by means of unsolicited electronic communications except as referred to in section 69(1); 

  • not to be subject, under certain circumstances, to a decision which is based solely on the basis of the automated processing of their personal information intended to provide a profile of such person as provided for in terms of section 71; 

  • to submit a complaint to the Regulator regarding the alleged interference with the protection of the personal information of any Data Subject or to submit a complaint to the Regulator in respect of a determination of an adjudicator as provided for in terms of section 74; and 

  • to institute civil proceedings regarding the alleged interference with the protection of his, her or its personal information as provided for in section 99.


Annexure B: POPIA Guide to OA Energy Employees

The following principles for the protection of personal information of Data Subjects must be applied by all OA Energy employees: 

1. Email addresses of participants on group emails must be blind copied to prevent unauthorised distribution of email addresses;

2. Internal email trails must be removed from emails when communicating externally;

3. Employee and customer information may not be used for purposes other than those of OA Energy;

4. Confidential information must be locked away;

5. Confidential information must not be left on unattended desks or on printers;

6. No personal information may be forwarded to a third party without the express written permission of the Data Subject;

7. Third party service providers responsible for the protection of information must sign and agree to this policy.

 
Annexure C: Information Officer’s Responsibilities

1.  Attending on this Policy and POPI is to occur at regular intervals so that all employees are made aware of the Policy and POPI.

2.  Each new employee will be required to sign an employment contract containing relevant consent clauses for the use and storage of employee information or any other action so required in terms of POPI.

3.  Every employee currently employed by OA Energy will be required to sign an addendum to their employment contract containing relevant consent clauses for the use and storage of employee information, or other action, as so required, in terms of POPI.

4. OA Energy archived client information which is stored onsite which is also governed by POPI, and access to these areas is limited to authorised personnel.

5.  Where OA Energy supplies other third party service providers with Personal Information, they will be required to sign a service level agreement guaranteeing their commitment to POPI.

6. All electronic files or data are backed up by the OA Energy IT division which is also responsible for system security that protects third party access and physical threats.

OA Energy has prepared a manual in terms of PAIA. The manual has been placed on OA Energy’s website and made available at OA Energy’s principal place of business.

FORM 2

 

REQUEST FOR CORRECTION OR DELETION OF PERSONAL INFORMATION OR DESTROYINGOR DELETION OF RECORD OF PERSONAL INFORMATION IN TERMS OF SECTION 24(1) OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (ACT NO. 4 OF 2013)

 

REGULATIONS RELATING TO THE PROTECTION OF PERSONAL INFORMATION, 2018

[Regulation 3]

 

Note:

1.  Affidavits or other documentary evidence as applicable in support of the request may be attached.

2.  If the space provided for in this Form is inadequate, submit information as an Annexure to this Form and sign each page.

3. Complete as is applicable.

Mark the appropriate box with an "x".

Request for:

  1. Correction or deletion of the personal information about the data subject which is in possession or under the control of the responsible party.

  2. Destroying or deletion of a record of personal information about the data subject which is in possession or under the control of the responsible party and who is no longer authorised to retain the record of information.

(A) DETAILS OF THE DATA SUBJECT

Name(s) and surname / registered name of data subject: 

                                                                               

Unique identifier/ Identity Number:

                                                                               


Residential, postal or business address:

                                                                               

Contact number(s):

                                                                               

Fax number / E-mail address:

                                                                               

 (B) DETAILS OF RESPONSIBLE PARTY

Name(s) and surname / registered name of responsible party:

                                                                               

Residential, postal or business address:

                                                                               

Contact number(s):

                                                                               

Fax number/ E-mail address:

                                                                               

(C) INFORMATION TO BE CORRECTED/DELETED/ DESTRUCTED/ DESTROYED

                                                                                                                                                               

                                                                                                                                                               

                                                                                                                                                               

(D) REASONS FOR *CORRECTION OR DELETION OF THE PERSONAL INFORMATION ABOUT THE DATA SUBJECT IN TERMS OF SECTION 24(1)(a) WHICH IS IN POSSESSION OR UNDER THE CONTROL OF THE RESPONSIBLE PARTY ; and or

                                                                                                                                                               

                                                                                                                                                               

                                                                                                                                                               

REASONS FOR *DESTRUCTION OR DELETION OF A RECORD OF PERSONAL INFORMATION ABOUT THE DATA SUBJECT IN TERMS OF SECTION 24(1)(b) WHICH THE RESPONSIBLE PARTY IS NO LONGER AUTHORISED TO RETAIN.

                                                                                                                                                               

                                                                                                                                                               

                                                                                                                                                               

(Please provide detailed reasons for the request)

 

Signed at .......................................... this ...................... day of ...........................20………...

 

 

...........................................................................

Signature of data subject/ designated person

 

Annexure E: Form 4

FORM 4

 

APPLICATION FOR THE CONSENT OF A DATA SUBJECT FOR THE PROCESSING OF PERSONAL INFORMATION FOR THE PURPOSE OF DIRECT MARKETING IN TERMS OF SECTION 69(2) OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (ACT NO.

4 OF 2013)

 

REGULATIONS RELATING TO THE PROTECTION OF PERSONAL INFORMATION, 2018

[Regulation 6]

 TO:                                                                                                                                                                   (Name of data subject)

FROM:                                                                                 

Contact number(s):                                                                                

Fax number:                                                                                   

E-mail address:                                                                                 

(Name, address and contact details of responsible party) 

 

Full names and designation of person signing on behalf of responsible party:

                                                                                                                                                               

                                                                                                                                                               

 

 

.............................................................

Signature of designated person

 

Date:                                          

 

PART B

I,                                                                                 (full names of data subject) hereby:

Give my consent.

To receive direct marketing of goods or services to be marketed by means of electronic communication.

SPECIFY GOODS or SERVICES:

 

SPECIFY METHOD OF COMMUNICATION:          

FAX:                                                                                

E - MAIL:                                                                                

SMS:                                                                                

OTHERS – SPECIFY:                                                                                

 

 

Signed at ....................................... this ...................... day of .......................... 20 .....

 

 

 

………………………………………………………………

Signature of data subject

 Annexure F: OA Energy Entities

  1. Open Access Energy (Pty) Ltd;

  2. Opacc Kapital (Pty) Ltd;

  3. Cleanvest Energy (Pty) Ltd;

PAIA Manual

THE OPEN ACCESS ENERGY GROUP

Interpretation

1.1 The Promotion of Access to Information Act No. 2 of 2000, (“the Act”) came into operation on 23 November 2001. Section 51 of this Act requires that private bodies compile a manual giving information to the public regarding the procedure to be followed in requesting information for the purpose of exercising or protecting rights.

1.2 The Open Access Energy Group, being Open Access Energy (Pty) Ltd, Registration Number 2021/109590/07, and all of its affiliates and business partners, is a group of companies that provides a variety of energy technology solutions.

1.3 We, as a group of private entities, have compiled this manual, not only to comply with the provisions of the Act, but also to foster a culture of transparency and accountability in our environment and to ensure that members of the public have effective access to information in our possession which will assist them in the exercise and protection of their rights.

1.4 The categories of information which we possess, which you are able to access, is dealt with in this manual. You will also be shown the correct procedure to follow should you require access to any of this information.

1.5 A copy of this manual is also available on our website.

Section A – Our details

Full Name: The Open Access Energy Group, being Open Access Energy (Pty) Ltd, registration number 2021/109590/07, and all of its affiliates, business partners, subsidiaries and trading divisions, including each of the entities recorded in Annexure “A”. 

Registered Number: See Annexure “A

Registered Address: See Annexure “A

Postal Address: See Annexure “A

Telephone Number: See Annexure “A

Fax Number: See Annexure “A

Head/CEO:  See Annexure “A

Designated Information Officer: See Annexure “A

Email Address of Information Officer:See Annexure “A

Website: See Annexure “A

Section B – The Official Guide

In accordance with section 10 of the Act, the South African Human Rights Commission (SAHRC) has published a guide (“the Guide”) containing information reasonably required by a person wishing to exercise or protect any right in terms of this Act. This Guide appears on the South African Human Rights Commission’s website (www.sahrc.org.za under the “Home” tab, click on the link “Understanding PAIA”) and contains the following information:

3.1  Section 1 – Introduction (including the purpose of the Guide and PAIA, other relevant legislation and the role of SAHRC).

3.2 Section 2 – Making a Request for a Record: Before you Begin (including the purpose of PAIA manuals and access to automatically available records).

3.3 Section 3 –Making a Request for Information: The Process (including the forms of request, who can make a request, the fees involved and the roles and duties of information officers).

3.4 Section 4 – Responses to a Request for Information (including types of responses, when a request may be refused and third party notification processes).

3.5 Section 5 – Legal Remedies Against Decisions (including action to be taken once a decision is made, internal and court remedies).

3.6 Section 6 – Key References and Other Useful Materials.

Enquiries regarding the Guide can be addressed to the SAHRC, the contact details of which are as follows:

Post:
South African Human Rights Commission

Promotion of Access to Information Act Unit

Research and Documentation Department

Private Bag X2700

Houghton

2041 

Telephone: (011) 877-3600

Fax: (011) 403-0625

Website: www.sahrc.org.za

E-mail:  lidlamini@sahrc.org.za and info@sahrc.org.za

Section C – Information available in terms of the Act

4.1 Categories of information

We hold the following categories of information in respect of each entity within the Open Access Energy Group:

(a)  STATUTORY COMPANY INFORMATION

(i) A copy of the Memorandum of Incorporation and any amendments or alterations to it.

(ii) A copy or copies of rules made in terms of sections 15(3) to (5) of the Companies Act No. 71 of 2008 (“Companies Act”).

(iii) A record of our directors.

(iv) Copies of reports presented at annual general meetings.

(v) Copies of Annual Financial Statements, including:

(A) the auditor’s report, if the Annual Financial Statements are audited; and

(B) the directors’ report.

(vi) Copies of accounting records required by the Companies Act.

(vii) Notices of all shareholders[1] meetings / members’ meetings.[2]

(viii) Minutes of all shareholders meetings / members’ meetings.

(ix) All resolutions adopted by shareholders / members and any documents made available by us to the shareholders / members in relation to their resolutions.

(x) Copies of written communications sent generally by us to shareholders / members.

(xi) Minutes of all meetings of directors, or directors’ committees, or the audit committee (if any).

(xii) Resolutions of directors, or directors’ committees, or the audit committee (if any).

(xiii) Securities register / members’ register.

(xiv) A record of our company secretaries and auditors (if any), including:

(A) the name of each such person; and

(B) the date of each of their appointments.

(b) ACCOUNTING RECORDS

(i) Books of account including journals and ledgers.

(ii) Delivery notes, orders, invoices, statements, receipts, vouchers and bills of exchange.

(c) STATUTORY EMPLOYEE RECORDS

(i) Employees’ names and occupations.

(ii) Time worked by each employee.

(iii) Remuneration paid to each employee.

(iv) Date of birth of each employee under the age of 18 years (if any).

(v) Wages register (if applicable).

(vi) Attendance register.

(vii) Employment equity plan (if applicable).

(viii) Salary and wages register.

(ix) Records of foreign employees (if any).

(x) Collective agreements (if any) and any records required in terms thereof.

(xi) Arbitration awards (if any) and any records required in terms thereof.

(xii) Determinations made in terms of the Wage Act (if any) and any records required in terms thereof.

(xiii) Records of strikes, lockouts or protest action (if any).

(xiv) Industrial training records (if applicable).

(xv) Staff records (after date of employment ceases).

(xvi) Expense accounts.

(xvii) Tax returns of employees.

(xviii) Skills development plan (if applicable).

(d) OTHER EMPLOYEE RECORDS

(i) Employee contracts.

(ii)  Incentive schemes.

(iii) Employee stock purchase plan.

(e) INTELLECTUAL PROPERTY

(i) Copyright-protected material.

(ii) Agreements relating to intellectual property such as licence agreements, secrecy agreements, research and development agreements, consulting agreements, use agreements, joint venture agreements and joint development agreements.

(f) AGREEMENTS AND CONTRACTS

(i) Material agreements concerning the provision of services or materials.

(ii) Joint venture agreements, partnership agreements, participation, franchise, co-marketing, co‑promotion or other alliance agreements.

(iii) Agreements with shareholders, officers or directors.

(iv)Agreements with contractors and suppliers.

(v) Agreements with customers.

(vi) Warranty agreements.

(vii) Sale agreements.

(viii) Distributor, dealer or agency agreements.

(ix) Restraint agreements.

(x) Agreements with governmental agencies.

(xi) Purchase or lease agreements.

(g) TAXATION

(i) Copies of all Income Tax Returns and other tax returns and documents.

(h)  LEGAL

(i)  Complaints, pleadings, briefs and other documents pertaining to any actual, pending or threatened litigation, arbitration or investigation.

(ii) Settlement agreements.

(iii) Material licences, permits and authorisations.

(i) INSURANCE

(i) Insurance policies.

(ii) Claim records.

(iii) Details of insurance coverages, limits and insurers.

(j)  INFORMATION TECHNOLOGY

(i)  Hardware.

(ii) Operating systems.

(iii) Software packages.

(iv) Disaster recovery.

(v) Internal systems support and programming / development.

(vi) Capacity and utilization of current systems.

(vii) Development or investment plans.

(viii) Agreements.

(ix) Licenses.

(x) Audits.

(k) SALES AND MARKETING

(i) Products.

(ii) Markets.

(iii) Customers.

(iv) Brochures, newsletters and advertising materials.

(v)  Sales.

(vi) Public relations policies and procedures.

(vii)  Domestic and export orders.

4.2  Procedure for requesting access to the above information

(a) If you wish to request access to any of the above categories of information, you are required to complete a request form as set out in AnnexureB” hereto. These forms are available from:

(i) our Information Officer (whose contact details are in section A of this manual);

(ii) the SAHRC website (whose contact details are in section B of this manual); and

(iii) the Department of Justice and Constitutional Development website (www.doj.gov.za).

(b)There is a prescribed fee (payable in advance) for requesting and accessing information in terms of the Act. Details of these fees are contained in the request form and in

AnnexureC” hereto.

(c)You may also be called upon to pay the additional fees prescribed by regulation for searching for and compiling the information which you have requested, including copying charges. 

(d) It is important to note that access is not automatic – you must identify the right you are seeking to exercise or protect and explain why the record you request is required for the exercise or protection of that right. You will be notified in the manner indicated by you on the request form whether your request has been approved.

Section D – Information available in terms of other legislation

Where applicable to our operations, information is also available in terms of certain provisions of the following statutes:

·   Administration of Estates Act No. 66 of 1965

·   Armaments Corporation of South Africa, Limited Act No. 51 of 2003

·   Banks Act No. 94 of 1990

·   Basic Conditions of Employment Act No. 75 of 1997

·   Child Justice Act No. 75 of 2008

·   Children’s Act No. 38 of 2005

·   Collective Investment Schemes Control Act No. 45 of 2002

·   Companies Act No. 71 of 2008

·   Compensation for Occupational Injuries and Diseases Act No. 130 of 1993

·   Competition Act No. 89 of 1998

·   Construction Industry Development Board Act No. 38 of 2000

·   Consumer Protection Act No. 68 of 2008

·   Co-operatives Act No. 14 of 2005

·   Co-operatives Bank Act No. 40 of 2007

·   Correctional Services Act No. 111 of 1998

·   Customs and Excise Act No 91 of 1964

·   Debt Collectors Act No. 114 of 1998

·   Defence Act No. 42 of 2002

·   Designs Act No. 195 of 1993

·   Drugs and Drug Trafficking Act No. 140 of 1992

·   Electronic Communications and Transactions Act No. 25 of 2002

·   Employment Equity Act No. 55 of 1998

·   Estate Duty Act No. 45 of 1955

·   Financial Intelligence Centre Act No. 38 of 2001

·   Firearms Control Act No. 60 of 2000

·   Health Professions Act No. 56 of 1974

·   Home Loan and Mortgage Disclosure Act No. 63 of 2000

·   Housing Act No. 107 of 1997

·   Housing Development Agency Act No. 23 of 2008

·   Income Tax Act No. 58 of 1962

·   International Trade Administration Act No. 71 of 2002

·   Labour Relations Act No. 66 of 1995

·   Land and Agricultural Development Bank Act No. 15 of 2002

·   Legal Deposit Act No. 54 of 1997

·   Liquor Act No. 59 of 2003

·   Local Government: Municipal Finance Management Act No. 56 of 2003

·   Long-term Insurance Act No. 52 of 1998

·   Mine Health and Safety Act No. 29 of 1996

·   Mineral and Petroleum Resources Development Act No. 28 of 2002

·   National Conventional Arms Control Act No. 41 of 2002

·   National Credit Act No. 34 of 2005

·   National Environmental Management Act No. 107 of 1998

·   National Environmental Management Integrated Coastal Management Act No. 24 of 2008

·   National Environmental Management Waste Act No. 59 of 2008

·   National Key Points Act No. 102 of 1980

·   National Nuclear Regulator Act No. 47 of 1999

·   National Qualifications Framework Act No. 67 of 2008

·   National Railway Safety Regulator Act No. 16 of 2002

·   National Regulator for Compulsory Specifications Act No. 5 of 2008

·   National Road Traffic Act No. 93 of 1996

·   National Water Act No. 36 of 1998

·   Nuclear Energy Act No. 131 of 1993

·   Nuclear Energy Act No. 46 of 1999

·   Occupational Health and Safety Act No. 85 of 1993

·   Prevention of Organised Crime Act No. 121 of 1998

·   Prohibition or Restriction of Certain Conventional Weapons Act No. 18 of 2008

·   Public Audit Act No. 25 of 2004

·   Public Finance Management Act No. 1 of 1999

·   Regulation of Interception of Communications and Provision of Communication-related Information Act No. 70 of 2002

·   Road Transportation Act No. 74 of 1977

·   Securities Services Act No. 36 of 2004

·   Securities Transfer Tax Administration Act No. 26 of 2007

·   Security Officers Act No. 92 of 1987

·   Short-term Insurance Act No. 53 of 1998

·   Skills Development Levies Act No. 9 of 1999

·   South African Police Service Act No. 68 of 1995

·   South African Schools Act No. 84 of 1996

·   Space Affairs Act No. 84 of 1993

·   Spatial Data Infrastructure Act No. 54 of 2003

·   Transfer Duty Act No. 40 of 1949

·   Unemployment Insurance Act No. 63 of 2001

·   Unit Trusts Control Act No. 54 of 1981

·   Value-Added Tax Act No. 89 of 1991

·   Witness Protection Act No. 112 of 1998

Where applicable to our operations, we also retain records and documents in terms of the following statutes:

·   Agricultural Produce Agents Act No. 12 of 1992

·   Basic Conditions of Employment Act No. 75 of 1997

·   Close Corporations Act No. 69 of 1984

·   Companies Act No. 71 of 2008

·   Compensation for Occupational Injuries and Diseases Act No. 130 of 1993

·   Co-operatives Act No. 14 of 2005

·   Co-operatives Bank Act No. 40 of 2007

·   Customs and Excise Act No. 91 of 1964

·   Diamond Export Levy (Administration) Act No. 14 of 2007

·   Employment Equity Act No. 55 of 1998

·   Estate Agency Affairs Act No. 112 of 1976

·   Explosives Act No. 26 of 1956

·   Firearms Control Act No. 60 of 2000

·   Financial Intelligence Centre Act No. 38 of 2001

·   Health Professions Act No. 56 of 1974

·   Immigration Act No. 13 of 2002

·   Income Tax Act No. 58 of 1962

·   Insolvency Act No. 24 of 1936

·   Labour Relations Act No. 66 of 1995Liquor Act No. 59 of 2003

·   Machinery and Occupational Safety Act No. 6 of 1983

·   Mine Health and Safety Act No. 29 of 1996

·   Mineral and Petroleum Resources Development Act No. 28 of 2002

·   Mutual Banks Act No. 124 of 1993

·   National Credit Act No. 34 of 2005

·   National Payment System Act No. 78 of 1998

·   National Water Act No. 36 of 1998

·   Nursing Act No. 50 of 1978

·   Occupational Health and Safety Act No. 85 of 1993

·   Older Persons Act No. 13 of 2006

·   Prescription Act No. 68 of 1969

·   Regulation of Interception of Communications and Provision of Communication-related Information Act No. 70 of 2002

·   Second-Hand Goods Act No. 6 of 2009

·   Sectional Titles Act No. 95 of 1986

·   Securities Services Act No. 36 of 2004

·   Securities Transfer Tax Administration Act No. 26 of 2007

·   Skills Development Act No. 97 of 1998

·   Traditional Health Practitioners Act No. 22 of 2007

·   Transfer Duty Act No. 40 of 1949

·   Value-added Tax Act No. 89 of 1991

 

Section E – Information automatically available

The following categories of records are automatically available for inspection, purchase or photocopying. In other words, you do not need to request this information in terms of the Promotion of Access to Information Act.

Request forms for these categories of information are also available from our Information Officer, whose contact details appear in section A of this manual.

1. Newsletters.

2. Booklets.

3. Pamphlets / Brochures.

4. Posters.

5. Other literature intended for public viewing.

Section F - POPI

This manual is to be read together with the Open Access Energy Group’s policy in terms of the Protection of Personal Information Act 4 of 2003 (the POPI policy).  The POPI policy is published together with this PAIA manual and is furthermore available upon request from the information officer.

The POPI policy contains, amongst other things, information pertinent to:

1. The purpose for which we process personal information;

2.  The categories of data subjects in respect of which we process personal information, and the categories of information relating thereto;

3. The categories of recipients to whom we supply personal information;

4. Any planned transborder flows of personal information; and

5. A description of the information security measures which we implement to ensure the confidentiality, integrity and availability of the personal information which we process.

[1] In terms of the Companies Act, a reference to a shareholder of a company is a reference to a holder of any securities in that company, including but not limited to shares and debt instruments.

[2]  If the company is a non-profit company then reference to “shareholders” or “securities” should be replaced with reference to “members” wherever indicated.

It is recorded that, for the avoidance of doubt, the list of entities within the Open Access Energy Group may be subject to change from time to time. An updated list of entities within the Open Access Energy Group may be obtained from Open Access Energy Head Office on contact number +27837217011 or requested by email to legalnotices@openaccess.energy.

Annexure B: Form C

FORM C

REQUEST FOR ACCESS TO RECORD OF PRIVATE BODY

(Section 53 (1) of the Promotion of Access to Information Act, 2000(Act No. 2 of 2000))

[Regulation 10]

A. Particulars of private body

The Head:

                                                                               

                                                                               

                                                                               

B. Particulars of person requesting access to the record

 

 (aThe particulars of the person who requests access to the record must be given below.

 (bThe address and/or fax number in the Republic to which the information is to be sent must be given.

(c) Proof of the capacity in which the request is made, if applicable, must be attached.

 

Full names and surname:

                                                                               

Identity number:

                                                                               

Postal address:

                                                                               

                                                                               

                                                                               

                                                                               

Fax number:

                                                                               

Telephone number:

                                                                               

E-mail address:

                                                                               

Capacity in which request is made, when made on behalf of another person:

                                                                               

C. Particulars of person on whose behalf request is made

 

This section must be completed ONLY if a request for information is made on behalf of another person.

 

Full names and surname:

                                                                               

Identity number:

                                                                               

 

D. Particulars of record

(a) Provide full particulars of the record to which access is requested, including the reference number if that is known to you, to enable the record to be located.

(b)If the provided space is inadequate, please continue on a separate folio and attach it to this form. The requester must sign all the additional folios.

1.  Description of record or relevant part of the record:

                                                                               

2.  Reference number, if available:

                                                                               

3.  Any further particulars of record:

                                                                               

E.  Fees

 

(aA request for access to a record, other than a record containing personal information about yourself, will be processed only after a request fee has been paid.

(b)  You will be notified of the amount required to be paid as the request fee.

(c) The fee payable for access to a record depends on the form in which access is required and the reasonable time required to search for and prepare a record.

(dIf you qualify for exemption of the payment of any fee, please state the reason for exemption.

Reason for exemption from payment of fees:

                                                                               

                                                                               

 

F.  Form of access to record

If you are prevented by a disability to read, view or listen to the record in the form of access provided for in 1 to 4 hereunder, state your disability and indicate in which form the record is required.

 

Disability:

                                                                               

 

 

Form in which record is required:

                                                                               

                                                                               

                                                                               

Mark the appropriate box with an X.

NOTES:

(aCompliance with your request in the specified form may depend on the form in which the record is available.

(bAccess in the form requested may be refused in certain circumstances. In such a case you will be informed if access will be granted in another form.

(c) The fee payable for access to the record, if any, will be determined partly by the form in which access is requested.

 

  1.  If the record is in written or printed form:

 

copy of record*

 

inspection of record

 2.  If record consists of visual images

(this includes photographs, slides, video recordings, computer-generated images, sketches, etc.):

view the images

 

copy of the images*

 

transcription of the images*

 3.  If record consists of recorded words or information which can be reproduced in sound:

 

listen to the soundtrack (audio cassette)

 

transcription of soundtrack* (written or printed document)

 4.  If record is held on computer or in an electronic or machine-readable form:

 

printed copy of record*

 

printed copy of information derived from the record*

 

copy in computer readable form* (stiffy or compact disc)

*If you requested a copy or transcription of a record (above), do you wish the copy or transcription to be posted to you?

Postage is payable.

YES

NO

 

G. Particulars of right to be exercised or protected

 

If the provided space is inadequate, please continue on a separate folio and attach it to this form. The requester must sign all the additional folios.

 

1.  Indicate which right is to be exercised or protected:                                                                                

                                                                                                                                                                                                                          

2.  Explain why the record requested is required for the exercise or protection of the aforementioned right:                                                                                

                                                                                                                                                                         

H. Notice of decision regarding request for access

 

You will be notified in writing whether your request has been approved/denied. If you wish to be informed in another manner, please specify the manner and provide the necessary particulars to enable compliance with your request.

 

How would you prefer to be informed of the decision regarding your request for access to the record?

                                                                               

                                                                               

Signed at                            this                            day of                            20             

                                                                               

SIGNATURE OF REQUESTER/PERSON ON WHOSE BEHALF REQUEST IS MADE