PAIA Manual

1. INTRODUCTION

  • This PAIA Manual is prepared in accordance with Section 51 of PAIA and the PAIA Regulations, 2019, and incorporates the mandatory POPIA disclosures required by the Information Regulator.

  • This Manual serves as a single reference point for how access to records is requested and how personal information is processed by the Company.

  • This Manual must be read together with the Company’s Privacy Policy, POPIA Compliance Policy, and GDPR Compliance Policy.

2. COMPANY DETAILS

Responsible Party: Creative Tech Worx (Pty) Ltd

Registration Number: 2012/041361/07

Physical Address: Suite 5 & 6, Morehill Office Park 7 Landau Street, Morehill Gauteng, 1501

Website: https://creativetechworx.com

3. INFORMATION OFFICER

  • The Company has appointed an Information Officer (IO), duly registered with the Information Regulator.

Information Officer: Mr E. Coetzer

Email: Legal Department

  • The IO is responsible for PAIA compliance, POPIA governance, access requests, Personal Information Impact Assessments (PIIAs), and staff training oversight.

4. GUIDE TO USING PAIA

  • A guide compiled by the Information Regulator explaining how PAIA may be exercised is available from the Regulator upon request or via its official website.

5. RECORDS HELD BY THE COMPANY

The Company holds records relating to:

  • Corporate governance and administration

  • Financial and tax records

  • Human resources and payroll

  • Client, SaaS user, and subscription records

  • Technical, operational, and security records

6. RECORDS HELD IN TERMS OF OTHER LEGISLATION

As required by Section 51(1)(b)(iii) of PAIA, the Company keeps records in accordance with the following legislation (where applicable):

  • Companies Act 71 of 2008

  • Income Tax Act 58 of 1962

  • Value Added Tax Act 89 of 1991

  • Basic Conditions of Employment Act 75 of 1997

  • Electronic Communications and Transactions Act 25 of 2002

  • Protection of Personal Information Act 4 of 2013

7. RECORDS AVAILABLE WITHOUT A PAIA REQUEST

The following records are available automatically:

  • Website Terms & Conditions

  • Privacy Policy

  • POPIA Compliance Policy

  • GDPR Compliance Policy

  • SaaS and Mobile App Terms & Conditions

8. REQUEST PROCEDURE (MANDATORY FORM 2)

To request access to a record, a requester must:

  • Complete Form 2 (prescribed PAIA request form available from the Information Regulator).

  • Submit the completed form to our Legal Department.

  • Pay the prescribed request fee of R140.00 (for private bodies), unless exempt.

  • Requests will only be processed once the form and applicable fee have been received.

9. REQUEST FEES

Request Fee: R140.00 (as prescribed, subject to change)

Access Fee: May apply depending on the nature and volume of the record

  • All applicable fees will be communicated before access is granted

10. POPIA DISCLOSURES (SECTION 51(1)(C))

10.1 Purpose of Processing

Personal information is processed to:

  • Provide SaaS and mobile application services

  • Manage subscriptions and customer support

  • Administer employee payroll and HR functions

  • Comply with legal and tax obligations

  • Maintain platform security and fraud prevention

10.2 Categories of Data Subjects

Employees: Names, ID numbers, contact details, banking information

Clients / SaaS Users: Names, email addresses, contact details, usage logs

Minors (LifeArk): Names and birth dates, processed only with verified guardian consent

10.3 Categories of Recipients

Personal information may be shared with:

  • Statutory bodies (e.g., SARS, courts)

  • Cloud infrastructure providers (AWS, Supabase)

  • Professional advisors (legal, accounting)

10.4 Transborder Information Flows

  • Personal information may be stored or processed on servers located outside South Africa, including the EU and the United States. All such transfers are safeguarded through Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

11. GROUNDS FOR REFUSAL

Access to records may be refused where disclosure would:

  • Infringe the privacy of a third party

  • Reveal confidential or proprietary commercial information

  • Endanger the safety of individuals or property

  • Prejudice the Company’s legal or security interests

12. SECURITY SAFEGUARDS

  • The Company applies reasonable technical and organisational measures to protect records against loss, unauthorised access, or unlawful processing, in line with POPIA Sections 19–21.

13. AVAILABILITY OF THIS MANUAL

  • This Manual is available:

    • At the Company’s offices:

      • Suite 5 & 6, Morehill Office Park, Gauteng

      • Download PAIA Manual Form 2: PAIA Manual Form 2

      • Upon written request to the Information Officer

14. UPDATES

  • This PAIA Manual will be reviewed periodically and updated to reflect legislative or regulatory changes.