POPIA

MANUAL PREPARED IN TERMS OF SECTION 51 OF THE PROMOTION OF ACCESS TO INFORMATION ACT  (Act 2 of 2000) 

SECTION 1: INTRODUCTION 

The purpose of the Credit Ombud (“the CO”) is to effectively resolve disputes within the credit industry, comprising: 

  • Non-bank credit matters including, but not limited to credit transactions from the furniture and clothing retailers, micro-lenders, non-bank motor and home financiers; 
  • All Credit Information matters, including service providers who list data on the Credit Bureaux; 
  • Disputes relating to Credit Providers; 
  • The CO Council may from time to time decide what type of disputes the office of the CO should accept and investigate; and 
  • A further objective of the Credit Ombud is to provide consumer education to the public in respect of the role and functions of the CO’s Office as well as on matters of a general financial nature. 

Values 

The values of the CO are not negotiable and cannot be diminished in any way.  

Fairness 

The CO will act in the best interests of all the parties, taking both sides into consideration and considering the merits of each case carefully.  

Independent 

The CO will not take sides and will remain impartial at all times. No individual or organization will be in a position to unduly influence the Ombudsman or the staff of the CO in relation to any matter.  

Honest 

The CO will openly deal with any issues brought before it, asking the relevant questions and communicating clearly and transparently. 

In resolving disputes, the CO shall: 

  • act independently and objectively; and 
  • have regard to the law, fairness, justice, equity and fundamental human rights and values as prescribed by the principles of ‘UBUNTU’ 

The CO must balance the rights of consumers on the one hand and the rights of the members on the other hand. 

SECTION 2: INFORMATION REQUIRED UNDER SECTION 51(1) (a) OF THE ACT 

Designated Head of Credit Ombud:  
Howard Gabriels 
Credit Ombud 

Postal Address of Credit Ombud:  
P. O. Box 805 
Pinegowrie 
2123 

Street Address of the Credit Ombud:   
Fernridge Office Park 
Block 3 
5 Hunter Street 
Randburg 

Tel. No of Credit Ombud:  0861 66 28 37 
Fax. No of Credit Ombud: +27 (0)11 388 8250 
E- Mail address of Credit Ombud: ombud@creditombud.org.za 

Person delegated to deal with requests (for “the designated head”):  
Ms. Avitha Nofal 
Board Secretary and Head of Call Centre 
Email: AvithaN@creditombud.org.za 

Mr Lee Soobrathi 
Head of Case Management 
Email: LSoobrathi@creditombud.org.za 

SECTION 3: DESCRIPTION OF GUIDE REFERRED TO IN SECTION 10 

A Guide has been compiled in terms of Section 10 of PAIA by the South African Human Rights Commission (SAHRC). It contains information required by a person wishing to exercise any right, contemplated by PAIA. It is available in all of the official languages. 

The Guide is available for inspection, inter alia, at the office of the offices of the Human Rights Commission at 29 Princess of Wales Terrace, corner York and St. Andrews Street, Parktown, Johannesburg, Gauteng and at www.sahrc.org.za 

For further information please contact the SAHRC: 
E-mail: PAIA@sahrc.org.za 
Postal address: Private Bag 2700, Houghton, 2041 
Telephone: +27 11 484 8300 
Fax: +27 11 484 0582 

SECTION 4: RECORDS AVAILABLE IN TERMS OF OTHER LEGISLATION 

Records available in terms of other legislation are as follows: 
Arbitration Act No. 42 of 1965  
Banks Act No. 94 of 1990 
Basic Conditions of Employment Act No. 75 of 1997  
Companies Act No 71 of 2008 and Applicable Regulations 
Consumer Affairs (Unfair Business Practice) Act No. 71 of 1988  
Consumer Protection Act 68 of 2008 
Debt Collector’s Act No. 114 of 1998  
Electronic Communications Act, No. 36 of 2005; 
Electronic Communications and Transactions Act No 25 of 2002 
Financial Advisory and Intermediary Services Act 37 of 2002  
Financial Intelligence Centre Act No. 38 of 2001.  
Financial Services Board Act No. 97 of 1990  
Identification Act 68 of 1997 
Income Tax Act No 58 of 1962 
Insurance Act No. 27 of 1943  
Labour Relations Act No 66 of 1995  
Long –Term Insurance Act No. 52 of 1998  
Medical Schemes Act 131 of 1998; 
National Credit Act No. 34 of 2005  
Nonprofit Organisations Act No. 71 of 1997 
Pension Funds Act No 24 of 1956  
Prevention and Combating of Corrupt Activities Act No 12 of 2004 
Promotion of Access to Information Act No.2 of 2000  
Protected Disclosures Act No. 26 of 2000 
Protection of Personal Information Act 4 of 2013 
Information Act No. 70 of 2002 
Skills Development Act 97 of 1998 
Skills Development Levies Act No 9 of 1999 
Unemployment Insurance Act No. 63 of 2001  
Unemployment Insurance Contributions Act No 4 of 2002 
Value Added Tax Act No 89 of 1991 

SECTION 5: Records automatically available 

No notice has been submitted by the practice to the Minister of Justice and Constitutional Development regarding the categories of records, which are available without a person having to request access in terms of Section 52(2) of PAIA. However, the information on the website of the business is automatically available without having to request access in terms of PAIA. 

SECTION 6: SUBJECTS AND CATEGORIES OF RECORDS HELD BY the credit ombud 

General information about the Credit Ombud can be accessed via the internet on www.creditombud.org.za which is available to all persons who have access to the internet. 

The subjects on which the private body holds records and the categories on each subject in terms of Section 51(1)(e) are as listed below. Please note that a requester is not automatically allowed access to these records and that access to them may be refused in accordance with Sections 62 to 69 of the Act: 

  1. COMPANIES ACT RECORDS 
  • Constitution of the Credit Ombud Association 
  • Documents of Incorporation; 
  • Names of Council Members 
  • Minutes of meeting of the Credit Ombud Council; 
  • Proxy forms  
  • Research and development; 
  • Special resolutions/Resolutions passed at Council and Annual General Meetings. 

Records relating to the appointment of: 

  • Auditors; 
  • Council members 
  • Prescribed Officer. 
  • Public Officer; and 
  • Secretary; 
  1. FINANCIAL RECORDS 
  • Accounting Records 
  • Annual Financial Reports; 
  • Annual Financial Statements 
  • Asset Registers; 
  • Bank Statements 
  • Banking details and bank accounts; 
  • Banking Records 
  • Debtors / Creditors statements and invoices; 
  • General ledgers and subsidiary ledgers; 
  • General reconciliation; 
  • Invoices; 
  • Paid Cheques 
  • Policies and procedures; 
  • Rental Agreements; and 
  • Tax Returns. 
  1. INCOME TAX RECORDS 
  • PAYE Records 
  • Documents issued to employees for income tax purposes 
  • Records of payments made to SARS on behalf of employees 
  • All other statutory compliances: 
    • VAT 
    • Regional Services Levies 
    • Skills Development Levies 
    • UIF 
    • Workmen’s Compensation 
  1. PERSONNEL DOCUMENTS AND RECORDS 
  • Accident books and records; 
  • Address Lists; 
  • Disciplinary Code and Records; 
  • Employee benefits arrangements rules and records; 
  • Employment Contracts; 
  • Employment Equity Plan 
  • Forms and Applications; 
  • Grievance Procedures; 
  • Leave Records; 
  • Medical Aid Records; 
  • Payroll reports/ Wage register; 
  • Pension Fund Records; 
  • Safety, Health and Environmental records; 
  • Salary Records; 
  • SETA records 
  • Standard letters and notices 
  • Training Manuals;  
  • Training Records; 
  • Workplace agreements and records. 
  1. PROCUREMENT DEPARTMENT 
  • Standard Terms and Conditions for supply of services and products; 
  • Contractor, client and supplier agreements; 
  • Lists of suppliers, products, services and distribution; and 
  • Policies and Procedures. 
  1. SALES DEPARTMENT 
  • Customer details 
  • Credit application information 
  • Information and records provided by a third party 
  1. MARKETING DEPARTMENT 
  • Advertising and promotional material 
  1. Risk Management and Audit 
  • Audit reports; 
  • Risk management frameworks; and 
  • Risk management plans. 
  1. SAFETY, HEALTH AND ENVIRONMENT 
  • Complete Safety, Health and Environment Risk Assessment 
  • Environmental Managements Plans 
  • Inquiries, inspections, examinations by environmental authorities 
  1. IT DEPARTMENT 
  • Computer / mobile device usage policy documentation; 
  • Disaster recovery plans; 
  • Hardware asset registers; 
  • Information security policies/standards/procedures; 
  • Information technology systems and user manuals 
  • Information usage policy documentation; 
  • Project implementation plans; 
  • Software licensing; and 
  • System documentation and manuals. 

SECTION 7: Purpose of Processing of Personal Information 

To support consumers who lodge disputes with the Credit Ombud 
To engage with Credit Providers to resolve disputes lodged by consumers 
To support recruitment and management of staff 
To support engagement with suppliers 
To support engagement with the general public 
To support engagement with the media 

SECTION 8: Data Subjects CATEGORIES AND Their Personal Information  

Customers: record of customer life cycle and detailed information relating to a complaint lodged with the Credit Ombud 
Employees: record of employee life cycle 
Suppliers: record of supplier life cycle 
General public: tracking general enquiries and web site visits 
Members: records as maintained by the Company Secretary  
Media: records of media interactions 

SECTION 9: PLANNED RECIPIENTS OF PERSONAL INFORMATION 

Credit Providers 
Credit Bureaux 
Statutory authorities 
Law enforcement 
Tax authorities 
Financial institutions 
Medical schemes 
Employee pension and provident funds 
Industry bodies 

SECTION 10: Planned Trans-border Flows of Personal Information 

There are no planned trans-border flows of personal information other than through social media, which is primarily aimed at general awareness raising with the general public. 

SECTION 11: Security Measures To Protect Personal Information 

Physical security measures 

The Credit Ombud is located in the Fernridge Office Park. Access to the premises is controlled by a 24-hour security guard at the main entrance. Access at the Office Block 3 entrance is controlled by a electronic buzzer. At the office there is biometric entrance control system in place. The premises is also controlled by an alarm system linked to an company that provide an armed response system. 

Cyber security measures 

The current security protocols that we have in place to protect our information from potential threats, Include the following: 

  • Credit Ombud network protected by Sophos firewall at internet perimeter 
  • Workstations protected by local firewall & AV/malware detection software 
  • Workstation & server devices kept up to date with recent OS, Office & 3rd party app (e.g. Adobe, Java etc.) updates to plug security vulnerabilities 

The case management system as well as e-mails which we use hold customer information such as ID numbers, contact numbers etc., are protected through the following protocols: 

  • The server is protected by a https security certificate and is also only accessible externally once users are securely logged onto your VPN. 
  • Mail is hosted in Microsoft 365 cloud & are protected by Mimecast for spam, phishing etc. as well as Microsoft’s own protection systems 

In respect of remote working by both our call center agents and case managers the only way they can access our IT systems is through the VPN, which is a secure method for connecting to our IT system and services remotely. VPN access is controlled via PPTP in addition to the more secure L2TP. 

We conduct regular User Education sessions to ensure that users do not open suspect mails, attachments and click on suspect links or visit suspect web sites etc.  

Training in information security 
Regular training sessions are held annually with all staff on Human Resource policies, including the information security policy. 

Policies in information security 
The council approved an Information Security policy. 

Audits of information security 
Annual audit of the information security system will be conducted. 

SECTION 12: DETAIL ON HOW TO MAKE A REQUEST FOR ACCESS 

The requester must complete Form C and submit this form together with a request fee, to the head of Credit Ombud. The form must be submitted to the head of the Credit Ombud at his address, fax number, or electronic mail address as stated earlier in this manual. 

Form of request: 

  • The requester must use the prescribed form, as attached in terms of Article 8 of this manual, to make the request for access to a record. This must be made to the designated head. This request must be made to the address, fax number or electronic mail address of the body concerned [s 53(1)]. 
  • The requester must provide sufficient detail on the request form to enable the designated head to identify the record and the requester. 
  • The requester should indicate which form of access is required. 
  • The requester should indicate if any other manner is to be used to inform the requester and state the necessary particulars to be so informed [s 53(2)(a) and (b) and (c)]. 
  • The requester must identify the right that is sought to be exercised or to be protected and provide an explanation of why the requested record is required for the exercise or protection of that right [s 53(2)(d)]. 
  • If a request is made on behalf of another person, the requester must then submit proof of the capacity in which the requester is making the request to the satisfaction of the designated head of the private body [s 53(2)(f)]. 
  • A requester who seeks access to a record containing personal information about that requester is not required to pay the request fee. 
  • Every other requester, who is not a personal requester, must pay the required request fee. 
  • The designated head of the private body must notify the requester (other than a personal requester) by notice, requiring the requester to pay the prescribed fee (if any) before further processing the request [s 54(1)]. 
  • The fee that the requester must pay to a private body is currently R50,00. The requester may lodge an application to the court against the tender or payment of the request fees 54(3)(b)]. 
  • After the designated head of the private body has made a decision on the request, the requester must be notified in the required form. 
  • If the request is granted then a further access fee must be paid for the search, reproduction, preparation and for any time that has exceeded the prescribed hours to search and prepare the record for disclosure [s 54(6)]. 

Grounds for refusing a request 

The Credit Ombud has the right to reject any request for information submitted in terms of Sections 62 to 70 of Chapter 4 of the PAIA Act. 

SECTION 13: AVAILABILITY OF THE MANUAL 

This manual is available for inspection at the office of Credit Ombud free of charge. 

APPENDIX A: FEES IN RESPECT OF PRIVATE BODIES 

The following is a breakdown of the fees structure for the purposes of determining the manner in which fees relating to a request for access to a record of a private body are to be calculated: 

Part III of Regulation 187 published in the Government Gazette on the 15 February 2002: 

  1. The fee for a copy of the manual as contemplated in regulation 9(2)(c) is R1,10 for every photocopy of an A4-size page or part thereof. 
  1. The fees for reproduction referred to in regulation 11(1) are as follows: 
    (a) For every photocopy of an A4-size page or part thereof R1,10 
    (b) For every printed copy of an A4-size page or part thereof held on a computer or in electronic or machine readable form R0, 75 
    (c) For a copy in a computer-readable form on – (i) stiffy disc R 7, 50; (ii) compact  disc R 70,00 
    (d) (i) For a transcription of visual images, for an A4-size page or part thereof R 40,00, (ii) For a copy of visual images R 60,00 
    (e) (i) For a transcription of an audio record, for an A4-size page or part thereof R 20,00; (ii) For a copy of an audio record R 30,00 
  1. The request fee payable by a requester, other than a personal requester, referred to in Regulation 11(2) is R50,00. 
  1. The access fees payable by a requester referred to in Regulation 11(3) are as follows: 
    (a) For every photocopy of an A4-size page or part thereof R 1,10; 
    (b) For every printed copy of an A4-size page or part; thereof held on a computer or in electronic or machine-readable form R 0,75; 
    (c) For a copy in a computer-readable form on – (i) stiffy disc R 7,50; (ii) compact disc R 70,00 
    (d)(i) For a transcription of visual images, for an A4-size page or part thereof R 40,00; (ii) For a copy of visual images R 60,00 
    (e)(i) For a transcription of an audio record, for an A4-size page or part thereof R 20,00; (ii) For a copy of an audio record R 30,00 
    (f) To search for and prepare the record for disclosure, R30,00; for each hour or part of an hour reasonably required for such search and preparation. 

  2. For purposes of section 54(2) of the Act, the following applies: 
    (a) Six hours as the hours to be exceeded before a deposit is payable; and 
    (b) one third of the access fee is payable as a deposit by the requester.
     
  3. The actual postage is payable when a copy of a record must be posted to a requester. 

FORM C: REQUEST FOR ACCESS TO RECORD OF PRIVATE BODY 
Download PDF Form Here

Fax. No of Credit Ombud: +27 (0)11 388 8250
E- Mail address of Credit Ombud: ombud@creditombud.org.za