Purpose Of This Manual
This manual helps members of the public understand the categories of records held by Financial Technology Advisory Services, which records may be available without a formal PAIA request, and how to request access to records held by the company.
It also explains how Financial Technology Advisory Services processes personal information, the categories of data subjects whose information may be processed, and the safeguards used to protect personal information.
Information Regulator
The Information Regulator provides a guide on how to use PAIA and POPIA. The guide is available from the Information Regulator in English.
Availability Of The Manual
A copy of the PAIA Manual is available on request from info@fintechadv.co.za, at the office of Financial Technology Advisory Services for public inspection during normal business hours, to any person upon request and payment of a reasonable prescribed fee, and to the Information Regulator upon request.
Records Available Without A Formal Request
Processing Of Personal Information
Financial Technology Advisory Services processes personal information only for lawful, reasonable and necessary purposes connected to its functions, statutory obligations, operational requirements and the rights of data subjects.
Personal information may be processed for:
- provision, management and improvement of services;
- responses to enquiries, instructions or service requests;
- client relationship administration and contractual obligations;
- lawful marketing, communication and consent management;
- internal audit, accounting, financial management and business planning;
- legal, regulatory, governance, risk and compliance obligations;
- website functionality, usage monitoring, security and digital platform integrity.
Categories Of Data Subjects
Record Retention Legislation
Records may be retained in accordance with applicable legislation, including the Companies Act, Copyright Act, Employment Equity Act, Income Tax Act, Labour Relations Act, VAT Act, FAIS Act, Basic Conditions of Employment Act, FIC Act, ECTA, PAIA, POCA, Protection of Constitutional Democracy against Terrorist and Related Activities Act, and POPIA.
Recipients Of Personal Information
Personal information may be supplied to service providers, partners, the Financial Intelligence Centre, FSCA, Prudential Authority, South African Police Services, South African Qualifications Authority and credit bureaus where lawful and necessary for verification, fraud prevention, qualification checks, regulatory compliance or service delivery.
Transborder Flows
Financial Technology Advisory Services may transfer personal information outside the Republic of South Africa where lawful, necessary and aligned with the purpose for which the information was collected. Where cross-border transfers are required, the company will seek to ensure that appropriate protection is in place or that another lawful basis under POPIA applies.
Information Security Measures
Financial Technology Advisory Services implements reasonable technical and organisational measures to protect the confidentiality, integrity and availability of personal information. Measures may include secure hosting, firewalls, access controls, antivirus and anti-malware protections, encryption where appropriate, monitoring, staff training, secure handling procedures, backups and disaster recovery processes.
Access Requests
A requester must complete the prescribed PAIA request form and submit it to the Information Officer via email at info@fintechadv.co.za. The request must include enough detail to identify the record, proof of identity, the preferred form of access, correspondence details, and the right that the requester seeks to exercise or protect.
If a request is made on behalf of another person, proof of authority or capacity to act must be provided. The prescribed request fee and any applicable access fee may be payable before the request is processed or the record is released.
Decision Timeline
Financial Technology Advisory Services will decide whether to grant or refuse access within 30 business days from the first business day following receipt of a valid PAIA request and payment of any applicable request fee. The requester will be notified of the outcome by email.
This period may be extended by a further period not exceeding 30 business days where the request involves a large volume of information, consultation is required, or the information cannot reasonably be obtained within the original period.
Appeals And Complaints
Financial Technology Advisory Services does not have an internal appeal procedure. The decision of the Information Officer is final. A requester who is dissatisfied may apply to the Information Regulator within 180 days of notification of the decision or submit a court application within 30 days of notification of a refusal decision.
Third-Party Records And Records Not Found
Where access is requested to third-party information, the third party must be given 21 days to make representations or give written consent to disclosure.
If all reasonable steps have been taken to find a record and the record cannot be found or does not exist, Financial Technology Advisory Services will notify the requester by affidavit or affirmation.
Fee Summary
PAIA provides for request and access fees. The manual lists, among others, a request fee of R140.00, photocopy and printed copy fees of R2.00 per A4 page, prescribed costs for flash drives or compact discs, transcription costs where applicable, and actual costs for postage, email or other electronic transfer.