Hitachi Construction Machinery Africa
PROMOTION OF ACCESS TO INFORMATION MANUAL
PROMOTION OF ACCESS TO INFORMATION MANUAL
(hereinafter referred to as the “Manual”)
Hitachi Construction Machinery Southern Africa Co. (Pty) Ltd
with Registration Number: 1951/002418/07 (hereinafter referred to as “HCSA”)
Prepared in accordance with section 51 of the Promotion of Access to Information Act, No. 2 of 2000 (as amended).
The purpose of this Manual is, inter alia, to assist a requester with the process of requesting access to information held by the Company
Date Effective:
24-Jun-25
Table of Contents
1. List of Acronyms and Abbreviations:
1.1 “CEO” means: Chief Executive Officer;
1.2 “DIO” means: Deputy Information Officer;
1.3 “IO“ means: Information Officer;
1.4 “Minister” means: Minister of Justice and Correctional Services;
1.5 “PAIA” means: Promotion of Access to Information Act No. 2 of 2000 (as amended);
1.6 “POPIA” means: Protection of Personal Information Act No.4 of 2013;
1.7 “Regulator” means: Information Regulator; and
1.8 “Republic” means: Republic of South Africa.
2. Purpose of this Manual:
This manual is compiled in accordance with Section 51 of the Promotion of Access to Information Act (PAIA) and includes requirements under the Protection of Personal Information Act (POPIA). It describes the types of records held by HCSA and explains how they can be accessed, if necessary, in accordance with the law.
This PAIA Manual is useful for the public to:
2.1 review the categories of records held by a body which are available without a person having to submit a formal PAIA request;
2.2 have a sufficient understanding of how to make a request for access to a record of the body, by providing a description of the subjects on which the body holds records, and the categories of records held on each subject;
2.3 know the description of the records of the body which are available in accordance with any other legislation;
2.4 access all the relevant contact details of the Information Officer and Deputy Information Officer who will assist the public with the records they intend to access;
2.5 know the description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it;
2.6 know if the body will process personal information, the purpose of processing of personal information and the description of the categories of data subjects and of the information or categories of information relating thereto;
2.7 know the description of the categories of data subjects and of the information or categories of information relating thereto;
2.8 know the recipients or categories of recipients to whom the personal information may be supplied;
2.9 know if the body has planned to transfer or process personal information outside the Republic of South Africa and the recipients or categories of recipients to whom the personal information may be supplied; and
2.10 know whether the body has appropriate security measures to ensure the confidentiality, integrity and availability of the personal information which is to be processed.
3. Important contact details for the access to Information for HCSA:
3.1 National Head office, Head and Deputy Head contact details:
Physical address: |
Cnr Paul Smit and Solomon Jefferson Mahlangu Road Boksburg North, Johannesburg, Gauteng, South Africa. |
Postal address: |
P.O. Box 6331, Dunswart, 1508, South Africa. |
Telephone: |
+27 11 841 7700 |
Fax: |
+2711 918 2257 |
Website: |
|
E-mail: |
3.2 Description of Guide referred to in section 10: Section 51(1)(b).
The guide described in section 10 of the Act was originally published in August 2003 by the Human Rights Commission but subsequently updated by the Information Regulator and contains the information as prescribed in the PAIA. Any enquiries regarding this guide should be directed to:
The Information Regulator (South Africa) the Information Regulator
Postal address: |
PO Box 31533, Braamfontein, Johannesburg, 2017. |
Telephone: |
010 023 5200 |
Physical Address: |
Woodmead North office Park. 54 Maxwell Drive, Woodmead, Johannesburg, 2191. |
Website: |
https://inforegulator.org.za/paia/ |
E-mail: |
enquiries@inforegulator.org.za; MMosala@inforegulator.org.za |
4. Guide on how to use PAIA and how to obtain access to the guide:
4.1 The Regulator has, in terms of section 10(1) of PAIA, as amended, updated and made available the revised Guide on how to use PAIA (“Guide”), in an easily comprehensible form and manner, as may reasonably be required by a person who wishes to exercise any right contemplated in PAIA and POPIA.
4.2 The Guide is available in English only.
4.3 The aforesaid Guide contains:
4.3.1 a description of PAIA
4.3.2 the objects of PAIA and POPIA;
4.3.3 the postal and street address, phone and fax number and, if available, electronic mail address of-
4.3.3.1 the Information Officer of every public body which can be obtained in respect of Municipalities at the following link: http://www.salga.org.za/Municipalities%20MCD.html, and in respect of State-Owned Enterprises at: https://www.gov.za/about- government/contact-directory.
4.3.3.2 every Deputy Information Officer of every public and private body designated in terms of section 17(1) of PAIA1 and section 56 of POPIA2;
4.3.4 the manner and form of a request for-
4.3.4.1 access to a record of a public body contemplated in section 11.3; and
4.3.4.2 access to a record of a private body contemplated in section 504;
4.3.5 the assistance available from the IO of a public body in terms of PAIA and POPIA;
4.3.6 the assistance available from the Regulator in terms of PAIA and POPIA;
4.3.7 all remedies in law available regarding an act or failure to act in respect of a right or duty conferred or imposed by PAIA and POPIA, including the manner of lodging-
4.3.7.1 an internal appeal;
4.3.7.2 a complaint to the Regulator; and
4.3.7.3 an application with a court against a decision by the information officer of a public body, a decision on internal appeal or a decision by the Regulator or a decision of the head of a private body;
1. Section 17(1) of PAIA- For the purposes of PAIA, each public body must, subject to legislation governing the employment of personnel of the public body concerned, designate such number of persons as deputy information officers as are necessary to render the public body as accessible as reasonably possible for requesters of its records.
2. Section 56(a) of POPIA- Each public and private body must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons, if any, as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of POPIA.
3. Section 11(1) of PAIA- A requester must be given access to a record of a public body if that requester complies with all the procedural requirements in PAIA relating to a request for access to that record; and access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.
4. Section 50(1) of PAIA- A requester must be given access to any record of a private body if
a) that record is required for the exercise or protection of any rights;
b) that person complies with the procedural requirements in PAIA relating to a request for access to that record; and
c) access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.
4.3.8 the provisions of sections 14 and 51 requiring a public body and private body, respectively, to compile a manual, and how to obtain access to a manual;
4.3.9 the provisions of sections 15 and 52 providing for the voluntary disclosure of categories of records by a public body and private body, respectively;
4.3.10 the notices issued in terms of sections 22 and 54 regarding fees to be paid in relation to requests for access; and
4.3.11 the regulations made in terms of section 92.
5 Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.
6 Section 51(1) of PAIA- The head of a private body must make available a manual containing the description of the information listed in paragraph 4 above.
7 Section 15(1) of PAIA- The information officer of a public body, must make available in the prescribed manner a description of the categories of records of the public body that are automatically available without a person having to request access
8 Section 52(1) of PAIA- The head of a private body may, on a voluntary basis, make available in the prescribed manner a description of the categories of records of the private body that are automatically available without a person having to request access
9 Section 22(1) of PAIA- The information officer of a public body to whom a request for access is made, must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
10 Section 54(1) of PAIA- The head of a private body to whom a request for access is made must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
11 Section 92(1) of PAIA provides that – “The Minister may, by notice in the Gazette, make regulations regarding-
a) any matter which is required or permitted by this Act to be prescribed;
b) any matter relating to the fees contemplated in sections 22 and 54;
c) any notice required by this Act;
d) uniform criteria to be applied by the information officer of a public body when deciding which categories of records are to be made available in terms of section 15; and
e) any administrative or procedural matter necessary to give effect to the provisions of this Act.
4.4 Members of the public can inspect or make copies of the Guide from the offices of the public and private bodies, including the office of the Regulator, during normal working hours.
4.5 The Guide can also be obtained:
4.5.1 upon request to the Information Officer;
4.5.2 from the website of the Regulator (https://inforegulator.org.za/paia/).
4.6 A copy of the Guide is available in the following official language, for public inspection during normal office hours:
4.6.1 English.
5. Categories of Records for HCSA: which are available without a person having to request access.
Category of Records |
Types of Records |
Available on Website |
Available upon request |
Company Information: |
Company profile or mission statement. |
Yes |
|
BBBEE Certificate. |
Yes |
|
|
Company Registration. |
|
Yes |
|
Corporate Governance Documents: |
Codes of conduct, ethics policies, or charters. |
|
Yes |
6. Description of the records for HCSA which are available in accordance with any other legislation.
Category of Records |
Applicable Legislation |
PAIA Manual: |
Promotion of Access to Information Act 2 of 2000. |
Consumer Protection and Marketing: |
· Terms and conditions for services/products. · Privacy and data protection policies. |
Share Register: |
· The Companies Act, 2008. |
7. Description of the subjects on which HCSA holds categories and records of on each subject for HCSA.
Category of Records |
Categories of Records |
Company Information & Governance: |
· Memorandum of Incorporation (MOI); · Company registration documents; · Share register; · Minutes of board meetings; · Resolutions passed. |
Human Resources: |
· Employment contracts; · Employee leave records; · Disciplinary records; · Payroll and salary records; · Employment equity reports. |
Finance & Accounting: |
· Annual financial statements; · Invoices and receipts; · Tax returns; · Bank statements; · Audit reports. |
Legal & Compliance: |
· Contracts and service level agreements; · Licenses and permits; · Insurance policies; |
Operations & Administration: |
· Internal policies and procedures; · Procurement records; · Asset registers; · Maintenance and service reports. |
Sales & Marketing: |
· Client proposals and quotes; · Customer contracts; · Marketing materials; · Client contact databases; · Client Equipment information. |
Information Technology: |
· IT usage and security policies; · Asset registers (hardware/software); · System user access logs. |
Health, Safety & Environment: |
· Health and Safety audit reports; · Incident and accident reports; · Risk assessments; · Environmental compliance records. |
Customer Service: |
· Customer complaints and resolution records; · Equipment location, service records; · Feedback and satisfaction surveys. |
Regulatory Reporting: |
· CIPC filings; · SARS submissions; · Reports submitted to industry regulators or SETAs. |
8. PROCESSING OF PERSONAL INFORMATION:
8.1 Purpose of Processing Personal Information:
HCSA processes personal information for the following purposes, in accordance with the Protection of Personal Information Act (POPIA) and other applicable legislation:
8.1.1 Human Resources and Employment:
· Recruitment and selection of employees;
· Verification of employment history, qualifications, and criminal records (where applicable);
· Payroll and remuneration administration;
· Leave and attendance management;
· Compliance with labour and tax legislation;
· Performance evaluation and training;
· Managing employee benefits (medical aid, pensions, UIF).
8.1.2 Client and Customer Relationship Management:
· Verifying client identity and contact information;
· Processing orders, invoices, and payments;
· Delivering goods or services;
· Maintaining communication with clients;
· Managing customer accounts and creditworthiness;
· Responding to customer queries, feedback, or complaints.
8.1.3 Supplier and Vendor Management:
· Registration and verification of supplier information;
· Procurement and payment processing;
· Communication and performance monitoring;
· Contract and service delivery management.
8.1.4 Legal and Compliance Purposes:
· Complying with legal obligations under applicable laws (e.g., Companies Act, SARS regulations);
· Responding to lawful requests or court orders;
· Conducting internal audits, investigations, or disciplinary procedures;
· Maintaining records required by law.
8.1.5 Security and Access Control:
· Physical access control to company premises;
· IT and system access management;
· CCTV monitoring (where applicable);
· Protection of company property and confidential information.
8.1.6 Marketing and Communication:
· Sending newsletters, promotions, and company updates (with consent where required);
· Conducting customer satisfaction surveys;
· Market research and product/service improvement.
8.1.7 Financial Management:
· Invoicing, billing, and collection of payments;
· Financial auditing and reporting;
· Tax submissions and compliance.
8.2 Description of the categories of Data Subjects and of the information or categories of information relating thereto:
Category of Data subjects |
Personal Information that may be processed |
Employees and Job Applicants: |
· Full name, ID number, contact details; · CVs, qualifications, references; · Employment history; · Tax numbers and bank details; · Medical and next of kin information; · Disciplinary and performance records. |
Clients / Customers: |
· Full name, ID number, contact details; · Company name, VAT number; · Billing and payment information; · Purchase history; · Preferences and communication records; · Equipment information. |
Suppliers / Service Providers: |
· Company and representative names; · Contact details and banking information; · B-BBEE certificates and tax compliance status; · Contract and service delivery records. |
Directors and Shareholders: |
· Names, ID numbers, contact details; · Shareholding information; · Director declarations and compliance documents. |
Visitors to Company Premises: |
· Name and surname; · ID number or driver’s license details; · Time and reason for visit. · CCTV footage. |
Website Users / Online Interactions: |
· IP address and device information; · Email address and login credentials (if applicable); · Website usage data (cookies, analytics). |
Regulatory and Compliance Stakeholders: |
· Information required by law or regulators (e.g., SARS, CIPC, Department of Labour); · Audit and compliance data. |
8.3 The recipients or categories of recipients to whom the personal information may be supplied:
Category of personal information |
Recipients or Categories of Recipients to whom the personal information may be supplied |
Identity number and names, for criminal checks: |
· South African Police Services. |
Qualifications, for qualification Verifications: |
· South African Qualifications Authority. |
Credit and payment history, for credit information: |
· Credit Bureaus. |
8.4 Planned transborder flows of personal information:
HCSA may transfer personal information across borders under certain circumstances. Such transfers will only take place in compliance with Section 72 of the Protection of Personal Information Act (POPIA), which requires that the receiving country or third party ensures an adequate level of protection for personal information.
8.5 Planned transborder flows of Equipment performance metrics
HCSA may, from time to time, transfer equipment performance data across national borders to authorised third parties, technology providers, or affiliated entities. These transborder flows are conducted in compliance with Section 72 of the Protection of Personal Information Act (POPIA) and relevant international data protection standards.
Such data transfers relate specifically to equipment performance metrics, which may include, but are not limited to, the following equipment classes:
8.5.1 Excavators:
· Bucket Digging Force: Measured in kN or kgf – indicates excavation strength;
· Swing Speed: Determines how quickly the upper structure rotates (rpm);
· Cycle Time: Time taken to complete a full dig-load-dump-return cycle;
· Fuel Consumption Rate: Litres/hour under typical workload;
· Reach and Depth: Max digging depth and arm extension (m).
8.5.2 Wheel Loaders:
· Breakout Force: Force required to lift material – critical for dense materials;
· Bucket Fill Factor: Efficiency of bucket loading, expressed as a percentage;
· Cycle Time: Time for load–lift–dump–return; affects hourly productivity;
· Tipping Load: The weight at which the machine begins to tip forward.
8.5.3 Dump Trucks (Articulated or Rigid):
· Payload Capacity: Maximum load weight (tonnes);
· Gradeability: Steepest incline it can climb with full load (percentage);
· Turning Radius: Important for manoeuvrability on narrow mining paths;
· Speed (Loaded/Unloaded): In km/h – affects haulage cycle time;
· Fuel Efficiency: Tonnes transported per litre of fuel.
8.5.4 Load-Haul-Dump (LHD) plans, Life Cycle Costings:
· Life Cycle Costings: Information assess the total cost of owning and operating equipment over its full lifespan;
· Tramming Speed: Loaded and empty speed (km/h);
· Tramming Cycle Time: Average time per trip between face and dump point;
· Bucket Capacity: Determines volume per cycle (m³).
8.5.5 Additional Performance Considerations:
· Operator Comfort: Affects productivity and safety over long shifts (e.g., air suspension seats, AC, noise levels);
· Machine Downtime: Maintenance frequency and parts availability impact performance uptime;
· Telematics Integration: GPS, fuel tracking, and performance analytics optimise fleet efficiency;
· Environmental Conditions: Machines must perform under South African heat, dust, and terrain variations.
8.5.6 IT Infrastructure and Systems:
· Secure internal network with firewalls and anti-malware software;
· Password-protected user accounts and role-based access control;
· Encrypted communication protocols (e.g., SSL/TLS for email and websites);
· Server infrastructure (either on-site or hosted via secure cloud providers);
· Regular data backups and disaster recovery systems.
8.5.7 Hardware and Devices:
· Laptops, desktops, and mobile devices assigned to employees are password or biometric protected;
· Antivirus software installed and regularly updated;
· Devices enrolled in Mobile Device Management (MDM) where applicable;
· Physical access controls to server rooms and equipment storage areas.
8.5.8 Software and Applications:
· Use of licensed and regularly updated software (e.g., Microsoft Office, accounting, CRM, HR systems);
· Access to personal data restricted based on job function;
· Two-factor authentication (2FA) enabled for critical systems;
· Secure email and document storage solutions (e.g., Microsoft 365, Google Workspace).
8.5.9 Data Security and Privacy Tools:
· Data encryption (at rest and in transit);
· Audit trails and activity logs maintained for key systems;
· POPIA-compliant consent management and data minimisation protocols;
· Endpoint security monitoring for all workstations and laptops.
8.5.10 Physical Security Measures:
· Surveillance (CCTV) in critical areas;
· Access control via key cards or biometric readers;
· Visitor logs and restricted access to sensitive areas;
· Secure storage of paper records (locked cabinets, limited access).
8.6 General description of Information Security Measures to be implemented by HCSA to ensure the confidentiality, integrity and availability of the information:
8.6.1 Confidentiality:
· To prevent unauthorised access to information.
8.6.2 Integrity:
· To protect the accuracy and trustworthiness of data.
8.6.3 Availability:
· To ensure authorised users have access to information when needed.
8.6.4 Physical and Environmental Controls:
· Restricted Access Areas: Physical access to server rooms and sensitive workstations is restricted and monitored;
· CCTV Monitoring: Used in secure areas for additional security;
· Secure Disposal of Equipment: Hard drives and documents are disposed of using certified destruction methods.
8.6.5 Human and Administrative Measures:
· Employee Training and Awareness: Regular training on POPIA, cyber hygiene, phishing, and acceptable use policies;
· Security Policies and Procedures: Documented and communicated to all staff;
· Incident Response Plan: Defined procedures for detecting, responding to, and recovering from data breaches or cyber incidents.
8.6.6 Supplier and Third-Party Controls:
· Due Diligence and Contractual Clauses: Security requirements are included in service agreements;
· Third-Party Risk Assessments: Conducted periodically to evaluate vendor security posture.
9. Availability of the manual:
A copy of the Manual is available:
9.1 On the website https://www.hitachicm.co.za;
9.2 head office of the HCSA for public inspection during normal business hours;
9.3 to any person upon written request and upon the payment of a reasonable prescribed fee; and
9.4 to the Information Regulator upon request;
9.5 A fee for a copy of the Manual, as contemplated in annexure B of the Regulations, shall be payable per each A4-size photocopy made.
10. Updating of the manual:
The head of a (insert the name of private body) will on a regular basis update this manual.
Issued by
Charl Oosthuizen
Hitachi Construction Machinery Southern Africa Co. (Pty) Ltd – Chief Financial Officer
