THE PROMOTION OF ACCESS TO INFORMATION MANUAL

1. PREAMBLE

The Promotion of Access to Information Act, 2000 ("PAIA") came into operation on 9 March 2001. PAIA seeks, among other things, to give effect to the Constitutional right of access to any information held by the State or by any other person where such information is required for the exercise or protection of any right and gives natural and juristic persons the right of access to records held by either a private or public body, subject to certain limitations, in order to enable them to exercise or protect their rights. Where a request is made in terms of PAIA to a private body, that private body must disclose the information if the requester is able to show that the record is required for the exercise or protection of any rights, and provided that no grounds of refusal contained in PAIA are applicable. PAIA sets out the requisite procedural issues attached to information requests.

Section 51 of PAIA obliges private bodies to compile a manual to enable a person to obtain access to information held by such private body and stipulates the minimum requirements that the manual has to comply with.

This Manual constitutes GRINDROD’s PAIA manual. This Manual is compiled in accordance with section 51 of PAIA as amended by the Protection of Personal Information Act, 2013 ("POPIA"), which gives effect to everyone’s Constitutional right to privacy. POPIA promotes the protection of personal information processed by public and private bodies, including certain conditions so as to establish minimum requirements for the processing of personal information. POPIA amends certain provisions of PAIA, balancing the need for access to information against the need to ensure the protection of personal information by providing for the establishment of an Information Regulator to exercise certain powers and perform certain duties and functions in terms of POPIA and PAIA, providing for the issuing of codes of conduct and providing for the rights of persons regarding unsolicited electronic communications and automated decision making in order to regulate the flow of personal information and to provide for matters concerned therewith.

This PAIA manual also includes information on the submission of objections to the processing of personal information and requests to delete or destroy personal information or records thereof in terms of POPIA.

2. ABOUT GRINDROD

GRINDROD, Registration Number: 2021/843302/07, conducts comprehensive Full and Empty Container Depot Operations, Warehousing of General Cargo and Mining Minerals, Road & Rail Transport as well as Genset Sales and with a network of vessels provides an efficient feeder and coastal shipping service.

With our coastal and inland facilities, we are able to provide efficient end-to-end supply chain solutions that can be tailor-made to the needs of our customers.

3. CONTACT DETAILS

Company Name: Grindrod Logistics (Pty) Ltd.
Contact Person: Derek Mans – derek.mans@grindrodlogistics.com
Position: CEO
Registered Office:
5th Floor, Grindrod House
106 Margaret Mncadi Avenue
Durban, 4001
Postal Address:
PO Box 3236, Durban, 4001
Telephone: +27 31 452 7950

4. INFORMATION REGULATORS GUIDE

An official Guide has been compiled which contains information to assist a person wishing to exercise a right of access to information in terms of PAIA and POPIA. This Guide is made available by the Information Regulator (established in terms of POPIA). Copies of the updated Guide are available from the Information Regulator and the Information Officer free of charge. Any request for public inspection of the Guide at the office of the Information Officer or a request for a copy of the Guide from the Information Officer must substantially correspond with Form 1 of Annexure A to Government Notice No. R.757 dated 27 August 2021 promulgated under the PAIA Regulations. Please refer to Annexure C.

5. OBJECTIVES OF THIS MANUAL

The objectives of this Manual are:

• to provide a list of all records held by the legal entity;

• to set out the requirements with regard to who may request information in terms of PAIA as well as the grounds on which a request may be denied;

• to define the manner and form in which a request for information must be submitted;

• to comply with the additional requirements imposed by POPIA.

6. ENTRY POINT FOR REQUESTS

PAIA provides that a person may only make a request for information if the information is required for the exercise or protection of a legitimate right.

Information will therefore not be furnished unless a person provides sufficient particulars to enable GRINDROD to identify the right that the requester is seeking to protect as well as an explanation as to why the requested information is required for the exercise or protection of that right. The exercise of an individual’s rights is subject to justifiable limitations, including the reasonable protection of privacy, commercial confidentiality and effective, efficient and good governance. PAIA and the request procedure contained in this Manual may not be used for access to a record for criminal or civil proceedings, nor should information be requested after the commencement of such proceedings.

The Information Officer has been delegated with the task of receiving and coordinating all requests for access to records in terms of PAIA, in order to ensure proper compliance with PAIA and POPIA. The Information Officer will facilitate the liaison with the internal legal team on all of these requests. All requests in terms of PAIA and this Manual must be addressed to the Information Officer using the contact details provided above.

7. AUTOMATICALLY AVAILABLE INFORMATION

Information that is obtainable via the GRINDROD website about GRINDROD is automatically available and need not be formally requested in terms of this Manual. The following categories of records are automatically available for inspection, purchase or photocopying:

• brochures

• press releases

• publications

• various other marketing and promotional material

8. INFORMATION AVAILABLE IN TERMS OF POPIA

1. Categories of personal information collected by GRINDROD

GRINDROD may collect information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person, including, but not limited to:

• information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;

• information relating to the education or the medical, financial, criminal or employment history of the person;

• any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;

• the biometric information of the person;

• the personal opinions, views or preferences of the person;

• correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;

• the views or opinions of another individual about the person; and

• the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

2. The purpose of processing personal information

In terms of POPIA, data must be processed for a specified purpose. The purpose for which data is processed by GRINDROD will depend on the nature of the data and the particular data subject. This purpose is ordinarily disclosed, explicitly or implicitly, at the time the data is collected. In general, personal information is processed for purposes of:

• onboarding clients and suppliers,

• service or product delivery,

• records management,

• security,

• employment and related matters.

3. A description of the categories of data subjects

GRINDROD holds information and records on the following categories of data subjects:

• Employees / personnel of GRINDROD;

• Clients of GRINDROD;

• Any third party with whom GRINDROD conducts business;

• Contractors of GRINDROD;

• Suppliers of GRINDROD.

(This list of categories of data subjects is non-exhaustive.)

4. The recipients or categories of recipients to whom the personal information may be supplied

Depending on the nature of the personal information, GRINDROD may supply information or records to the following categories of recipients:

• Statutory oversight bodies, regulators or judicial commissions of enquiry making a request for data;

• Any court, administrative or judicial forum, arbitration, statutory commission, or ombudsman making a request for data or GRINDROD in terms of the applicable rules;

• South African Revenue Services, or another similar authority;

• Anyone making a successful application for access in terms of PAIA or POPIA; and

• Subject to the provisions of POPIA and other relevant legislation, GRINDROD may share information about a client’s creditworthiness with any credit bureau or credit providers industry association or other association for an industry in which GRINDROD operates.

5. Planned transborder flows of personal information

If a data subject visits GRINDROD’s website from a country other than South Africa, the various communications will necessarily result in the transfer of information across international boundaries. GRINDROD may need to transfer a data subject's information to service providers, principals and/or other agents acting on behalf of such principals, in countries outside South Africa, in which case it will fully comply with applicable data protection legislation.

• Payroll information is transferred to African countries in the SAI Area;

• Copies of Passport Numbers, Vehicle Registration Numbers and Trailer Registration Numbers may be sent to Zambia where proof of identification is required prior to releasing containers to transporters and Passport Numbers for release of empty containers from depot service providers for exports;

• Information may be shared with the corporate office of GRINDROD based in Denmark, Copenhagen;

• Information may be shared for purposes of using Sales Force and to the global database office.

Note: These countries may not have data-protection laws which are similar to those of South Africa.

6. A general description of information security measures to be implemented by GRINDROD

GRINDROD takes extensive information security measures to ensure the confidentiality, integrity and availability of personal information in our possession. GRINDROD takes appropriate technical and organisational measures designed to ensure that personal data remains confidential and secure against unauthorised or unlawful processing and against accidental loss, destruction or damage.

9. INFORMATION AVAILABLE IN TERMS OF OTHER LEGISLATION

Information is available in terms of certain provisions of the following legislation to the persons or entities specified in such legislation:

• Administration of Estates Act 66 of 1965

• Basic Conditions of Employment Act 75 of 1997

• Close Corporations Act 69 of 1984

• Companies Act 61 of 1973

• Compensation for Occupational Injuries and Health Diseases Act 130 of 1993

• Consumer Protection Act 68 of 2008

• Employment Equity Act 55 of 1998

• Estate Agency Affairs Act 112 of 1976

• Income Tax Act 58 of 1962

• Insolvency Act No. 24 of 1936

• Labour Relations Act 66 of 1995

• Occupational Health & Safety Act 85 of 1993

• Pension Funds Act 24 of 1956

• Skills Development Act 97 of 1998

• Skills Development Levies Act 9 of 1999

• Stamp Duties Act 77 of 1968

• Stock Exchanges Control Act 1 of 1985 (and the rules and listing requirements of the JSE Securities Exchange authorised in terms thereof)

• Unemployment Contributions Act 4 of 2002

• Unemployment Insurance Act 30 of 1966

• Value Added Tax Act 89 of 1991

• Customs and Excise Act, 91 of 1964

10. CATEGORIES OF RECORDS AVAILABLE UPON REQUEST

GRINDROD maintains records on the categories and subject matters listed below. Please note that recording a category or subject matter in this Manual does not imply that a request for access to such records would be granted. All requests for access will be evaluated on a case-by-case basis in accordance with the provisions of PAIA.

Important: Many of the records held by GRINDROD are those of third parties, such as clients and employees, and GRINDROD takes the protection of third party confidential information very seriously. Requests for access to these records will be considered very carefully. Please ensure that requests for such records are carefully motivated.

Categories:

• Internal records:
  Memoranda of Incorporation and Articles of Association, Financial records, Operational records, Intellectual property, Marketing records, Internal correspondence, Service records, Statutory records, Internal policies and procedures, Minutes of meetings.

• Personnel records:
  Any personal records provided to us by our personnel; any records a third party has provided about any of their personnel; conditions of employment and other personnel-related contractual and quasi legal records; employment policies and procedures; internal evaluation and disciplinary records; and other internal records and correspondence.

• Client-related records:
  Contracts with the client and between the client and other persons.

• Other third party records:
  Personnel, client or GRINDROD records which are held by another party as opposed to being held by GRINDROD; and records held by GRINDROD pertaining to other parties, including financial records, correspondence, contractual records, records provided by the other party, and records third parties have provided about the contractors or suppliers.

• Other records:
  Information relating to GRINDROD; research information belonging to GRINDROD or carried out on behalf of a third party; requisitions, permits, licenses, authorisations, approvals, applications and consents required for the day-to-day operations of GRINDROD.

11. REQUEST PROCEDURE

1. Completion of the prescribed form:
   Any request for access to a record in terms of PAIA must substantially correspond with Form 2 of Annexure A to Government Notice No. R.757 dated 27 August 2021 promulgated under the PAIA Regulations and should be specific in terms of the record requested. Non-compliant requests will be returned.

2. Proof of identity:
   Proof of identity is required to authenticate your identity and the request. Acceptable proof such as a certified copy of your identity document or other legal forms of identity must be submitted.

3. Payment of the prescribed fees:
   There are two categories of fees:

   • Request fee: R140.00

   • Access fee: Calculated based on reproduction, search, preparation and postal costs as set out in the applicable annexure.

   The record will not be disclosed until the necessary fees have been paid in full.

4. Timelines:

   • Requests will be processed within 30 (thirty) days unless an extension is required.

   • The Information Officer will inform the requester of the decision and any fees payable.

   • In the event of a required extension, the requester will be notified with reasons.

5. Grounds for refusal:
   Access may be refused on grounds including but not limited to:

   • Protection of personal or commercial information of a third party;

   • Breach of a duty of confidence;

   • Jeopardising the safety of an individual or property rights;

   • Records produced during legal proceedings (unless legal privilege is waived);

   • Any information that would disadvantage GRINDROD commercially.

6. Objections under POPIA:
   A data subject may object at any time to the processing of personal information by GRINDROD on reasonable grounds, or request correction, deletion or destruction of personal information, subject to the procedures set out by POPIA.

12. REMEDIES AVAILABLE TO A REQUESTER ON REFUSAL OF ACCESS

If the Information Officer refuses a request:

• The decision is final, and there is no internal appeal procedure.

• If you are dissatisfied, you may apply to the Information Regulator or a court of competent jurisdiction.

• If a third party is affected by a request that is granted, they have 30 (thirty) days to appeal the decision in a court of competent jurisdiction. If no appeal is lodged within this period, access must be granted.

13. AVAILABILITY OF THIS MANUAL

Copies of this Manual are available for inspection, free of charge, at the offices of GRINDROD and at https://grindrodlogistics.com/.