• Terms and Conditions : uShaka Island Management (Pty) Ltd.
• You must carefully familiarise yourself with the terms and conditions set out in this agreement before using our website. In addition to setting out the terms of use of our website, this document contains important information in regard to security and data and privacy protection. Although we regard these conditions as normal and appropriate for the purposes of our online presence, they do include terms which exclude and/or limit our liability and which place certain obligations on you.

• By visiting our website, you irrevocably agree to be bound by these terms and conditions. This is a legally binding agreement.

• If you do not agree with the terms and conditions contained in this agreement you should immediately discontinue using our website.

This Notice explains how we obtain, use and disclose your personal information, in accordance with the requirements of the Protection of Personal Information Act (“POPIA”).
At uShaka Marine World (and including this website) we are committed to protecting your privacy and to ensure that your personal information is collected and used properly, lawfully and transparently.

18. About the Company 

Durban Marine Theme Park (DMTP), trading as uShaka Marine World 

The information we collect 

We collect and process your personal information mainly to contact you for the purposes of doing business with you, related to products and services we offer to the publich and/or products and services we purchase from our suppliers. Other personal information is collected for the purposes of advancing common business interests with our partners. We also collect personal information in order understanding your requirements, and delivering services accordingly. For this purpose we will collect contact details including your name, e-mail, telephone numbers, address and organisation. We also collect company related information such as registration number, tax numbers, BBBEE certificates and director details among others.
We collect information directly from you where you provide us with your personal details. Where possible, we will inform you what information you are required to provide to us and what information is optional.
Website usage information may be collected using “cookies” which allows us to collect standard internet visitor usage information.

19. How we use your information 

We use your personal information only for the purposes for which it was collected and agreed with you. In addition, where necessary your information may be retained for legal or research purposes. 

For example:
• To gather contact information;
• To process sales for our goods and services to the public, including property rentals
• To process public tenders, including invoice payments as part of our Supply Chain Management (SCM) processes
• To confirm and verify your identity or to verify that you are an authorised user for security purposes;
• For the detection and prevention of fraud, crime, money laundering or other malpractices;
• To conduct market or customer satisfaction research or for statistical analysis;
• For audit and record keeping purposes;
• In connection with legal proceedings. 

20.Disclosure of information 

We may disclose your personal information to our service providers and partners who are involved in the delivery of products or services to you. We have agreements in place with such partners to ensure that they comply with the privacy requirements as required by the Protection of Personal Information Act.
We may also disclose your information:
• Where we have a duty or a right to disclose in terms of law or industry codes;
• Where we believe it is necessary to protect our rights and those of the public. 

21. Information Security 

We are legally obliged to provide adequate protection for the personal information we hold and to stop unauthorized access and use of personal information. We continuously review our security controls and related processes to ensure that your personal information remains secure. Our entity is also audited annually by internal and external audit teams to provide assurance on the effectiveness of our information security controls. 

Our security policies and procedures cover:
• Physical security;
• Computer and network security;
• Access to personal information;
• Secure communications;
• Security in contracting out activities or functions;
• Retention and disposal of information;
• Acceptable usage of personal information;
• Governance and regulatory issues;
• Monitoring access and usage of private information;
• Investigating and reacting to security incidents. 

When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that personal information that we remain responsible for, is kept secure.
We will ensure that anyone to whom we pass your personal information agrees to treat your information with the same level of protection as we are obliged to. This is done through data-sharing agreements and privacy clauses in all interactions with third parties.

22. Your Rights: Access to information 

You have the right to request a copy of the personal information we hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you require. We will need a copy of your ID document to confirm your identity before providing details of your personal information.
Please note that any such access request may be subject to a payment of a legally allowable fee.

23. Correction of your information 

You have the right to ask us to update or correct your personal information. We will require a copy of your ID document to confirm your identity before making changes to personal information we may hold about you. We would appreciate it if you would keep your personal information accurate.

24. Destruction/de-identification of your information 

You have the right to ask us to delete any personal information we may hold about you. To do this, simply contact us at the numbers/addresses as provided on our website and specify what information you want deleted/de-identified.We would appreciate it if you would keep your personal information accurate.

25. Definition of personal information 

According to the Act ‘‘personal information’’ means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person.

 
26. How to contact us 

If you have any queries about this notice; you need further information about our privacy practices; wish to withdraw consent; exercise preferences or access or correct your personal information, please contact us at the numbers/addresses listed on our website. 

Contents
1. DEFINITIONS 3
2. PURPOSE OF A PAIA MANUAL 4
3. DUTIES OF THE INFORMATION OFFICER 5
4. THE PURPOSE OF PROCESSING INFORMATION 10
ANNEXURE A: CONTACT DETAILS & BUSINESS TYPE 13
ANNEXURE B: SECTION 10 PAIA GUIDE 14
ANNEXURE C: STATUTORY RECORDS 15
ANNEXURE E: REQUEST PROCEDURE 18
ANNEXURE F: PRESCRIBED FEES 23
ANNEXURE G: DEPUTY INFORMATION OFFICER APPOINTMENT 24


 
1. DEFINITIONS

PAIA means the Promotion of Access to Information Act 2 of 2000
POPI means the Promotion of Personal Information Act 4 of 2013
Information Regulator means the Regulator established in terms of Section 39 of POPI
Person means a natural person or a juristic person
Private body means:
• a natural person who carries or has carried on any trade, business or profession, but only in such capacity
• a partnership which carries or has carried on any trade, business or profession; or
• an any former or existing juristic person, but excludes a public body
Public body means:
• any department of state or administration in the national or provincial sphere of government or any municipality in the local sphere of government; or
• any other functionary or institution when:
• exercising a power or performing a duty in terms of the Constitution or a provincial constitution; or
• exercising a public power or performing a public function in terms of any legislation
Head, in relation to, a private body means:
• in the case of a natural person, that natural person or any person duly authorised by that natural person;
• in the case of a partnership, any partner of the partnership or any person duly authorised by the partnership;
• in the case of a juristic person:
the chief executive officer or equivalent officer of the juristic person or any person duly authorised by that officer; or
the person who is acting as such or any person duly authorised by such acting person

Information Officer means the head of a private body

Deputy Information Officer means the person to whom any power or duty conferred or imposed on an Information Officer by POPI has been delegated

Requester in relation to a private body, means any person, including, but not limited to a public body or an official thereof, making a request for access to a record of the organisation or a person acting on behalf of such person

Personal Requester means a requester seeking access to a record containing personal information about the requester




Personal Information means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to: information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; information relating to the education or the medical, financial, criminal or employment history of the person; any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person, the biometric information of the person; the personal opinions, views or preferences of the person; correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; the views or opinions of another individual about the person; and the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person
Request for access means a request for access to a record of the organisation in terms of section 50 of PAIA

Record means any recorded information regardless of the form or medium, in the possession or under the control of the organisation irrespective of whether or not it was created by the organisation

Data Subject means the person to whom personal information relates

Third Party in relation to a request for access to a record held by the organisation, means any person other than the requester

Processing means any operation or activity or any set of operations, whether or not by automatic means, concerning personal information, including the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use, dissemination by means of transmission, distribution or making available in any other form, or merging, linking, as well as restriction, degradation, erasure or destruction of information

2. PURPOSE OF A PAIA MANUAL

The Promotion of Access to Information Act, 2000, gives effect to section 32 of the Constitution, which provides that everyone has the right to access information held by the State or any other person (or private body), when that information is required for the exercise or protection of any rights.
The purpose of PAIA is to:
• foster a culture of transparency and accountability in public and private bodies by giving effect to the right of access to information, and to
• actively promote a society in which the people of South Africa have effective access to information to enable them to more fully exercise and protect all of their rights
 
The organisation recognises everyone’s right to access to information and is committed to provide access to the organisation’s records where the proper procedural requirements as set out by PAIA and POPI have been met.
The organisation’s PAIA manual is compiled in accordance with section 51 of the Act and contains the following provisions:

Annexure A : Contact Details & Business Type
This section provides the organisation’s postal and street address, phone and fax number and, if available, the e-mail address of the head of the organisation
Annexure B : Section 10 PAIA Guide
This section provides a description of the guide referred to in Section 10 of PAIA and how you may obtain access to it
Annexure C : Statutory Records
This section provides a description of the various statutes in terms of which the organisation is required to maintain records
Annexure D : Availability of Records
This section provides a list of records held by the organisation along with an indication of whether the record is freely available or only accessible by way of a formal request in terms of the provisions of PAIA. The section also provides a description of the category of data subject(s) to who the respective records relates along with an indication of the purpose for which the record is being kept. Records that are indicated as “Freely Available” can be accessed by contacting the Deputy Information Officer (see Annexure A), without having to follow any formal procedures. Records that are indicated as a “PAIA Request”, requires the requester to lodge a formal request as provided for in Annexure E
Annexure E : Request Procedure
This section sets out the procedure required to obtain access to a record indicated as a “PAIA Request” in Annexure D
Annexure F : Prescribed Fees
This section sets out the fees that are payable to the organisation prior to processing a request to obtain access to a record held by the organisation
Annexure G : Deputy Information Officer Appointment
This section provides for the formal appointment of a Deputy Information Officer where so required
3. DUTIES OF THE INFORMATION OFFICER

The Information Officer and/or the Deputy Information Officer of the organisation are responsible for:

• Publishing and proper communication of the manual i.e. creating policy awareness
• The facilitation of any request for access
• Providing adequate notice and feedback to the requester
 
• Determining whether to grant a request for access to a complete/full record or only part of a record
• Ensuring that access to a record, where so granted, is provided timeously and in the correct format
• Reviewing the policy for accuracy and communicating any amendments

Right of Access
The Information Officer and/or Deputy Information Officer may only provide access to any record held by the organisation to a requester if:
• The record is required for the exercise or protection of any right, and
• The requester complies with the procedural requirements relating to a request for access to that record, and
• Access to that record is not refused in terms of any of the grounds for refusal listed below

Grounds for Refusal
The Information Officer and/or Deputy Information Officer must assess whether there are any grounds for refusing an access request. Where any grounds for refusal are found, an access request will not be granted. However, despite finding any grounds for refusal, access to the record(s) will be provided where:
• the disclosure of the record would reveal evidence of a substantial contravention of, or failure to comply with the law or imminent and serious public or environmental risk, and
• the public interest in disclosing record will clearly outweigh the harm contemplated in the provision in question,.

Where there are no grounds for refusal, request for access will be granted. If a request for access is made with regards to a record containing information that would justify a ground for refusal, every part of the record which

• does not contain, and
• can reasonably be severed from any part that contains, any such information must, despite any other provision of PAIA, also be disclosed

The grounds for refusal, or absence thereof, are set out below:
A: Mandatory Protection of privacy of a Third Party who is a Natural Person
Grounds for Refusal:

• The disclosure would involve the unreasonable disclosure of personal information about a third party that is a natural person (including a deceased individual)

No Grounds for Refusal:

• The record consists of information that concerns an individual who has already consented in writing to its disclosure to the requester concerned

• The record consists of information that is already publicly available

• The record consists of information that was given to the organisation by the individual to whom it relates and the individual was informed by or on behalf of the organisation, before it is given, that the information belongs to a class of information that would or might be made available to the public

• The record consists of information about an individual’s physical or mental health, or well-being, who is under the care of the requester and who is under the age of 18; or incapable of understanding the nature of the request, and if giving access would be in the individual’s best interest

• The record consists of information about an individual who is deceased and the requester is the individual’s next of kin or making the with the written consent of the individual’s next of kin

• The record consists of information about an individual who is or was an official of the organisation and which relates to the position or functions of the individual, including, but not limited to the title, work address, work phone number, the classification, salary scale or remuneration and responsibilities of the position heled or services performed by the individual and the name of the individual on a record prepare by the individual in the course of employment


B: Mandatory Protection of Commercial Information of a Third Party
Grounds for Refusal

• The record consists of information that contains trade secrets of a third party

• The record consists of information that contains financial, commercial, scientific or technical information, other than trade secrets, of a third party, the disclosure of which would be likely to cause harm to the commercial or financial interests of that third party

• The record consists of information supplied in confidence by a third party, the disclosure of which could reasonably be expected to put that third party at a disadvantage in contractual or other negotiations or to prejudice that third party in commercial competition

No Grounds for Refusal

• The record consists of information about a third party who has consented who has already consented in writing to its disclosure to the requester concerned

• The record consists of information about the results of any product or environmental testing or other investigation supplied by a third party or the results of any such testing or investigation carried out by or on behalf of a third party and its disclosure would reveal a serious public safety or environmental risk (the results of any product or environmental testing or other investigation do not include the results of preliminary

• testing or other investigation conducted for the purpose of developing methods of testing or other investigation)
C: Mandatory Protection of certain Confidential Information of a Third Party

Grounds for Refusal

• The record consists of information the disclosure of which would constitute an action for breach of a duty of confidence owed to a third party in terms of an agreement

D: Mandatory Protection of Safety of Individuals and Protection of Property
Grounds for Refusal

• The record consists of information that if disclosed could reasonably be expected to endanger the life or physical safety of an individual

• The record consists of information that if disclosed would likely prejudice or impair the security of a building, a structure or system, a computer or communication system, a means of transport, any other property

• The record consists of information that if disclosed would likely prejudice or impair the security of methods, systems, plans or procedures for the protection of an individual in accordance with a witness protection scheme, the safety of the public, or any part of the public, or the security of property


E: Mandatory Protection of Records privileged from Production in Legal Proceedings
Grounds for Refusal

• The record consists of information privileged from production in legal proceedings unless the person entitled to the privilege has waived the privilege

F: Commercial Information of the Organisation
Grounds for Refusal

• The record consists of information that contains trade secrets of the organisation

• The record consists of information that contains financial, commercial, scientific or technical information, other than trade secrets, of the organisation, the disclosure of which would likely cause harm to the commercial or financial interests of the organisation

• The record consists of information, the disclosure of which, could reasonably be expected to put the organisation at a disadvantage in contractual or other negotiations or prejudice the organisation in commercial competition

• The record is a computer program as defined in section 1(1) of the Copyright Act (Act 98 of 1978), owned by the organisation, except insofar as it is required to give access to a record to which access is granted in terms of PAIA

Grounds for Refusal

• The record consists of information about the results of any product or environmental testing or other investigation supplied by the organisation or the results of any such testing or investigation carried out by or on behalf of the organisation and its disclosure would reveal a serious public safety or environmental risk (the results of any product or environmental testing or other investigation do not include the results of preliminary testing or other investigation conducted for the purpose of developing methods of testing or other investigation)

G: Mandatory Protection of Research Information of a Third Party and the Organisation
Grounds for Refusal

• The record consists of information that contains information about research being or to be carried out by or on behalf of a third party, the disclosure of which would be likely to expose the third party, a person that is or will be carrying out the research on behalf of the third party, or the subject matter of the research to serious disadvantage

• The record consists of information that contains information about research being or to be carried out by or on behalf of the organisation, the disclosure of which would be likely to expose the organisation, a person that is or will be carrying out the research on behalf of the organisation, or the subject matter of the research to serious disadvantage


Notice
Where a request for access has been received the Information Officer and/or Deputy Information Officer will notify the requester of receipt and the prescribed fee (if any) that is payable prior to processing the request. Please refer to Annexure F for a full breakdown of fees payable. Personal requesters will not be charged a request fee.
The notice must state:

• The amount of the deposit payable (if any)
• That the requester may lodge a complaint with the Information Regulator or an application with a court against the tender or payment of the request fee, or the tender or payment of a deposit, as the case may be
• The procedure (including the period) for lodging the complaint with the Information Regulator or the application

Except to the extent that the provisions regarding third party notification may apply, the Information Officer and/or Deputy Information Officer to whom the request is made, must as soon as reasonably possible, but in any event within 30 days, after the request has been received in the prescribed format:

• Decide in accordance with PAIA whether to grant the request, and
• Notify the requester of the decision and, if the requester stated that he or she wishes to be informed of the decision in any other manner, inform him or her in that manner, if it is reasonably possible
 
If the request for access is granted, the notice must state:

• The access fee (if any) to be paid upon access
• The form in which access will be given, and
• That the requester may lodge a complaint with the Information Regulator or an application with a court against the access fee to be paid or the form of access granted, and the procedure, including the period allowed, for lodging a complaint with the Information Regulator or the application

If the request for access is refused, the notice must:

• State adequate reasons for the refusal, including the relevant provision of PAIA that was relied on
• Exclude, from any such reasons, any reference to the content of the records’ and
• State that the requester may lodge a complaint with the Information Regulator or an application with a court against the refusal of the request, and the procedure (including the period) for lodging a complaint with the Information Regulator or the application

Should all reasonable steps have been taken to find a record requested, and there are reasonable grounds for believing that the record:

• Is in the organisation’s possession, but cannot be found, or
• Simply does not exist,
• the head of the organisation must, by way of affidavit or affirmation, notify the requester that it is not possible to provide access to that record.

The affidavit or affirmation must provide full account of all steps taken to find the record in question or to determine whether the record exists, as the case may be, including all communication with every person who conducted the search on behalf of the head.
4. THE PURPOSE OF PROCESSING INFORMATION

4.1 Purpose of Processing Personal Information
DMTP will only process personal information in line with the DMTP Privacy Policy, which is available on the DMTP website.