202106-The-Wilds-Newsletter by Black Marble Media

eTrumpeter

OFFICIAL MONTHLY PUBLICATION OF

THE CORONAVIRUS COVID-19

image courtesy of https://www.striata.com

JUNE 2021

CONTENT

This magazine is designed & published by :

• Estate Contact details

• Special POPIA Edition

• POPIA Edition Extended

• More Legal Developments

• The Wilds: Service Providers

• Coronavirus Covid-19: SA moves to Level 4

ADVERTISING ENQUIRIES Contact our sales team Tel: 072 386 7347 Curious about selling? We make it easy. BER TIE LOMBARD - 083 5015511

E-mail: advertise@blackmarblemedia.co.za Next Newsletter: JULY 2021

Disclaimer: This eMagazine is produced especially for residents of The Wilds to provide updates and useful information. It is produced by Black Marble Media on behalf of the Home Owners Association of The Wilds. Although every effort is taken to ensure accuracy of content, The Wilds HOA and/or the Publisher, cannot be held liable for any inaccurate information, and may not agree with all opinions expressed in this publication.

Estate Contact Details Brendan Olivier (General Manager)

brendan@the-wilds.co.za

3701

Ronel Mulvaney (Estate Manager)

ronel@the-wilds.co.za

3702

charmaine@the-wilds.co.za

3703

Charmaine Strange (Secretary)

If you experience any problems regarding access cards or biometrics, please contact Gate 1 (one). Tel no 012-996 0551

AFTER-HOURS AND WEEKEND CONTACT NUMBERS:

Gate 1 IPECS:

3302 or 3303

Gate 2 IPECS:

3402 or 3403

Estate office

012 940 8285 & 012 996 0123

IPECS numbers:

3701, 3702 & 3703

Gate one [Admin office ]

012 996 0551/3303

Gate two

012 996 1062/3401

SECURITY Contract Manager Pieter Schoeman 082-978 3644

IPECS Number: 3601

Duty Manager

082 978 3288

24/7

Control room (24/7)

012 996-1062

IPECS Number: 3602

we create awesome.

Advertise your business in the NEXT ISSUE! for ONLY R771* CLICK HERE for a list of Estates and pricing advertise@blackmarblemedia.co.za *Price based on quarter page advert. Full Page and Halfpage also available. Bulk discount: Advertise in three estates (same month and same size ad) and get a 25% discount on the cheapest rate.

EDITION POPIA

Dear Residents, this month’s e-Trumpeter is focused on POPIA, what it is all about and what our residents should know and be aware of.

We seek to process the personal information of any third parties in a responsible and lawful manner and are also taking appropriate steps to ensure that our service providers and suppliers do the same. The purpose of this notice is to inform our members and stakeholders of the proactive steps we are taking to comply with POPIA and prevailing data protection and privacy laws, as well as to create appropriate awareness for the steps which we will be taking in future. A key aspect which we want to bring to your attention, is our privacy notice, which we attach to this circular, for your kind consideration. BACKGROUND & OBJECTIVES OF THE COMPLIANCE PROGRAM

INTRODUCTION

In anticipation of the full enforcement of POPIA in South Africa, we initiated a legal data protection and privacy compliance project with the following objectives:

The Wilds Home Owners Association (“The HOA”/ “We” / “Us”) places a high premium on the privacy and personal information of our members, visitors, employees, customers, affiliates, service providers and any other third-party with whom we engage or contract. As such, we have recognised the importance of deploying a comprehensive data protection compliance program to ensure that our day-to-day activities comply with the Protection of Personal Information Act, 2013 (“POPIA”) and other potentially applicable data protection and privacy laws.

• To execute a gap analysis/impact assessment to evaluate our data processing infrastructure and identify areas of risk in relation to compliance with prevailing data protection and privacy laws, such as POPIA. • To deploy an internal training and awareness program to lay a proper foundation for the implementation of a standardised compliance framework. • To implement practical legal measures and documentation with the following objectives: • To give effect to the responsibilities and duties of our Information Officer.

POPIA Edition (Cont.)

in terms of POPIA. • To create a compliance policy framework which codifies acceptable policy standards and operational • Allow the establishment of clear, standardised processing principles processes to ensure that we always endeavour to and businesses processes within process personal information and data in general in which to foresee, identify and deal compliance with the provisions of POPIA and prevailing with information security and data data protection and privacy laws. processing risks. • To establish an internal culture of data protection and privacy compliance, hold our employees, suppliers • Enables the HOA to stay operational and mitigate our risks in the event of and service providers accountable, and ultimately manage our compliance risks effectively. an incident occurring. IMPORTANCE OF THE PROGRAM Compliance with prevailing data protection and privacy laws pose significant operational challenges. We have recognised the challenges associated with implementing appropriate compliance strategies, without making everyone’s lives unnecessarily difficult. To this end, we are developing a compliance framework which will: • Enable us, as an HOA, to comply with the conditions for the lawful processing of personal information as set forth

• Identify the obligations imposed upon us as a responsible party, and which will hold our employees, suppliers and service providers accountable. • Foster a culture of data protection and information security compliance. PRACTICAL STEPS AND IMPLEMENTATION STRATEGY To give credence to our compliance efforts, we are executing short-term, medium-term, and longterm objectives and will be ensuring that we are implementing the following: Awareness and Training We have appointed an Information Officer and Deputy Information Officers, who have started executing their broader obligations and responsibilities in terms of POPIA. One of the most important of these responsibilities is facilitating ongoing internal awareness and training. We will be deploying various awareness and training interventions throughout the course of the coming months, which will take the form of interactive workshops, online training

POPIA Edition (Cont.)

as such, we have developed a comprehensive PAIA Manual framework in terms of Section 51 of PAIA. This Manual clearly sets out the process through which PRIVACY POLICY FRAMEWORK any data subject can engage with us to request access We take the privacy of data subjects, specifically our to information. This Manual will be published on our members, very seriously and are developing a privacy website. policy framework speaking to the manner in which we may process personal information and data in TERMS AND CONDITIONS general. Any data subject who engages with us should be fully Our privacy policy framework will provide for the aware that such engagement is subject to certain terms manner and purposes for which we may process and conditions. These terms and conditions must personal information and will establish clear clearly set forth the types of personal information we protocols and standards for the processing of personal process and the manner in which we process it. information and data. We need to make sure that all third parties are aware of how and for what purposes INFORMATION NOTICES AND CONSENT FORMS we process personal information and data. courses and micro-learning interventions.

PAIA MANUAL

In accordance with Sections 11 and 18 of POPIA, we must establish a lawful justification for the processing We accept that the Promotion of Access to Information of personal information, and we must use our best Act, 2000 (PAIA) is just as important as POPIA and endeavours to always inform data subjects of any

occasion whereby which they provide us with their personal information, as well as the purpose for which we would be processing such information. We may also need to get their consent to process their information (consent is not always necessary and it should be a last resort). DATA SHARING PROTOCOLS (SOP’S) To ensure that we implement the provisions of POPIA which deal with the sharing of personal information effectively, we need to ensure that everyone is made aware of clear, standardised business processes and procedures which must be followed in respect of the sharing of personal information with third parties. In this regard, we will be deploying various standard operating procedures (SOP’s) which are to be applied when sharing data with third parties.

POPIA Edition (Cont.)

Curious about selling? We make it easy.

BER TIE LOMBARD - 083 5015511

The implementation of this compliance framework is key to ensure that we implement appropriate technical and security safeguards necessary to adhere to prevailing data protection, privacy laws and quality It is important for you to know that the best legal and standards. operational policies won’t protect our systems if those policies, and the procedures which flow from them, CLOSING NOTE are not implemented effectively and adhered to. We reiterate that we are required to take the privacy Therefore, we are also deploying a tailored digital and information security of anyone whose personal compliance dashboard which will enable the information and data we process very seriously. development of business and operational procedures Therefore, we want to make sure that you are aware of the fact that we are committed to maintaining which link to specified policy outcomes. a comprehensive compliance framework in the This digital dashboard will also afford authorised administration of our beautiful estate. administrators the ability to assign responsibility for the implementation of certain policy outcomes to Yours Faithfully, identified individuals and monitor adherence. Werner Herbst Vice-Chairman TECHNICAL INFORMATION SECURITY POLICY FRAMEWORK AND PROTOCOLS (SOP’S)

EDITION POPIA

The Protection of Personal Information Act (POPIA), Act 4 of 2013 aims: • to promote the protection of personal information processed by public and private bodies; • to introduce certain conditions so as to establish minimum requirements for the processing of personal information; • to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; • to provide for the issuing of codes of conduct; • to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; • to regulate the flow of personal information across the borders of the Republic; and • to provide for matters connected therewith.

Commencement • 11 April 2014, Section 1, Part A of Chapter 5 (Sections 39 to 54), Sections 112 and 113 (Gazette 37544 if 11 April 2014) • 1 July 2020, Sections 2 to 38, Sections 55 to 109, Section 111, Section 114(1), (2) and (3) (Gazette 43461 of 22 June 2020) • 30 June 2021, Sections 110 and 114(4) (Gazette 43461 of 22 June 2020) • 1 July 2021, Section 58(2) (Gazette 44383 of 1 April 2021) Media Statement: Developments ahead of enforcement powers coming into effect, 22 Jun 2021 The Information Regulator has confirmed that there will be no deadline for registration of Information officers (IO) and Deputy Information Officers (DIO); this means that no responsible party will be held liable for not registering by 30 June 2021. This decision follows technical glitches with the registration portal and numerous concerns raised by responsible parties regarding the registration process.

POPIA Edition (Cont.)

WHAT DOES POPIA STAND FOR: PROTECTION OF PERSONAL INFORMATION ACT. You can be assured from Estate Management`s side that your Private Information is kept safe, and not shared with any unauthorised person.

service providers, and you may end up with a list of blocked telephone numbers on you cell phone of service providers selling: insurance, medical aid, security equipment etc, and also keep in mind you could receive calls from Estate Agents who can obtain your info from “WINDeed” or similar entities linked to the Deeds Office, asking if you would be interested in selling your property... Service Providers could also ask you to nominate other persons who will be interested in their service/product. The POPIA prevents you from sharing other friends or family members details too.

Even before the new Act was accepted, all HOA employees and all members of sub-committees signed a Code of Conduct. Effectively now Estate Management and our Service Providers who obtain As the saying goes: if everything else fails your information are trained and fully aware of the - read the instructions -so please visit our conditions of the new Act, but we also need your help website www.the-wilds.co.za for more to be careful with whom you share your personal information. information. Let’s look at some simple examples: Completing a questionnaire from any service provider, in hard copy, electronically, telephonically Moving ahead: or a questionnaire from an interested entity, – read the T’s & C’s first, as you could allow these companies All the Estates Sub-Committees have a roll with the to automatically share your personal info with other new Act, some smaller than others, but all important.

To mention a few: • Security: Committee Members, Bidvest Protea Coin, Glovent, Maklik and various other service providers. • Financial: Committee Members, Mid-City Property Services, Debt collection Attorney– Bouwer & Olivier. • Aesthetics – Plan Division: Committee Members, Document Warehouse, all attorneys and estate agents involved. Please note the plans that the Estate have on record are stored electronically and no person has access to these files without authorisation. • Communication: Telkom • Other: Sectional Title Schemes – to comply as well. Trustees in sectional title schemes are responsible for their compliance. Their policy should include details of whose personal information is collected and held by the complex. This includes trustees, owners, and tenants, as well as visitors. The type of personal information that the complex collects and holds, as well as how the complex collects and stores personal information, must be specified. The purposes for which the complex collects, uses, and discloses personal information must also be detailed, along with information on how an individual may access personal information.

POPIA Edition (Cont.)

Why do we need this?

Click here to find all the relevant information.

The purpose of the POPIA is to protect people as far possible by protecting their personal information, stop their money being stolen, stop identity fraud and their privacy from being invaded which is a fundamental human right and to achieve this, the POPIA sets conditions when it is lawful for someone to process someone else’s personal information.

The POPIA involves three parties who can be natural Timelines: or juristic persons: The commencement date started 01 July 2020 and for 1. The data subject: the person to whom the compliance 01 July 2021. information relates. 2. The responsible party: the person who determines Who is affected: why and how to process. These include profit and non-profit companies, governments, state agencies Any natural or juristic person who processes personal information, including large corporates and who are called Controllers in jurisdictions. 3. The operator: a person who processes personal government, relating to the data subject. information on behalf of the responsible party example, an IT vendor who are called Processors Steps to comply: in jurisdictions. 1. Appoint an Information Officer: Brendan Olivier has been appointed as the IO There are various obligations placed on these responsible parties which is the body ultimately 2. Appoint Deputy Information Officer(s): Ronel Mulvaney and Charmaine Strange has been responsible for the lawful processing of personal appointed as DIO`s. information. Responsible parties should only use operators that can meet the requirements of lawful 3. Draft a Privacy Policy. It has been published on our website in the POPIA section. personal information processing prescribed by the

Who are the Role Players? • The President, on the recommendation of the National Assembly, appointed the following persons as Chairperson and members of the Information Regulator with effect from 1 December 2016, for a period of five years: 1. Adv Pansy Tlakula (Chairperson); 2. Adv Lebogang Cordelia Stroom-Nzama (fulltime); 3. Adv Johannes Collen Weapond (full-time); 4. Prof Tana Pistorius (part-time); and 5. Mr Sizwe Lindelo Snail ka Mtuze (part-time).

Protection of Personal Information Act.

POPIA Edition (Cont.)

4. Raise awareness amongst all employees. ensuring the conditions for lawful processing are met. Documentation has been signed by all staff • Processing limitation – your business must members. process personal information lawfully, minimally, 5. Amend contracts with operators. This has been in accordance with the consent, justification and done with our attorneys having drafted the objection provisions, and with the data subject’s relevant documents. consent, unless certain exceptions apply. 6. Report data breaches to the regulator and data • Purpose specification – your business must subjects. process personal information for a specific purpose 7. Check that they can lawfully transfer personal and adhere to the retention and restriction of records provisions in POPIA. information to other countries. 8. Only share personal information when they are • Further processing limitation – further processing of information must be compatible with the lawfully able to. purpose of collection. • Information quality – your business must take The eight conditions for processing personal reasonably practicable steps to ensure that information. personal information is complete, accurate, not misleading and updated. There are eight conditions for the lawful processing • Openness – your business must maintain the of personal information according to POPIA and your documentation of all processing operations under business should now have ensured that it can meet its responsibility and take reasonably practicable all of these eight conditions. steps to ensure that the data subject is aware of certain information. • Accountability – your business is responsible for • Security safeguards – your business must: (i)

secure the integrity and confidentiality of personal information in its possession or under its control by taking appropriate, reasonable technical and organizational measures; (ii) in terms of a written contract, ensure that the operator, which processes personal information for the business establishes and maintains security measures; and (iii) as soon as reasonably possible after the discovery of a compromise, notify the Information Regulator and the data subject. • Data subject participation – your business must allow a data subject to access and correct its personal information. Your business may also be required to correct, delete or destroy personal information. From BusinessTech Staff writer 20 June 2021

Consequences for non-compliance: 1. A fine or imprisonment of between R1 million and R10 million or one to ten years in jail. 2. Paying compensation to data subjects for the damage they have suffered.

POPIA Edition (Cont.)

Our main motivation for complying with the Protection of Personal Information Act (POPIA) should be to protect people from harm. You can visit Google where you will find an abundance of information regarding the POPIA Regulations & Compliance. Important to us is to gear up, get smart and comply.

more legal Drivers, AARTO is also coming into effect on 1 June 2021 and will cause its own havoc in the administration of road matters… Please study the relevant legislation. • https://www.aarto.co.za/ • https://www.carmag.co.za/news/industrynews/aarto-explained-heres-need-know-sasnew-demerit-system/

Owners, it is incredibly important for you to read up about the New SPLUMA as mentioned in the previous edition: In a nutshell: Thinking of selling you property? – First have your Approved Tshwane Building Plans and the relevant Occupancy Certificate in order – this means your property must match the Approved Tshwane building plans - this include sectional title units – approved plans and your occupancy certificate can be obtained from the council.

Read more: • https://www.werksmans.com/legal-updates-and-opinions/spluma-certificate-confusion/ • https://dvh.law.za/the-spatial-planning-and-land-use-management-act-spluma-as-it-is-c-ommonly-known/ • https://www.abgross.co.za/spluma-act-impact-on-property-transfers/

For more information, click here to contact Estate Manager, Ronel Mulvaney

THE

Registered Service Providers (click to view) • Gardening Services • Armed Response • Cleaning Services

• Registered Businesses • Registered Estate Agents 16

Coronavirus Covid-19

South Africa moves to level 4 South Africa has moved to an adjusted lockdown Level 4 from Monday 28 June 2021, with all social gatherings prohibited. Funerals are restricted to a maximum of 50 people. No night vigils or post-funeral gatherings are permitted.

Outside of work, South Africans are urged to only meet with members of their households. The President says the closure of schools for the winter holidays will be brought forward to this Friday – 2 July 2021.

In his address to the nation, President Cyril Ramaphosa says government’s focus is on limiting social contact to flatten the curve and contain the further spread of the COVID-19 virus. Under adjusted lockdown Alert Level 4, restaurants and other eateries may only serve food for takeaway or delivery.

Below is the list of all things that are off-limits as per the revised COVID-19 rules: • Night vigils at a funeral are banned. • After-funeral gatherings, including after tears gatherings

Coronavirus Covid-19 • All gatherings are banned, except for funerals. • Movement between provinces, metropolitan areas and districts are prohibited except for workers who have a permit to perform an essential or permitted service who have to commute to and from work on a daily basis. • All industries, businesses, entities, both private and in the public sector, which are permitted to operate during Alert Level 4, must designate a COVID-19 compliance office. • Any place or premises normally open to the public where religious, cultural, sporting, entertainment, recreational, exhibitional, organisational or similar activities may take place is closed. • No sale or transport of liquor permitted. • Night clubs, bars, taverns, shebeen and similar establishments • Travelling in and out of Gauteng for leisure is prohibited KEEP SAFE, ADHERE TO HEALTH PROTOCOLS AND STAY ALIVE!

CORONA VIRUS: WE ARE AT LEVEL 4