PAIA MANUAL
Prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (as amended)
DATE OF COMPILATION: 09/09/2025
DATE OF REVISION: 16/04/2026
TABLE OF CONTENTS
1. LIST OF ACRONYMS AND ABBREVIATIONS.. 3
3. KEY CONTACT DETAILS FOR ACCESS TO INFORMATION OF 4 SEASONS CAR HIRE CC.. 4
4. GUIDE ON HOW TO USE PAIA AND HOW TO OBTAIN ACCESS TO THE GUIDE. 4
6. DESCRIPTION OF THE RECORDS 4 SEASONS CAR HIRE CC WHICH ARE AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION………………………………………………………8
8. PROCESSING OF PERSONAL INFORMATION.. 8
8.1 Purpose of Processing Personal Information. 8
8.3 The recipients or categories of recipients to whom the personal information may be supplied. 9
8.4 Planned transborder flows of personal information. 10
8.5 Personal information received from third parties……………………………………………...10
8.7 Data breaches…………………………………………………………………………………....11
9. AVAILABILITY OF THE MANUAL………………………………………………………………….…11
10. UPDATING OF THE MANUAL. 12
11. FORMS……………………………………………………………………………………………………12
This PAIA Manual is useful for the public to-
Name: Wouter Evers
Email: w.evers@4seasons-car-rental.com
Postal Address: 30 Topaz Street
Somerset West
7130
Physical Address: 30 Topaz Street
Somerset West
7130
Email: w.evers@4seasons-car-rental.com
Website: https://www.4seasons-car-rental.com/
![]() |
1 Section 17(1) of PAIA- For the purposes of PAIA, each public body must, subject to legislation governing the employment of personnel of the public body concerned, designate such number of persons as deputy information officers as are necessary to render the public body as accessible as reasonably possible for requesters of its records.
2 Section 56(a) of POPIA- Each public and private body must make provision, in the manner prescribed in section 17 of the Promotion of Access to Information Act, with the necessary changes, for the designation of such a number of persons, if any, as deputy information officers as is necessary to perform the duties and responsibilities as set out in section 55(1) of POPIA.
3 Section 11(1) of PAIA- A requester must be given access to a record of a public body if that requester complies with all the procedural requirements in PAIA relating to a request for access to that record; and access to that record is not refused in terms of any ground for refusal contemplated in Chapter 4 of this Part.
4 Section 50(1) of PAIA- A requester must be given access to any record of a private body if-
![]() |
5 Section 14(1) of PAIA- The information officer of a public body must, in at least three official languages, make available a manual containing information listed in paragraph 4 above.
6 Section 51(1) of PAIA- The head of a private body must make available a manual containing the description of the information listed in paragraph 4 above.
7 Section 15(1) of PAIA- The information officer of a public body, must make available in the prescribed manner a description of the categories of records of the public body that are automatically available without a person having to request access
8 Section 52(1) of PAIA- The head of a private body may, on a voluntary basis, make available in the prescribed manner a description of the categories of records of the private body that are automatically available without a person having to request access
9 Section 22(1) of PAIA- The information officer of a public body to whom a request for access is made, must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
10 Section 54(1) of PAIA- The head of a private body to whom a request for access is made must by notice require the requester to pay the prescribed request fee (if any), before further processing the request.
11 Section 92(1) of PAIA provides that –“The Minister may, by notice in the Gazette, make regulations regarding-
|
Category of records |
Availability |
|
PAIA Manual |
Website or by email request |
|
Contact Details |
Website and business listings |
|
Company Registration Information |
Website or available via email request |
|
Vehicle Rental Options & Pricing |
Website |
|
Branch Locations & Depots |
Website |
|
Terms & Conditions (e.g. Refund Policy) |
Website |
|
Privacy & Cookie Policies |
Website |
|
Booking Management Tools |
Website |
|
Rental Partners |
Website |
|
Category of Records |
Applicable Legislation |
|
PAIA Manual |
Promotion of Access to Information Act (Act 2 of 2000) |
|
Employment Contracts |
Basic Conditions of Employment Act (Act 75 of 1997) |
|
Health & Safety Reports |
Occupational Health and Safety Act (Act 85 of 1993) |
|
Tax Records (e.g. VAT, PAYE) |
Income Tax Act (Act 58 of 1962) and Value Added Tax Act (Act 89 of 1991) |
|
Financial Statements |
Companies Act (Act 71 of 2008) |
|
UIF Registration & Contributions |
Unemployment Insurance Act (Act 63 of 2001) |
|
COIDA Registration & Incident Reports |
Compensation for Occupational Injuries and Diseases Act (Act 130 of 1993) |
|
POPIA Compliance Documentation |
Protection of Personal Information Act (Act 4 of 2013) |
|
B-BBEE Certificates |
Broad-Based Black Economic Empowerment Act (Act 53 of 2003) |
|
Vehicle Licensing & Roadworthy Records |
National Road Traffic Act (Act 93 of 1996) |
|
Categories of records |
|
|
Finance |
|
|
Human Resources (HR) |
|
|
Operations |
|
|
Supply Chain / Fleet Management |
|
|
Legal & Compliance |
|
|
Customer Service & Bookings |
|
4 Seasons Car Hire CC collects and uses personal information for operational purposes, in line with South African privacy and data protection laws:
|
Categories of Data Subjects |
Personal Information that may be processed |
|
Customers / Clients |
Full name and surname Physical or postal address ID or passport number Driver’s license details Employment status Bank account and payment details |
|
Employees |
Contact information (phone, email, address) ID number and employment history Tax number and payroll data Leave and attendance records Medical aid and provident fund membership |
|
Suppliers / Contractors |
Company name and registration number Contact person’s name and details Banking information B-BBEE certificate and other compliance documents |
|
Website Users / Enquirers |
Name and contact details submitted via online forms IP address and browser data Booking preferences and rental history |
|
Rental Partners |
Business contact details Partnership agreements and service records Licensing and insurance documentation |
|
Recipients or Categories of Recipients to whom the personal information may be supplied |
Purpose for Supplying Personal Information |
Category of Personal Information |
|
South African Police Service (SAPS) |
Criminal background checks and legal compliance |
ID numbers, driver’s license details, criminal history |
|
Banks and Financial Institutions |
Processing salary payments and verifying account details |
Employee banking details, salary information |
|
Debt Collection Agencies |
Recovering outstanding accounts |
Customer contact details, account balances, payment history |
|
Benefit Administrators |
Managing employee benefits such as medical aid and pensions |
ID numbers, medical aid and provident fund membership |
|
Government Departments (e.g. SARS) |
Statutory reporting and regulatory compliance |
Tax numbers, UIF contributions, employment records |
|
Insurance Providers |
Underwriting policies and processing claims |
Vehicle details, driver information, claim history |
|
IT and System Service Providers |
Maintaining secure systems and managing booking platforms |
Usernames, email addresses, booking data |
|
Rental Partners and Affiliates |
Coordinating third-party or cross-border vehicle rentals |
Booking details, customer contact information |
|
Legal Advisors or Auditors |
Ensuring legal compliance and conducting financial audits |
Financial records, contracts, compliance documentation |
4 Seasons Car Hire CC makes use of secure cloud-based services which may result in certain categories of personal information being stored or processed outside the Republic of South Africa.
Destination Country: United States
Types of Information:
4 Seasons Car Hire CC applies appropriate technical and organizational measures to safeguard personal information against loss, misuse, unauthorized access, or cyber threats. All protective actions are implemented in accordance with the Protection of Personal Information Act (POPIA) 4 of 2013 and industry best practices. Current security measures in place include:
Where are the reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorized person, the body shall notify the Information Regulator and the data subject, unless the identity of such data subject cannot be established.
The notification will be made as soon as reasonably possible after the discovery of the compromise, taking into account the legitimate needs of law enforcement or any measures reasonably necessary to determine the scope of the compromise and to restore the integrity of the responsible party’s information system.
The head of Webb Accountants (SA) will on a regular basis update this manual.
The following forms are attached hereto for ease of reference:
Signed by
W. Evers
![]() |
W. Evers
Director