Legal Centre


Please read these terms carefully. Access to, and use of Staffroom (Staffroom Software Pty Ltd) products and services and partner products and services is conditional on your agreement to these terms. You must read, agree with, and accept all of the terms and conditions contained below. When using our products and services you are bound to these terms and you indicate your continued acceptance of these terms.

For some products and services we may conclude a separate legal agreement with you or your company.  In these cases the terms and conditions that are contained within that agreement take precedence over those below.

The terms and conditions below include:

  • Customer Relationship Terms – general terms and conditions that govern our relationship with our clients.
  • Pricing and Payment Terms – terms that govern quotations and payments for our products and services.
  • Specific Service Terms – terms that are specific to our Training and Consulting Services, Hosting Services, and Support Services.



1.1. “Agreement” means this Framework Agreement together with any and all Schedules and Purchase Orders referenced herein.

1.2. “Confidential Information” has the meaning given to it in Section 3.1.

1.3. “Consultancy” shall mean professional services provided by Staffroom in accordance with the terms of the Consultancy Services Schedule.

1.4. “Documentation” means the instruction manuals and user guides made available to the Customer by Staffroom in either printed or electronic form.

1.5. “Fees” means fees for Services or Software (if applicable) as set out in any invoice.

1.6. “Purchase Order” shall mean any purchase orders accepted by Staffroom from the Customer. Purchase Orders shall make reference to any quotation (if applicable) and this Agreement.

1.7. “Services” means all services purchased by the Customer from Staffroom.

1.8. “Site” means the site(s) designated in any Schedule to this Agreement at which the Services will be performed.

1.9. “Software” means the software provided to the Customer in terms of an applicable license.

1.10. “Statement of Work” means the document created by Staffroom and agreed by Customer, following a request from the Customer, describing the specific tasks to be performed by Staffroom.

1.11. “Support Services” shall mean the Staffroom support and maintenance services.


2.1. Software. All software provided hereunder is supplied in terms of the applicable license associated with such software.

2.2. Support. All services provided hereunder shall also be subject to the Support and Maintenance Schedule.

2.3. Training and Consultancy. Any professional services including installation or implementation and training provided by Staffroom shall be subject to the Training and Consultancy Services Schedule.


3.1. Confidentiality Obligations. “Confidential Information” includes all Software, Training material, the output of any Consultancy Services, all related documents including but not limited to those documents exchanged in relation to the project as described in the Statement of Work plus all information reasonably identified by the disclosing party as confidential. The receiving party shall retain the Confidential Information of the disclosing party in strict confidence, shall not use it for any purpose other than as permitted under this Agreement, and shall not disclose it to any third party (except as authorized by this Agreement) without the disclosing party’s express written consent.

3.2. Exceptions. The receiving party shall be relieved of the obligations of Section 3.1 with respect to information it can establish through credible evidence: (a) was in the public domain at the time it was disclosed or has become in the public domain through no fault of the receiving party; (b) was known to the receiving party, without restriction, at the time of disclosure as shown by the files of the receiving party in existence at the time of disclosure; (c) was independently developed by the receiving party without any use of the disclosing party’s confidential information and by employees or other agents of the receiving party who have not had access to any of the disclosing party’s confidential information; or (d) became known to the receiving party, without restriction, from a source other than the disclosing party without breach of this Agreement by the receiving party and otherwise not in violation of the disclosing party’s rights.

3.3. Required Disclosure. If the receiving party is required by law or by any legitimate regulatory authority to which the receiving party is subject to disclose Confidential Information of the disclosing party, the receiving party may disclose such Confidential Information; provided that the receiving party shall: (a) give the disclosing party as much notice as reasonably practicable of the requirement for such disclosure; (b) assist the disclosing party in challenging, limiting and/or obtaining protective treatment with respect to such disclosure; and (c) limit disclosure of the disclosing party’s Confidential Information to that required to be disclosed.

3.4. Except as provided in Sections 3.2 and 3.3 above, each party and its respective successors and permitted assigns will maintain the confidentiality of the Confidential Information provided by the other party or its suppliers and will not: (i) use, disclose, reproduce, distribute or otherwise transfer the Confidential Information to any other person or entity nor (ii) remove from the Confidential Information any notice placed thereon indicating the confidential nature of or the proprietary right of the parties or their suppliers.

3.5. Each party agrees that: (i) the Confidential Information accessed or acquired by it or its employees or agents in connection with this Agreement is and remains the exclusive property of the party or its supplier from whom it was received; and (ii) such access will be limited to employees and independent contractors who have a need to know the Confidential Information and who agree in writing to abide by the restrictions of this Agreement and to use the Confidential Information only for the purposes permitted hereunder.

3.6. The obligations of confidentiality in this section will apply to any Confidential Information during the term hereof and for a period of three (3) years after termination of this Agreement.

3.7. Return of Confidential Information. All tangible forms of the Confidential Information, including, without limitation, all summaries, copies, excerpts of any Confidential Information whether prepared by the disclosing party or not, shall be the sole property of the disclosing party, and shall be immediately delivered by the receiving party to the disclosing party upon the disclosing party’s request or the termination of this Agreement (whichever is earlier). The receiving party shall not copy, reproduce, publish or distribute in whole or in part any Confidential Information of the disclosing party without the prior written consent of the disclosing party.

3.8. Privacy. The Parties must:
3.8.1. comply with all Privacy Laws in relation to Personal Information as if it were an entity regulated under those Privacy Laws;
3.8.2. only collect, store, use, disclose or otherwise deal with Personal Information in terms of Privacy Law alternatively as reasonably directed by a party, except to the extent that compliance with the direction would cause the other party to breach a Privacy Law;
3.8.3. only use or disclose Personal Information for the purposes of and as expressly permitted under this agreement;
3.8.4. assist each other to comply with obligations under any Privacy Law as they relate to Personal Information;
3.8.5. take such steps as are reasonable in the circumstances to ensure that the Personal Information it uses or discloses is up-to-date, complete and relevant in terms of this Agreement;
3.8.6. ensure that any person to whom a party discloses Personal Information is aware of and complies with the obligations under 3.8 and
3.8.7. not do any act, engage in any practice, or omit to do any act or engage in any practice that: would result in a breach of a Privacy Law if the Privacy Law applied to those things done, engaged in or omitted to be done by a party; or would cause Staffroom to breach or be taken to breach a Privacy Law.





4.4. Customer agrees that Staffroom’s liability under these Terms and Conditions and any Schedules, in contract or in delict shall not exceed the lesser of the Fees (if any) paid by the Customer in the preceding 12 (twelve) months (or if 12 (twelve) months has not yet elapsed the Fees paid for the months which have elapsed) or the proceeds paid out of any insurance policy taken out in this regard. This limitation shall not apply to death or personal injury caused by Staffroom’s gross negligence or any other liability that by law cannot be limited.


5.1. Obligation to Indemnify. The Customer shall indemnify Staffroom its licensors, agents and employees against all costs, loss, liability and expense arising from any claims against or incurred by Staffroom in connection with this Agreement, provided such claim arises from breach of this Agreement by the Customer; and

5.2. any claims relating to use by the Customer of any software, products or services not provided by Staffroom but used in conjunction with this Agreement.


6.1. The term of this Agreement, including any Schedules hereto shall commence on the Effective Date and shall continue thereafter until terminated as set forth in this Section 6 or as may be additionally provided for in any Purchase Order.

6.2. Either party may terminate this Agreement for convenience upon giving the other party 120 (one hundred and twenty) days written notice. Any Purchase Orders accepted by Staffroom prior to such termination will continue in effect until the Software or Services, the subject of the Purchase Order, have been delivered and the terms hereof shall be deemed to apply, notwithstanding such termination, until the Software or Services have been delivered.

6.3. This Agreement may immediately be terminated if either party becomes insolvent, anticipates or enters into business rescue proceedings, makes a general assignment for the benefit of creditors, becomes subject to any proceeding under any insolvency law whether domestic or foreign that, if involuntary, is not dismissed within 60 (sixty) days, or has wound up or liquidated, voluntarily or otherwise, its business.

6.4. Either party may terminate this Agreement (or any Schedule) with immediate effect by written notice to the other party on or at any time after the occurrence of a material breach (including but not limited to non-payment by the Customer) by the other party of this Agreement (or any Schedule) and which (if the breach is capable of remedy) the defaulting party has failed to remedy within 30 (thirty) days after receipt of written notice of such breach from the terminating party.

6.5. On termination or expiration of this Agreement (or any Schedule) for any reason:
6.5.1. Staffroom shall be entitled to be paid all sums due under any Schedule;
6.5.2. termination shall not affect the rights of either party accruing or accrued prior to the termination of this Agreement; and
6.5.3. this Agreement shall continue in force to the extent necessary to give effect to those of its provisions that expressly or impliedly have effect after termination.

6.6. On termination of this Agreement, any outstanding Purchase Orders which have not been accepted by Staffroom shall also terminate.


7.1. The Parties shall first use reasonable endeavours to resolve any disputes that may arise under this Agreement through good faith negotiations. This entails one of the Parties inviting the other in writing to meet, either in person or by means of telephone or video conferencing facilities, and to attempt to resolve the dispute within 5 (five) Business Days from date of written invitation. In the event that such negotiations do not result in a mutually acceptable resolution within 5 (five) Business Days of the commencement thereof, the dispute shall be handled in accordance with clause 7.2.

7.2. Subject to clause 7.1, any dispute or difference arising out of or relating to this Agreement, its termination or cancellation shall be referred to arbitration and finally resolved in accordance with the rules of the Arbitration Foundation of Southern Africa. Such arbitration shall be held in Johannesburg/Cape Town, and conducted in the English language before one arbitrator appointed in accordance with the said rules. Any award will be final and not subject to appeal. This agreement to arbitrate shall be enforceable in, and judgement upon any award may be entered in any court of any country having appropriate jurisdiction. A dispute shall be deemed to have arisen when either Party notifies the other Party in writing to that effect.

7.3. The provisions of clause 7.2 above shall not preclude either Party from approaching any court or other judicial forum in any country having appropriate jurisdiction to obtain interim or urgent relief.


8.1. Entire Agreement. This Agreement together with its Schedules, Statements of Work and Purchase Orders which are now or hereafter attached to this Agreement constitute the entire agreement and understanding of the parties and supersedes all prior agreements, understandings or arrangements (both oral and written) relating to the subject matter of this Agreement.

8.2. No Reliance. Each of the parties acknowledges that in entering into this Agreement on the terms set forth herein it has not relied on or been induced to enter into this Agreement by any representation, warranty, condition, undertaking, promise or assurance made or given by any other party or any other person, whether or not in writing, at any time prior to the execution of this Agreement other than those expressly set forth in this Agreement.

8.3. Severability. If any part of any provision of this Agreement is found to be invalid or unenforceable, then the remainder of such provision and all other provisions of this Agreement shall remain valid and enforceable.

8.4. Amendments and Waivers. No amendment or variation of the terms of this Agreement shall be effective unless it is made or confirmed in a written document signed by both parties. No delay in exercising or non-exercise by either party of any of its rights under or in connection with this Agreement shall operate as a waiver or release of that right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

8.5. Relationship. In making and performing this Agreement, the parties are acting and shall act as independent contractors. Nothing in this Agreement shall be deemed to create an agency, joint venture or partnership relationship between the parties hereto. At no time shall either party make commitments or incur any charges or expenses for or in the name of the other party.

8.6. Assignment. Neither party shall assign any of its rights under this Agreement without the prior written consent of the other without the written consent of the other party which consent will not be unreasonably withheld or delayed. The parties agree that any attempted assignment of this Agreement in breach of this Section 8.6 shall be void and of no effect and shall constitute a material breach of the Agreement.

8.7. Law and Jurisdiction. This Agreement shall be governed by and interpreted under the laws of the Republic of South Africa.

8.8. Notices. Except as otherwise expressly provided in a Schedule, whenever notice, demand or other communication shall or may be given to either party in connection with this Agreement and/or such Schedule, it shall be in writing and shall be sent by certified mail, postage prepaid, return receipt requested or by overnight express carrier, or email and shall be sent or delivered to the addresses of the parties set out above or to a substitution address if a substitution address has been notified in writing by one party to another for such purposes after the date of this Agreement.

8.9. Publicity. Staffroom may publicise the existence of this Agreement.

8.10. Force Majeure. Neither party shall be liable for failure to perform any obligation hereunder, if such failure is due to the occurrence of an event beyond the reasonable control of that party. If such event occurs, the affected party shall notify the other party in writing of the fact and details of the event and shall take all reasonable steps necessary to resume performance of the affected obligation as soon as reasonably possible under the circumstances. If the occurrence of such event renders performance of the obligation commercially impractical or impossible, the parties shall negotiate in good faith an equitable adjustment of the terms and conditions of this Agreement affected by such event. Notwithstanding the foregoing, nothing shall relieve Customer from any payment obligations under this Agreement or any Purchase Order.

8.11. Non-Solicitation. Each party agrees that, without the prior written consent of the other party, it shall not solicit nor otherwise attempt to entice away the services of any employee of the other party or its affiliates during the term of this Agreement and for a period of six months thereafter.

8.12. Interpretation. In this Agreement, unless the context requires otherwise, any reference to:
8.12.1. a “party” or the “parties” is to a party or the parties (as the case may be) to this Agreement and shall include any permitted assignees of a party;
8.12.2. the masculine, feminine or neuter gender respectively includes the other genders, references to the singular include the plural (and vice versa) and references to persons include individuals, corporations, proprietorships, firms, partnerships, limited partnerships, limited liability partnerships, limited liability limited partnerships, limited liability companies, trusts, associations and other entities; and
8.12.3. writing shall include any modes of reproducing words in a legible and non-transitory form.

8.13. Precedence. In the event of any conflict between the terms in any of the documents that make up this Agreement the following order of precedence shall apply:
8.13.1. terms of any Purchase Order
8.13.2. terms of any Statement of Work
8.13.3. terms of any Schedule
8.13.4. terms of this Customer Agreement.

8.14. Headings. The captions and headings of this Agreement are included for convenience only and shall not affect the interpretation or construction of this Agreement.

8.15. Survival. The termination or expiration of this Agreement shall not affect those provisions of this Agreement which expressly provide that they will operate after such expiry or termination, or those which of necessity must continue to have effect after such expiry or termination, notwithstanding that the clauses themselves do not expressly provide for this.

8.16. Counterparts. This Agreement, any Schedules and Purchase Order may be executed in counterparts, and execution may be evidenced by scanned copies of executed pages. Any copy of this Agreement, Schedule or Purchase Order having signature pages executed by all parties, whether in separate pages, and whether on original or facsimile copies, so long as it contains the original signature of at least one of the parties, shall be deemed an original.


Staffroom provides support services to the customer for the supplied Software. The support services are intended to help the customer use the software successfully and deal with any problems that arise during normal operation. This schedule describes the support service provided by Staffroom.

A.1. Support Service. We provide a remote email and phone help desk service to designated customer staff. You must lodge all requests for support with our help desk and we will create a ticket number for your request that can be tracked through our system. Our support team will receive the details of the request and respond to you as soon possible.

A.2. Availability. Our normal support services will be available from 8:00am to 5:00pm from Monday to Thursday and 8:00am to 4:00pm on Fridays. We will not provide support services over weekends or South African Public Holidays, except in case of emergency. If you require urgent support services because of a major system outage outside of the normal support service hours, you must use the after-hours support contact details provided to you.

A.3. Service Level. Our support service provides a maximum response time target of four business hours. Someone from our support team will respond to you within four business hours of us receiving the request. Responses to emergency after hours requests are provided on a best effort basis.

A.4. Exclusivity. During the currency of this agreement, you will only use us for the provision of the support services.

A.5. Non-exclusive agreement. This order does not grant us any exclusive rights to do any additional business with you over and above the services outlines in this order. You may contract with other suppliers for the procurement of additional services. Nothing in this order prevents us from marketing, developing, using, or performing similar services for other customers.

A.6. Support channels. You may only submit support requests in writing using the support contacts and channels provided to you.

A.7. Designated customer personnel. Only your designated personnel may submit support requests and no other personnel, unless agreed between the parties in writing. Your designated personnel who may submit support inquiries must be provided to us in writing.

A.8. Our obligations. We will be responsible for the management and supervision of the performance of the services by our personnel.

A.9. Your obligations. You will provide the assistance and input as we may reasonably require, to enable us to provide the support services. Your internal staff will provide first level support to your own staff members and customers.

A.10. Research. You will, before logging a service request with us, thoroughly research any problem encountered and will make sure that all the details relating to the problem are available to disclose to our help desk.

A.11. Service request. Your support resource will place a service request on our help desk, stating the necessary information. The service request will be made in writing, either via email or a telephone call that is confirmed in writing.

A.12. Evaluation. Upon receipt of the service request, our help desk will evaluate the service request and communicate its appraisal to you.

A.13. Resolution. Once a service request has been resolved, our help desk will inform your support resource. Your support resource will within a reasonable period thereafter (having regard to when the problem would reasonably be detected by you again) inform us through our help desk whether the correction was satisfactory to you or not. If no notice is received, then the problem will be deemed to have been corrected to your satisfaction.

A.14. Support Levels. For the purposes of this clause:

Response time means the time elapsed from receiving the service request, to confirm the problem, identify a specific or likely cause and communicate that to you. Our support service is a best effort service however we will endeavour to meet or exceed the response timeframe stated in A.3 above.

Resolution time means the time taken to fix the problem or provide the service requested, which excludes time that elapses while we wait for a response from you. We do not guarantee any time to fix the problem as this will depend on the cause of the problem itself which may be simple or complex.

A.15. Escalation. We operate a problem escalation procedure to ensure that you receive senior management attention on unresolved issues. We will notify your operational and management personnel on a priority basis depending on the severity of the problem.

A.16. Monitoring. We will monitor the performance of our support service. Our help desk manager will record our services help desk monitoring.

A.17. Service level reporting. You may request actual service levels to us in writing from time to time as required by emailing our support service.


Words and expressions when used with initial capital letters shall have the meanings set forth below in addition to the definitions in the Framework Agreement to which this Schedule is attached:


B.1.1. Staffroom shall provide to Customer the consultancy services (the “Services”) as detailed in the corresponding Statement of Work, or any Purchase Order. The Services will be provided at such times and at the Sites as detailed in the Statement or Work or Purchase Order and as agreed by the parties in writing. Staffroom is entitled to employ subcontractors to provide all or parts of the Services.


B.2.1. Staffroom is entitled to charge in addition to the Fees all reasonable expenses for travel, accommodations, and subsistence incurred by Staffroom staff in the performance of their obligations hereunder at locations other than their local Staffroom offices.

B.2.2. In the event that Staffroom is ready to initiate and perform any of its assigned Services and is not able to do so because of actions or delays of Customer, then Customer shall be responsible for the payment to Staffroom of: (i) the amounts specified in the applicable payment schedule on the dates when such amounts would otherwise have been due if Staffroom had not been delayed or otherwise prevented from performing its obligations by Customer’s failure to timely perform; and (ii) Staffroom‘s then current time and material rates for additional resources allocated to Customer and reasonable expenses incurred as a result of the delay.


B.3.1. Staffroom shall use reasonable skill, care and diligence in the performance of the Services, and will comply with applicable safety standards at the Site where the Services are provided. Staffroom makes no warranty whatsoever regarding any services performed by a third party.

B.3.2. Staffroom shall ensure that sufficient personnel will be assigned to undertake the Services and that each of them shall possess such skill and experience as is necessary for the proper performance of their role under this Consultancy Agreement.

B.3.3. Staffroom will not be responsible for any delay or postponement which in any way arises out of or in connection with any failure, default, delay in performance, or any act or omission of any nature whatsoever on the part of the Customer or any of its employees, agents or sub-contractors, or any other cause or circumstance beyond the reasonable control of Staffroom, including, but not limited to, the Customer’s delay in relation to the delivery, configuration or implementation of hardware or software and/or any lack of Customer resources to meet its obligations under this Consultancy Agreement. The parties will work together in good faith to assess the likely impact of the delay or postponement upon the Services.

B.3.4. Remedy: Staffroom’s obligations and Customer’s sole rights and exclusive remedies for breach of the warranty given in this clause shall be the supplying of the Services again.


B.4.1. Customer agrees to carry out its obligations hereunder and as further detailed in the Statement of Work or Purchase Order and be responsible for coordinating and making available such of its resources as are reasonably necessary to enable Staffroom to carry out its obligations under this Consultancy Agreement and any applicable Purchase Order, in a timely manner.

B.4.2. The Customer shall afford Staffroom such access to the Customer’s premises and/or infrastructure, software or online sites, as may be required for Staffroom to perform the Services. If the Services are to be performed at the Customer’s premises the Customer will, unless agreed upon otherwise, make available, free of charge, such working space and facilities at the Customer’s premises as Staffroom may reasonably require to perform the Services.


B.5.1. The copyright and other intellectual property rights originating in or deriving from the Services and Software created, prepared or supplied by Staffroom in connection with this Consultancy Agreement or otherwise are and will at all times remain the property of Staffroom (or its licensors) (“Staffroom Intellectual Property”). Nothing in this Consultancy Agreement shall be construed as an assignment or grant to Customer of any right, title or interest in or to the Staffroom Intellectual Property”.

B.5.2. No rights are granted to Customer hereunder to any trademarks, service marks, slogans, symbols or designs of Staffroom (“Staffroom Marks”), and Customer agrees not to register or to use any term which contains or is confusingly or deceptively similar to the Staffroom Marks.

B.5.3. Staffroom acknowledges that all data provided by Customer to Staffroom shall remain the sole and exclusive property of Customer.


B.6.1. Learner/Participant Substitution
B.6.1.1. Prior to commencement, training programme substitutes can be made up to 5 (five) days day prior without incurring a penalty. This request must be sent to
B.6.2. Cancellations
B.6.2.1. There will be no refunds for entire training sessions cancellations once started where instituted by the Customer.
B.6.3. Transfer of dates and postponements:
B.6.3.1. Customers are permitted one training and/or on-site consulting delivery postponement, per week or engagement scheduled. Any cost incurred due to changes after the postponement will be billed to the Customer.
B.6.3.2. All postponements must be sent to at least 14 ordinary days or more prior to the start of the training or consulting programme. If a Customer request for postponement is received within 2 weeks of the start of the course, the Customer will be liable for any costs incurred by the training provider as a result thereof.
B.6.4. All training programme dates must be delivered within a 12-month period from date of the Purchase Order requesting training unless otherwise agreed between both parties, failing which the course will be deemed to be cancelled.
B.6.5. The training provider reserves the right to re-schedule course dates where set delivery is made difficult due to strike, protest, rescheduling or any other activity on Customer Site that affects either the safety of its facilitators or the quality of the overall training programmes. The training provider shall endeavour to inform the Customer as soon as possible of the rescheduling, to offer a new course date reasonably convenient for Customer.
B.6.6. Confirmation of Course attendance :
B.6.6.1. The Customer shall confirm in writing(email) the names and details of all participants on the course/s. The confirmation shall refer to, or include as an attachment, the information (Name, Surname, Email Address, SA ID or Passport nr) of all the participants that will attend the training session. The Customer’s confirmation must be received by training provider at least two (2) weeks prior to the relevant course date. Upon receipt of the above confirmation, the training provider will proceed with the organization and project management of the course and, if not yet agreed by the Parties, notify Customer of the course date with reasonable advance.
B.6.6.2. In its confirmation, Customer shall indicate the number of participants per course (Staffroom will detail the recommend minimum and maximum participant numbers per programme in the training proposal) and notify of any reasonable special requirements relating to any of the participants. training provider will endeavour to accommodate such special requirements if it is considered reasonable and practical to do so.
B.6.7. Course Attendance & Completion:
B.6.7.1. Failure by a participant to attend a course day as per the relevant confirmation, for any reason whatsoever, shall not entitle the Customer to any reduction in price or any right to demand that the Course be dispensed anew for the benefit of the absent participant(s).
B.6.7.2. For assessed programmes, the participant must attend at least 50% of the training in order to be awarded a certificate of attendance. A participant must attend least 50% of the course and achieve a requisite pass rate for accredited programmes for the courses final assessment specific to that particular training programme in order to receive a certificate of completion.
B.6.7.3. For accredited, multi-week and assessed training programmes, in order to qualify for a subsequent training week, participants will need to achieve a certificate of attendance as well as a certificate of completion for each of the previous programmes.
B.6.7.4. For assessed or accredited programmes, all participants must agree to being listed in a daily attendance register and marked present or absent accordingly. Failure to comply with this requirement will endanger a participant’s course qualification and may result in no certificate of any kind being supplied. This is consistent with minimum attendance requirements for SAQA accredited learning programmes
B.6.8. Logistics and venues:
B.6.8.1. Where training programmes are presented on the Customers Site, the Customer shall provide adequate training room(s), facilities and other necessary resources, including, but not limited to, whiteboard, overhead projector with markers of various colours, video-projector, flip charts, etc. for the full duration of the programme.
B.6.8.2. Customer shall ensure that the training venue is of a similar standard across training sessions as well as the exam (where invigilated exams are part of a formal programme).
B.6.8.3. Customer shall ensure that the training venue will have adequate WIFI or similar internet connectivity throughout the duration of the training or consulting event.
B.6.8.4. Customer shall provide training provider, its subcontractors, consultants and employees, in a timely manner, with access to the training facilities.
B.6.8.5. Customer shall provide local co-ordination through a representative who shall be the official interface between the Staffroom programme facilitator and the participants.
B.6.8.6. Customer shall take care of all venue and catering requirements for the duration of the training, unless otherwise stipulated


C.1.1. Fees. Customer agrees to pay Staffroom for any and all Services in the amount, manner and at the times set out in the relevant Purchase Order or Statement of Work, and in accordance with this document.

C.1.2. Invoices. All sums and amounts, together with any agreed expenses shall become payable within 30 (thirty) days of date of invoice unless otherwise agreed between the parties (the “Due Date”).

C.1.3. Payment. All payments made or to be made under this Agreement shall be non-refundable and made in full, without any deduction, withholding, set-off or counterclaim on account of any taxes or otherwise.

C.1.4. No Payment. Should the Customer fail to make any payment when due under this Agreement, Staffroom shall have the right, without limiting other remedies which might be available to it, by notice in writing forthwith to suspend all further Services until the default be made good.

C.1.5. Late Payment. In the event of late payment by the Customer, Staffroom reserves the right to charge the Customer interest on any payment not made by the Due Date. Such interest would be calculated on a daily basis, both before and after any judgment, at the rate of 2% (two per cent) per annum above the rate charged by their company bankers from time to time, for the period from the Due Date until the date on which it is actually paid. It would be compounded quarterly and payable on demand. The Customer will reimburse Staffroom for all reasonable costs incurred in the collection of past due amounts owed by the Customer.

C.1.6. Taxes. The fees set forth herein do not include any sales, use or other similar taxes, tariffs or duties, however designated, levied against the sale, licensing, delivery or use of the Software or Services. The Customer shall pay, or reimburse Staffroom for all such taxes; provided, however, that the Customer shall not be liable for any taxes based on Staffroom net income.

C.1.7. Quotations.

C.1.7.1. Quotes Issued to South African Clients for Rand Priced Products
C. All quotes are valid for 14 days from the day of issue.
C. All quotes are subject to E&OE.
C. All prices are based on current price lists.
C. All prices quoted in South African Rand.
C. All prices include 15% VAT.
C.1.7.2. Quotes Issued to South African Clients for US Dollar Priced Products
C. All quotes are valid for 14 days from the day of issue.
C. All quotes are subject to E&OE.
C. All prices based on current price list in United States Dollars.
C. All prices quoted in South African Rand include 15% VAT.
C. All prices quoted in South African Rand remain subject to the South African Rand / United States Dollar exchange rate and may fluctuate.
C. NB: We reserve the right to re-invoice at any time prior to payment due to South African Rand / United States Dollar exchange rate volatility.
C. NB: Quotes and invoices will use the IOL exchange rate on the day of issue plus a margin of 12.5% when stating prices in South African Rand.
C.1.7.3. Quotes Issued to Clients Outside of South Africa
C. All quotes are valid for 14 days from the day of issue.
C. All quotes are subject to E&OE.
C. All prices are based on the current price list.
C. All prices are quoted in United States Dollars.
C. A $50 Administration Fee will be added to the invoice.

Staffroom Email Disclaimer

Any electronic communication you receive from an employee or representative of Staffroom including any attachments is subject to the electronic communications disclaimer as set out below.

If this communication is not addressed to you and has been received in error, you must:

  • notify the sender immediately and delete the e-mail; and
  • refrain from copying, printing, forwarding, publishing or disclosing the contents of the e-mail.

Reasonable care has been taken to transmit this communication free of damaging code, however Staffroom and the sender make no warranties in this regard. Neither Staffroom nor the sender of the e-mail shall be liable for any loss, damage or expense of any nature resulting from the transmission of the e-mail, including any damaging codes or viruses transmitted.

The views and opinions expressed in the e-mail do not necessarily reflect the views and opinions of Staffroom. Staffroom shall not be liable for any loss, damage or expense resulting from any e-mails sent by its employees which contain infringing, offensive, defamatory or otherwise unlawful content or which content constitute unsolicited commercial messages (“spam”). Please notify us should you regard this mail as unsolicited by sending a mail to

Employees and representatives of the company may not conclude, negotiate or solicit agreements or otherwise bind Staffroom via email unless expressly authorised to do so by Staffroom.

Staffroom deem a mail as sent once it reflects as ’sent’ on the email server of Staffroom.

This disclaimer is deemed to be part of the content of any e-mails in terms of section 11 of the Electronic Communications and Transactions Act 25 of 2002.



In order to build trust with our clients and to comply with our legal obligations we provide our policies and processes related to important issues such as data privacy and security.

The policies and processes below include:

  • Privacy Policy – describes how we process the personal data of our clients.
  • Data Processing Agreement – describes how we meet our processor obligations.
  • Acceptable Use Policy – describes what we consider to be acceptable use of our systems.


By accessing and using this website or application and/or our services, the user is providing his/her express and voluntary consent to the processing of their personal information by Staffroom Software Pty Ltd (“THE COMPANY’) on the basis set out in this privacy notice. if the user does not consent, the user must immediately stop accessing and/or using this website and our services.

1. Introduction

THE COMPANY collects, uses and, in some circumstances, shares the personal information of Users in and through this website and during the provision of services to you.

THE COMPANY respects the rights of Users whose personal information is collected and used by it, including their right to protection against the unlawful collection, retention, sharing and use of such personal information.

The purpose of this Privacy Policy is to provide Users with information about the information processing activities of THE COMPANY and the manner in which their rights are protected.

This Privacy Policy shall serve as a notification to Users about THE COMPANY’s processing activities which will remain valid for as long as one has an active account with or is using the services of THE COMPANY, including the browsing of this website. Users will not be notified separately on each occasion that THE COMPANY processes the same personal information in the same way over the period.

THE COMPANY may amend the provisions of this Privacy Policy to comply with any changes in the law, and/or pursuant to any changes to its information processing activities or privacy practices. Such amendments will be published on the website and will become operable from the date of such publication.

This privacy policy, and the interpretation and enforcement thereof, will be governed by the laws of the Republic of South Africa.

The provisions of this Privacy Policy is, as far as possible, be incorporated into any agreement between THE COMPANY and Users.

2. Definitions and Interperations

In this Privacy Policy, the following words bear the following meanings:

  • ‘’consent’’ means any voluntary, specific and informed expression of will in terms of which permission is given by or on behalf of a User for the processing of their personal information;
  • Controller” shall have the meaning ascribed thereto under applicable Data Protection Legislation and, for clarity, includes a Responsible Party as such term is defined under the Protection of Personal Information Act 4 of 2013;
  • Data Protection Legislation” means, to the extent applicable: (i) data protection laws and any data protection obligations contained within national legislation in South Africa such as the Protection of Personal Information Act 4 of 2013 (“POPIA”), and (ii) all other laws and regulations relating to data protection and privacy in (a) any jurisdiction in which the relevant data subject is located, or the Personal Data is being Processed, stored or used, including the EU Data Protection Directive 95/46/EC, the EU Directive on Privacy and Electronic Communications 2002/58/EC, and Commission decisions and Guidance and the European Union General Data Protection Regulation (“GDPR”).
  • Data Transfer Agreement” means a data transfer agreement on such terms as are reasonably determined by THE COMPANY as ensuring the relevant Personal Data being transferred trans-border is subject to adequate safeguards as prescribed by Data Protection Legislation applicable to THE COMPANY;
  • ‘‘direct marketing’’ means to approach a data subject, either in person or by mail or electronic communication, for the direct or indirect purpose of promoting or offering to supply any goods or services to the data subject;
  • ’information officer’’ means the the Information Officer of THE COMPANY from time to time;
  • ’PAIA’’ means the Promotion of Access to Information Act 2 of 2000;
  • ‘’personal information’’ shall have the meaning ascribed thereto under Data Protection Legislation applicable to THE COMPANY and, if not defined by that legislation, then it has the meaning given to that term by the GDPR);
  • ’POPIA’’ means the Protection of Personal Information Act of 2013, including any regulations or codes of conduct promulgated under it;
  • ’process” or “processing’’ means, has the meaning given to that term by the Data Protection Legislation applicable to THE COMPANY (and, if not defined by that legislation, then it has the meaning given to that term by the GDPR) and “Process” and “Processed” shall have corresponding meanings;
  • Regulator” means any regulator, regulatory body or supervisory authority in any country (including the Information Regulator and the Information Commissioner’s Office) with jurisdiction over THE COMPANY, or whose consent, approval or authority is required so that such entity (or entities) can lawfully carry on any part of its business or the services;
  • responsible party” shall have the meaning ascribed thereto under applicable Data Protection Legislation and will include Controllers;
  • ‘‘operator’’ means an outside third party who processes personal information for or on behalf of THE COMPANY in terms of a contract or mandate;
  • special personal information” means the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health, sex life or any biometric information of a User; and may include criminal behaviour of a User to the extent such data relates to the alleged commission of the User of an offence or any proceedings in respect of any offence allegedly committed by a User or the disposal of such proceedings;
  • services” means the services provided to any User by THE COMPANY;
  • ‘’User’’ means a visitor or user of this website or application, or any of the content or services associated with this website or application. Users will also be data subjects in terms of the meaning ascribed thereto under Data Protection Legislation applicable to THE COMPANY and, if not defined by that legislation, then it has the meaning given to that term by the GDPR); and
  • ‘’the website’’ means the website or application or any part thereof which is accessible from the internet or mobile app stores.
  • Any reference in this Privacy Policy to:
  • the singular includes the plural and the other way around;
  • any one gender includes the other genders, as the case may be;
  • an act, regulation or other law is to the version of that law in force at the effective date of this Policy and includes any amendment or re-enactment made to that law after the effective date of this Policy.
  • When calculating any number of days for the purposes of this Policy, the first day must be excluded and the last day of the relevant interval included, unless the last day is not a business day, then the last day will be the next succeeding business day.
  • The word “include” means “include without limitation”. Use of the word ‘’include’’ or ‘’in particular’’ is for illustration or emphasis only and where followed by specific examples must not be interpreted as limiting the meaning of the general wording preceding it.
  • A requirement that any Policy, request, demand or other communication made in terms of this Privacy Policy must be in writing will be met if it is in the form of a data message as defined in the Electronic Communications and Transactions Act, No. 25 of 2002, and is accessible in a manner usable for subsequent reference, provided that this policy may not be amended as such.

3. Responsible party

Where THE COMPANY will be the party who will be collecting and processing a User’s personal information, in that event THE COMPANY will be designated as the ‘’responsible party’’ for the purposes of this Policy.

THE COMPANY‘s contact details are as follows:


Website address:

THE COMPANY may instruct third party operators from time to time to undertake certain processing activities relating to the User’s personal information.

4. What personal information is collected

THE COMPANY may collect the following personal information from the User:

  • Initials, first name, surname;
  • Education Information;
  • Biometric information (including images);
  • Date of birth;
  • Email address;
  • Age and language preference;
  • Gender;
  • Phone numbers;
  • Physical and postal addresses;
  • Geo-location data;
  • Employment details; and
  • Identity or passport number.

The supply of personal information by the User to THE COMPANY is voluntary and not mandatory. However, if the User refuses to supply any personal information, certain consequences may naturally flow from such a refusal, such as preventing THE COMPANY from concluding or performing any contract with the User, or preventing  THE COMPANY from complying with one or more of its obligations in law.

5. Purpose/s for collection and processing of personal information

THE COMPANY shall only collect a User’s personal information for a specific, explicitly defined and lawful purpose relating to a function or activity of THE COMPANY‘s business.

Such purposes may include the following:

  • To enter into a contract with a User;
  • To perform any obligations under a contract with a User;
  • To comply with a legal obligation;
  • To protect a legitimate interest of a User (unless the User has specifically objected in writing to all or some of the processing activities on reasonable grounds);
  • To pursue its own legitimate interests or the legitimate interests of a third party who it is sharing the information with (unless the User has specifically objected in writing to all or some of the processing activities on reasonable grounds);
  • To process personal information for direct marketing purposes (only if the User has opted in to receiving any direct marketing material);
  • To customise and display content to the User in a way that THE COMPANY feels may interest the User or be most beneficial to them;
  • To send content including, but not limited to products, articles, listings and advertisement content to the User via email or other electronic media, where the User has consented to be contacted by THE COMPANY with such content;
  • To enable the User to voluntarily participate in interactive features;
  • To notify the User about changes to the website or services.

If THE COMPANY intends to process a User’s personal information for any other purpose not listed in clause 5.2 or which is otherwise not automatically permitted by law, it shall ensure that it obtains the User’s written consent to do so.

THE COMPANY will not sell a User’s personal information to any third party without the prior written consent of the User.

6. Collection directly from user

THE COMPANY shall, as far as possible, collect personal information about a User directly from the User, except in the following circumstances:

  • Where personal information is available on a public record;
  • Where the User has given their written consent to THE COMPANY to collect their information from another source;
  • Where it is more practicable to collect the information from another source;
  • Where the collection of a User’s personal information from another source will not prejudice any of the User’s legitimate interests;
  • Where the collection of personal information from another source is necessary to maintain THE COMPANY’s legitimate interests or those of any third party it intends sharing the information with;
  • Where the collection of personal information directly from the User would prejudice the purpose for the collection;
  • Where the collection of personal information directly from the User is not reasonably practicable in the circumstances.

If THE COMPANY collects personal information from a source other than the User, it shall record in writing the details of that source, including the full names and contact details of that source where applicable.

Personal information may be collected from or supplied by the User in any of the following ways:

  • Through the use of an ios or Android application;
  • Through the use of the service via a computer or mobile browser;
  • When requesting further services or information from THE COMPANY;
  • When contacting THE COMPANY to report a problem with the website or the services or for any other reason;
  • When completing any forms on the website.

The User may visit the website without providing any personal information. However, the website’s servers may still collect technical information regarding the use of the website, which is aggregated for analytical purposes, technical maintenance and for improving the content offered on the website. Such information may include details of the User’s visit, information about the User’s computer, including IP (Internet Protocol) address, operating system and browser type, the User’s location, and usage information. An individual User will not be identified from or by this information and THE COMPANY is entitled to copy, distribute or otherwise use such information without limitation.

7. Cookies

“Cookies” are small text files transferred by a webserver to a User’s hard drive and thereafter stored on their computer. The types of information a Cookie collects includes a User’s username, the date and time of their visits to the website, their browsing history and preferences.

THE COMPANY may use Cookies on this website to:

  • Distinguish one User from another on the website;
  • Remember the User’s last session when they return to the website;
  • Estimate the website’s audience size and usage patterns;
  • Store information about the User’s preferences, which allows THE COMPANY to customize the website and content according to the Users individual preferences; and
  • Speed up searches on the website.

The provisions of this clause are only applicable to Cookies used by THE COMPANY. In some instances, third-party service providers may use Cookies on the website.  THE COMPANY cannot and does not control or access Cookies used by third party service providers and takes no responsibility therefor.

The User has the right and ability to either accept or decline the use of Cookies on their computer’s web browser, whether they are logged in as a member, or simply casually visiting the website. However, declining the use of Cookies may limit a User’s access to certain features on the website.

8. General conditions for processing personal information

  • THE COMPANY shall comply with all laws, contracts or regulations when it processes a User’s personal information.
  • THE COMPANY shall not act unreasonably when processing a User’s personal information. This means that it will collect and process a User’s personal information in a way that the User can reasonably expect and in a way that is fair.
  • THE COMPANY shall respect the User’s right to privacy at all times. If there is another way in which it can achieve the same goal without posing any risk of harm to the privacy rights of the User, then it will choose that option.
  • Similarly, if THE COMPANY needs to process personal information but there are less privacy-invasive methods of collecting, using and sharing that information, then it will use those methods.
  • THE COMPANY shall ensure that the personal information that is collected and processed is and remains relevant to the identified purpose/s for such processing, and that such information is and remains adequate, but not excessive, for achieving the identified purpose/s.
  • If there are any alternative ways to achieve the identified purpose/s without processing personal information, THE COMPANY shall not process that personal information.
  • THE COMPANY shall ensure that the processing activities it chooses to apply are proportionate to achieving the identified purpose/s and that no less privacy invasive measures are available to achieve the same purpose/s.
  • THE COMPANY shall ensure that, regardless of the stated purpose/s for processing personal information, the rights and interests of Users will not be unnecessarily prejudiced or infringed, unless it cannot be avoided, and then in such cases, it shall ensure that its own rights and/or interests justify such prejudice or infringement taking place.
  • THE COMPANY shall be entitled to store the personal information of Users indefinitely unless the User objects thereto. In the event a User objects to the indefinite storage, once THE COMPANY has achieved the purpose for the collection of the User’s personal information, it will destroy or delete such information, unless the User has directed otherwise in writing, or  THE COMPANY is required by law to retain the information for a longer period of time.
  • If THE COMPANY no longer needs to process personal information to achieve the purpose originally specified, it will stop using that information.

Disclosure and sharing of personal information

THE COMPANY may, in the course of providing any content or services on this website, or for the purposes of concluding or performing any other services or transaction with a User, share certain personal information with third party operators who perform certain processing activities on behalf of THE COMPANY.

The information shared and the categories of third party operators with whom it is shared will always be notified to you prior to being shared. Notwithstanding the aforegoing, you consent to us sharing your personal information with the following operators:

  • Turnitin LLC, USA.
  • Instructure Inc, USA.
  • Modo Labs Inc, USA.
  • Respondus Inc, USA.
  • Serosoft Solutions Pvt Ltd, India.
  • Eesysoft BV, Netherlands.
  • The Invigilator (Pty) Ltd, South Africa.
  • Digikamva (Pty) Ltd, South Africa.
  • Eiffel Innovation (Pty) Ltd, South Africa.
  • Sokoni Payments (Pty) Ltd, South Africa.
  • THE COMPANY may also share aggregated information about Users of this website and their usage patterns.  Such aggregated information will be de-identified and the User’s personal information will not be disclosed.

Other than as stated in clause 9.1 and 9.3, THE COMPANY shall not share a User’s personal information with any third parties unless it has the User’s express consent to do so.

10. User’s rights in relation to the processing of their personal information

Users shall have the following rights in relation to the processing of their personal information:

  • to access and correct any personal information held by  THE COMPANY about them;
  • to object to the processing of their information; and
  • to lodge a complaint with a Regulator:
  • POPIA (; and
  • GDPR contact your local data protection agency.

Users may make a request in terms of clause 10.1.1 by following the process for making such a request as set out in THE COMPANY’s PAIA manual.

11. Further processing

THE COMPANY shall not process a User’s personal information for any purpose not previously specified except in the following circumstances:

where the User has consented to such further processing;

where the further processing is necessary for the exercise of any contractual rights or the fulfillment of any obligations between THE COMPANY and the User;

where the further processing activities are linked to or compatible with the original purpose;

where the further processing is necessary for the prevention, detection, investigation, prosecution and punishment of an offence;

where the further processing is necessary to enforce any law;

where the further processing is necessary for the conduct of legal proceedings in any court or tribunal that have commenced or are reasonably contemplated;

where the further processing is necessary to prevent or mitigate a serious and imminent threat to the life or health of the User or another individual;

where the further processing is necessary for historical, statistical or research purposes.

THE COMPANY shall ensure that if it intends processing personal information for other purposes not previously specified, it shall notify the User of such further purposes and the possible consequences of the intended further processing for the User.


THE COMPANY shall take reasonably practicable steps to ensure that the personal information kept by it about Users is complete, accurate, not misleading and is updated when necessary.

However, if a User is aware of any personal information in THE COMPANY’s custody that is incorrect, inaccurate or which needs to be updated, the User must make a written request to THE COMPANY’s information officer at to update or correct the relevant information.

If a User has contested the accuracy of any personal information being used by THE COMPANY, it shall immediately stop using that information until its accuracy has been verified, if it is reasonably practicable to do so.

THE COMPANY reserves its right to only adhere to a request from a User in terms of clause 12.2 if the correction or updating of that information will result in the personal information being correct and accurate.


THE COMPANY is committed to protecting the personal information in its custody against any loss of, damage to or unauthorised destruction of that information, and to prevent any unauthorised parties from accessing that information.

THE COMPANY takes steps to continually identify and document any risks to the personal information it has in its possession or under its control and that appropriate security safeguards are in place against those risks.

THE COMPANY shall ensure that in any contracts entered into with third party operators who process personal information on  THE COMPANY’ behalf, include the following obligations:

  • the operator shall not process any personal information without THE COMPANY’s knowledge and authority;
  • the operator shall treat all personal information given to it as confidential and shall not disclose it to any unauthorised third parties;
  • the operator shall establish and maintain adequate security measures which are the same or offer similar protection over the personal information as that employed by THE COMPANY;
  • the operator shall notify THE COMPANY immediately where there are reasonable grounds to believe that any personal information has been leaked to or accessed by any unauthorised person;
  • if the operator is situated in another country, it must comply with the data protection laws in that country and be able to provide verification that it is so compliant;
  • if an operator is legally obliged to disclose any personal information processed by them on THE COMPANY’s behalf to other parties, it must notify THE COMPANY beforehand to enable THE COMPANY and/or individual Users to protect their rights if necessary.

THE COMPANY shall ensure that all personal information on its systems is properly backed-up and that back-up copies are stored separately from the live files.

14. Notification of breach of security

If personal information about a User is inadvertently leaked or THE COMPANY’s security has been unlawfully breached by any unauthorised party, THE COMPANY shall immediately identify the relevant Users who may be affected by the security breach, and shall contact them at their last known email address or contact details or by the quickest means possible.

THE COMPANY shall provide sufficient information to the User to allow him or her to take the necessary protective measures against the potential consequences of the compromise, or shall advise Users of the steps to be taken by them and the possible consequences that may ensue from the breach for them.

15. Children’s personal information

THE COMPANY shall not process any personal information relating to a person under the age of 18 years unless it has obtained consent from that person’s parent or legal guardian. If this website is being accessed by the parent or guardian of a child under the age of 18 years, and personal information pertaining to that child is being provided by the parent or guardian, then they hereby expressly consent to  THE COMPANY processing such information according to the further provisions of this Privacy Policy.

16. Cross border transfers of personal information

17. Retention of information

The User consents that THE COMPANY may keep record of his/her personal information for an indefinite period of time, unless User objects. In such case THE COMPANY will only keep such records if it is lawfully entitled or obliged to do so

18. Returning, destroying or deleting personal information

Where THE COMPANY is no longer authorised to retain a record of any personal information, it shall either:

ensure that the information is permanently destroyed or deleted as soon as reasonably practicable; or

return the information to the User or transfer it to a third party, if requested by the User in writing to do so.

19. Consent

The User hereby consents to the processing of their personal information in terms of the provisions of this Privacy Policy.

The User acknowledges and agrees that such consent has been given voluntarily after the User has read and understood the provisions of this Privacy Policy, in particular, regarding the following:

the types of personal information to be processed, including specifically special personal information;

the specific processing activities to be undertaken;

the specific purpose/s for such processing; and

the possible consequences for the User that may arise from such processing.

Should a User wish to withdraw any consent previously given by the User, they must notify THE COMPANY’s information officer in writing.

20. Lodging an objection

A User may, on reasonable grounds, object to the processing of their personal information at any time after that processing has started.

If a User wishes to object to the processing of their personal information, they should contact THE COMPANY’s information officer in writing and provide, reasons for doing so. Users may use the process and forms contained within THE COMPANY’s PAIA manual available on our website.

21. Choice of law

This Privacy Policy shall be governed and interpreted in accordance with the laws of the Republic of South Africa.

22. Amendment of this privacy policy

THE COMPANY reserves the right to change, update, add, remove and/or amend any of the provisions of this Privacy Policy from time to time. Such changes, updates, additions, removals or amendments will become effective from the date of their publication on this website.

It is the User’s obligation to periodically check the provisions of this Privacy Policy for any such changes, updates, additions, removals or amendments.

The User’s continued use of this website following any changes, updates, additions, removals or amendments to this Privacy Policy will be considered Policy of the User’s acceptance to abide by and be bound by this Privacy Policy, as amended.


For more information on your rights to privacy over your information, or the information processing activities of THE COMPANY, please do not hesitate to contact us directly at

Date of last update: 1st of March 2021


This Data Processing Agreement (“Agreement”) is between:

The Company (You)

(as a client and end-user of our products and services)


Staffroom Software (Pty) Ltd

(the “Contracted Data Processor”) and (together as the “Parties”)


(A) The Company acts as a Data Controller/Responsible Party in terms of relevant Data Protection Laws.

(B) The Company wishes to subcontract certain Services, which imply the processing of personal data, to the Contracted Data Processor.

(C) The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing.

(D) The Parties wish to lay down their rights and obligations.


1. Definitions and Interpretation

Unless otherwise defined herein, capitalized terms and expressions used in this Agreement shall have the following meaning:

“Agreement” means this Data Processing Agreement and all Schedules attached hereto;

“Company Personal Data” means any Personal Data Processed by a Contracted Processor on behalf of Company pursuant to or in connection with the provision of services to the Company or on behalf of the Company;

“Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country, including without limitation the Protection of Personal Information Act of 2013 (“POPIA”);

“EEA” means the European Economic Area;

“EU Data Protection Laws” means the GDPR, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time;

“GDPR” means EU General Data Protection Regulation 2016/679;

“Data Transfer” means:

a transfer of Company Personal Data from the Company to a Contracted Processor; or an onward transfer of Company Personal Data from a Contracted Processor to a Subcontracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws without the terms of a data transfer agreement put in place to address the data transfer restrictions of Data Protection Laws;

“Services” means the various services the Company provides.

The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly. The corresponding terms, “Information Regulator” for “Commission”, “Responsible Party” for “Controller”, and “Personal Information” for “Personal Data” shall have the meanings as set out in POPIA.

2. Processing of Company Personal Data

The Contracted Processor shall:

comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and

not Process Company Personal Data other than on the relevant Company’s documented instructions.

The Company instructs the Contracted Processor to process Company Personal Data only for the provision of Services to the Company or on behalf of the Company as set out in the services agreement with the Company.

3. Contracted Processor Personnel

The Contracted Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the provision of Services to the Company or on behalf of the Company, and to comply with Applicable Laws in the context of that individual’s duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

4. Security

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in the GDPR and POPIA.

In assessing the appropriate level of security, the Contracted Processor shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

5. Sub-processing

The Contracted Processor shall not appoint (or disclose any Company Personal Data to) any Sub-processor unless required or authorized by the Company in writing, which for the purposes of this Agreement excludes email.

6. Data subject rights

Taking into account the nature of the Processing, the Contracted Processor shall assist the Company by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Company obligations, as reasonably understood by Company, to respond to requests to exercise Data Subject rights under the Data Protection Laws.

The Contracted Processor shall:

Promptly notify Company if it receives a request from a Data Subject under any Data Protection Law in respect of Company Personal Data; and

ensure that it does not respond to that request except on the documented instructions of Company or as required by Applicable Laws to which the Contracted Processor is subject, in which case the Contracted Processor shall to the extent permitted by Applicable Laws inform Company of that legal requirement before the Contracted Processor responds to the request.

7. Personal data breach

The Contracted Processor shall notify Company without undue delay upon Contracted Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.

The Contracted Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

8. Data Protection Impact Assessment and Prior Consultation

The Contracted Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by the relevant provisions of any Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processor.

9. Deletion or return of Company Personal Data

Subject to this section 9 the Contracted Processor shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Company Personal Data (the “Cessation Date”), delete and procure the deletion of all copies of those Company Personal Data.

The Contracted Processor shall provide written certification to Company that it has fully complied with this section within 10 business days of the Cessation Date.

10. Audit rights

The Contracted Processor shall make available to the Company on request all information necessary to demonstrate compliance with this Agreement, and shall allow for and contribute to audits, including inspections, by the Company or an auditor mandated by the Company in relation to the Processing of the Company Personal Data by the Contracted Processor.

Information and audit rights of the Company only arise under section 10.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law.

11. Data transfer

The Contracted Processor may not transfer or authorize the transfer of Data to countries outside the the Republic of South Africa or the EEA without the prior written consent of the Company. If personal data processed under this Agreement is transferred from a country within the Republic of South Africa to a country outside the EEA or the Republic of South Africa, the Parties shall ensure that the Data is adequately protected and that a data protection agreement is entered into at least as restrictive as this Agreement.

12. General terms

This Agreement will commence upon signature by the Party signing last in time and endure until no Data is being transferred or processed by the Contracted Processor.

Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement (“Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:

disclosure is required by law;

the relevant information is already in the public domain.

All notices and communications given under this Agreement must be in writing and will be delivered personally, sent by post or sent by email to the address or email address set out in the heading of this Agreement at such other address as notified from time to time by the Parties changing address.

To the extent the provisions of this Agreement conflict with the Principal Agreement, to the extent they relate to the processing of Company Personal Data, the terms this Agreement will prevail.

13. Governing Law and Jurisdiction

This Agreement is governed by the laws of South Africa.

Any dispute arising out of or in connection with this contract, including any question regarding its existence, validity or termination, shall be referred to and finally resolved by arbitration under the Arbitration Foundation of Southern Africa, which Rules are deemed to be incorporated by reference into this clause.

The number of arbitrators shall be one.

The seat, or legal place, of arbitration shall be Cape Town / Johannesburg

The language to be used in the arbitral proceedings shall be English.


These are the general terms of the relationship between you (website visitor) and us (website owner). The terms cover all use of this website. You agree to the terms by visiting and using this website.

1. Definitions and interpretation

Definitions. In the agreement: terms means the terms, consisting of:

  • these terms of use; and
    any other relevant specific terms, policies, disclaimers, rules and notices agreed between the parties, (including any that may be applicable to a specific section or module of the website);
    we, us, or our means Stafroom, the owner of the website. It includes our officers, agents, employees, owners, co-branders and associates where the terms limit or exclude our liability;
    you or your means any visitor to this website, including any other person, website, business or agent (including any virtual or robotic agent) associated with the visitor.

Conflict. If the meaning of any general terms conflicts with any other relevant specific terms, the specific terms will apply. Specific terms apply to a specific section of the website or have been specifically agreed between you and us.

2. Use of this website

  • We grant you a limited licence to use this website on these terms. We may cancel your licence at any time for any reason. Your licence is automatically cancelled if you do not get our written permission before using this website in a way these terms do not allow.
  • If you breach any of the terms or infringe any other person’s rights (including copyright), we may cancel your licence, block you from using the website, claim specific performance or damages against you and take any other steps the law allows, without affecting our rights.
  • You may not frame this website or any of its pages.
    Linking. You may only link to the home page of this website. You may not deep link (link to any other page) or link in any way that could suggest that we endorse or support you, or that you have any rights in our website or intellectual property.
  • Virtual agents. You may not use any technology (including spiders, crawlers, bots and similar virtual agents) to search or gain any information from this website.

Your capacity
Capacity and agreement. You promise that you are entitled to visit this website and agree to the terms because you:
• are at least 18 (or regarded as legally adult), and have the legal right and capacity to do so; or
• are not 18 yet, but have permission from your parent (or legal guardian) to do so.

Accurate information. You promise that you will only give accurate information to us and this website.

3. Intellectual property

Ownership. Except as provided to the contrary in the agreement, all right, title, interest, and ownership (including all rights under all copyright, patent, and other intellectual property laws) in, to or of this website are our sole property or will vest in us or a third party licensor. All moral rights are reserved.
Trade marks. Our logo and sub-logos, marks, and trade names are our trade marks and no person may use them without permission. Any other trademark or trade name that may appear on our marketing material is the property of its respective owner.

Restrictions. Except as expressly permitted under the agreement, the website may not be

  • modified or used to make derivative works;
  • rented, leased, loaned, sold or assigned;
  • reverse engineered or copied; or
  • reproduced or distributed.

4. Limits to our liability

You use this website at your own risk. We provide the website “as is”. We do not give any express or implied warranty or make any other promise about this website. For example, we do not warrant that it is good quality, fit for any particular purpose, accurate, complete, up-to-date, legally effective or secure. We also do not warrant that it is free of latent defects, errors, malicious software or infringing content, or that you will have quiet or uninterrupted use of it.

You indemnify us. You indemnify (or promise to protect) us against any claim, demand, loss, damage, cost, or liability (including reasonable attorneys’ fees) related to your use of this website.

Faults. We will do our best to fix any fault in this website as soon as reasonably practical after we find out about it. This is the limit of our responsibility and liability for any fault in the website.

Direct damages limited. If the previous clause does not apply for any reason, our maximum liability to you for all claims for direct damages is R100. This limit applies whether a claim is based on contract, delict (tort) or any other legal cause of action.

No liability for indirect damages. We will never be responsible for any indirect or consequential damages or losses, even if we should have foreseen them. These may include any loss of profit, loss of goodwill, loss of use or damages related to lost or damaged data.
Other websites. We are not responsible for anyone else’s website.

5. General

Entire agreement. The terms are the entire agreement between the parties on the subject.

Changes to website. We may change or stop publishing this website without notice and will not be responsible for any consequences.

Changes to terms. We may change the terms by placing a notice on this website. If you do not agree with the change, you must stop using this website or the changed terms will apply to you.

Facts about website. If an administrator of this website signs a letter confirming any fact related to the website, that letter is conclusive proof of its contents. These may include the version of the terms that apply to any dispute, or what content or functions the website had at a particular time or date.
Waiver. We do not ever waive (give up) our rights, even if we allow you any favour or extension of time, or we delay enforcing our rights against you.

Severability. Any term that is invalid, illegal or cannot be enforced must be regarded as deleted. The remaining terms continue as intended.

Law and jurisdiction. South African law and conditions (such as time and date) govern the terms. Only the South African courts may decide any dispute about the terms.



South African PAIA law requires us to give certain people access to information in certain circumstances. Our Access to Information Manual (or PAIA Manual) sets out how you can request access.

Staffroom Software (Pty) Ltd (“Company”) Manual to Accessing Information (“Manual”)

This Manual has been prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (“PAIA”) and updated in the light of the Protection of Personal Information Act 4 of 2013 (“POPIA”).

1. Introduction

This manual is for the Company.

2. Purpose of PAIA

PAIA is an act that was passed to give effect to the constitutional right, held by everyone in South African, of access to information which is held by the State or by another person and which is required for the exercise or protection of any right. Where a request is made in terms of PAIA, the body to which the request is made is obliged to give access to the requested information, except where the Act expressly provides that the information may or must not be released.

It is important to note that PAIA recognises certain limitations to the right of access to information, including, but not exclusively, limitations aimed at the reasonable protection of privacy, commercial confidentiality, and effective, efficient and good governance, and in a manner which balances that right with any other rights, including such rights contained in the Bill of Rights in the Constitution.

POPIA was enacted in November 2013, to promote the protection of personal information processed by public and private bodies. POPIA amended certain provisions of PAIA, balancing the need for access to information against the need to ensure the protection of personal information.

3. Information manual

One of the main requirements specified in PAIA is the compilation of an information manual that provides information on both the types and categories of records held by a private body. This document serves as Company’s information manual. This Manual is compiled in accordance with section 51 of PAIA and the Schedule to POPIA. It is intended to give a description of the records held by and on behalf of Company; to outline the procedure to be followed and the fees payable when requesting access to any of these records in the exercise of the right of access to information, with a view of enabling requesters to obtain records which they are entitled to in a quick, easy and accessible manner.

This Manual is available for public inspection at the physical address of Company, recorded in paragraph 4 below, free of charge; and on this website, free of charge; and on request by any person (along with payment of a prescribed fee).

The Manual is available from the designated Information Officer, whose details appear below.

The responsibility for administration of, and compliance with, PAIA and POPIA have been delegated to the Information Officer.

Requests pursuant to the provisions of PAIA and/or POPIA should be directed to the Information Officer as follows:

Information Officer

Staffroom Software (Pty) Ltd

1st Floor Town Square

65 Main Road

Fish Hoek 7975

South Africa

Email: :

Phone: +27 (21) 782 2993

4. Information Regulator’s Guide

An official Guide has been compiled which contains information to assist a person wishing to exercise a right of access to information in terms of PAIA and POPIA. This Guide is made available by the Information Regulator (established in terms of POPIA). Copies of the updated Guide are available from Information Regulator in the manner prescribed. The South African HUMAN RIGHTS COMMISSION, Head Office, Braampark Forum 3, 33 Hoofd Street, Braamfontein. Tel – (011) 8773750. Fax – (011) 403 0668. Email – Website –

5. Automatic disclosure

A private body may, on a voluntary basis, make available a description of categories of records that are automatically available without a person having to request access in terms of PAIA.

The only fee for access to these records may be a prescribed fee for reproduction.

6. Types and categories of records

A requester may also request information that is available in terms of other legislation, such as (the below is not an exhaustive list):

  • Competition Act 89 of 1998;
  • The Companies Act 71 of 2008;
  • The Labour Relations Act 66 of 1995;
  • Employment Equity Act 55 of 1998;
  • Basic Conditions of Employment Act 75 of 1997;
  • Compensation for Occupational Injuries and Diseases Act 130 of 1993;
  • Financial Intelligence Centre Act 38 of 2001;
  • Income Tax Act 58 of 1962;
  • Occupational Health and Safety Act 85 of 1993;
  • Unemployment Insurance Act 63 of 2001;
  • Value-added Tax Act 89 of 1991; and
  • Consumer Protection Act 68 of 2008.

7. Subject Categories of Records

The information is classified and grouped according to records relating to the following subjects and categories:

Personnel Records: “Personnel”refers to any person who works for or provides services to or on behalf of Company and receives, or is entitled to receive, remuneration and any other person who assists in carrying out or conducting the business of Company. It includes, without limitation, directors (executive and non-executive), all permanent, temporary and part-time staff, as well as contract workers.

Personal records provided by personnel include:

Records provided by a third party relating to Personnel;

Conditions of employment and other Personnel-related contractual and quasi-legal records, including job applications;

Internal evaluation records and other internal records;

Correspondence relating to, or emanating from, Personnel (internal and external to the organization); and

Training schedules and material;

Payment records (and beneficiary payments), including banking details.

Client Related Records: “Client”refers to any natural or juristic entity that receives services from Company.

Client related records include:

Records provided by a client to a third party acting for or on behalf of Company;

Records provided by a third party (for example, records from a reseller);

Records generated by or within Company relating to its clients;

Transactional records;

Correspondence with a client that is implicitly or explicitly of a private or confidential nature

Records pertaining to a client retrieved from “other sources”, such as any credit bureau or credit providers industry association.

Private Body Records which include but are not limited to records pertaining to Company’s own internal affairs:

  • Financial records;
  • Operational records;
  • Information technology;
  • Communication;
  • Administrative records, such as contracts and service level agreements;
  • Product records;
  • Statutory records;
  • Internal Policies and procedures; and
  • Human resources records.
  • Other Party Records:

Records held by Company pertaining to other parties, including without limitation, financial records, correspondence, contractual records, records provided by the other party (for example third party beneficiaries or employees of a client), and records third parties have provided about Company’s contractors / suppliers.

Company may possess records pertaining to other parties including, but not limited to, contractors, suppliers, and service providers and such other parties may possess records that can be said to belong to Company.

8. Processing details

In terms of POPIA, data must be processed for a specified purpose. The purpose for which data are processed by Company will depend on the nature of the data and the particular data subject. This purpose is ordinarily disclosed, explicitly or implicitly, at the time the data are collected.

Purpose of Processing

Personnel data

Company processes personnel data for business administration purposes.  For example, personnel data are processed for payroll purposes.  Personnel data are also processed to the extent required by legislation and regulation.  For example, Company discloses employees’ financial information to the Commissioner for the South African Revenue Service, in terms of the Income Tax Act 58 of 1962 and employee’s sensitive personal information in terms of the Employment Equity Act 55 of 1998.

Client related data

Company processes client related records as an integral party of its commercial services. For example Company processes client related records during the client application and onboarding processes and for provision of a service.

This list of processing purposes is non-exhaustive.

9. Third party data

Company processes third party records for business administration purposes.

10. Other party data

Company processes “other party” records for business administration purposes.  For example, Personnel data may be processed in order to effect payment to contractors and / or suppliers.

In performing these various tasks, Company may, amongst others, collect, collate, process, store and disclose personal information.

11. Categories of Data Subjects.

Company holds information and records on the following category of data subject:

  • Employees / Personnel of Company;
  • Clients of Company;
  • Any third party with whom Company conducts its business services;
  • Contractors of Company;
  • Suppliers of Company;
  • Service providers of Company.
  • This list of categories of data subjects is non-exhaustive.
  • Recipients To Whom Personal Information Will Be Supplied

Depending on the nature of the data, Company may supply information or records to the following categories of recipients:

Statutory oversight bodies, regulators or judicial commissions of enquiry making a request for data (i.e. the Information Regulator in terms of POPIA);

Any court, administrative or judicial forum, arbitration, statutory commission, or ombudsman making a request for data or discovery in terms of the applicable rules (i.e. the Competition Commission in terms of the Competition Act 89 of 1998);

South African Revenue Services, or another similar authority;

A contracted third party who requires this information to provide services;

Third parties with whom Company has a contractual relationship for the retention of data (for example, a third party hosting services);

Research/ academic institutions;

Auditing and accounting bodies (internal and external);

Anyone making a successful application for access in terms of PAIA.

12. Planned Transborder Flows Of Personal Information

Company may transfer personal information to a third party who is in a foreign country in order to administer certain services, but may only do so subject to the provisions of POPIA.  Thus internal cross-border transfers, as well as external cross-border transfers of information are envisaged, subject to the provisions of POPIA.

13. Security Measures

Company takes extensive information security measures to ensure the confidentiality, integrity and availability of personal information in Company’s possession.  Company takes appropriate technical and organizational measures designed to ensure that personal data remain confidential and secure against unauthorized or unlawful processing and against accidental loss, destruction or damage.

14. Grounds for Refusal of Access to Records

Company may refuse a request for information on the following basis:

Mandatory protection of the privacy of a third party who is a natural person, which would involve the unreasonable disclosure of personal information of that natural person;

Mandatory protection of the commercial information of a third party, if the record contains:

Trade secrets of that third party;

Financial, commercial, scientific or technical information which disclosure could likely cause harm to the financial or commercial interests of that third party; and

Information disclosed in confidence by a third party to Company, if the disclosure could put that third party at a disadvantage in negotiations or commercial competition.

Mandatory protection of confidential information of third parties if it is protected in terms of any agreement or legislation;

Mandatory protection of the safety of individuals and the protection of property;

Mandatory protection of records which would be regarded as privileged in legal proceedings;

The commercial activities of Company, which may include:

Trade secrets of Company;

Financial, which, if disclosed, could put Company at a disadvantage in negotiations or commercial competition;

A computer program which is owned by Company and which is protected by copyright.

Requests for information that are clearly frivolous or vexatious, or which involve an unreasonable diversion of resources shall be refused.

15. Access procedure

A requester is any person making a request for access to a record of, or held by, Company. The requester is entitled to request access to information, including information pertaining to third parties, but Company is not obliged to grant such access. Apart from the fact that access to a record can be refused based on the grounds set out in paragraph 15 above, in order to successfully access information the requester must fulfil the prerequisite requirements for access in terms of PAIA, including the payment of a request and access fee.

16. Access Request Procedure

A requester requiring access to information held by Company must complete the prescribed Access Request Form, available here:, submit it to the Information Officer at the physical address or electronic mail address recorded in paragraph 5 and pay a request fee (and a deposit, if applicable).

In order to facilitate a timely response to requests for access, all requesters should take note of the following when completing the Access Request Form:

The Access Request Form must be comprehensively completed.

Proof of identity is required to authenticate the identity of the requester.  Therefore, in addition to the access request form, requesters will be required to supply a copy of their identification document.

Every applicable question must be answered. If a question does not apply “N/A” should be stated in response to that question. If there is nothing to disclose in reply to a particular question “Nil” should be stated in response to that question.

The Access Request Form must be completed with enough particularity to enable the Information Officer to identify:

  • The record(s) requested;
  • The identity number of the requester;
  • The form of access required if the request is granted;
  • The postal address or fax number of the requester.

The requester must also state that he or she requires the information in order to exercise or protect a right, and clearly state the nature of the right to be exercised or protected. In addition, the requester must clearly specify why the record is necessary to exercise or protect such a right.

If a request is made on behalf of another person, then the requester must submit proof of the capacity in which the requester is making the request to the reasonable satisfaction of the Information Officer.

If an individual is unable to complete the prescribed form because of illiteracy or disability, such a person may make the request orally.

The requester will be informed in writing whether access has been granted or denied. If, in addition, the requester requires the reasons for the decision in any other manner, he must state the manner and the particulars so required.

17. Payment Of Fees

Payment details can be obtained from the Information Officer and can be made either via a direct deposit, by bank guaranteed cheque or by postal order. Proof of payment must be supplied when the Access Request Form is submitted.

The prescribed fee is set out below in Annexure 1.

Note that the requester may lodge a complaint to the Information Regulator or an application with a court against the tender or payment of the request fee.

If the search for, and the preparation of, the record for disclosure would, in the opinion of the Information Officer, require more than 6 hours, the requester may be required to pay as a deposit one third of the access fee (the fee which will be payable if the request is granted).

Note that the requester may lodge a complaint to the Information Regulator or an application with a court against the tender or payment of the deposit.

If a deposit has been paid in respect of a request for access which is subsequently refused, then the Information Officer must refund the deposit to the requester.

The requester must pay the prescribed fee before any processing, or any further processing, can take place.

18. Third Party Notification

Company must take all reasonable steps to inform a third party to whom or which a requested record relates if the disclosure of that records would –

involve the disclosure of personal information about that third party;

involve the disclosure of trade secrets of that third party; financial, commercial, scientific or technical information (other than trade secrets) of that third party, the disclosure of which would be likely to cause harm to the commercial or financial interests of that third party; or information supplied in confidence by a third party, the disclosure of which could reasonably be expected to put that third party at a disadvantage in contractual or other negotiations; or to prejudice that third party in commercial competition;

constitute an action for breach of a duty of confidence owed to a third party in terms of an agreement; or

involve the disclosure of information about research being, or to be, carried out by or on behalf of a third party, the disclosure of which would be likely to expose the third party, a person that is or will be carrying out the research on behalf of the third party, or the subject matter of the research, to serious disadvantage.

Company will inform the third party as soon as reasonably possible, but in any event, within 21 days after that request is received.

Within 21 days of being informed of the request, the third party may-

  • make written or oral representations to the Information Officer why the request for access should be refused; or
  • give written consent for the disclosure of the record to the requester.
  • Company will notify the third party of the outcome of the request.  If the request is granted, adequate reasons for granting the request will be given.

The third party may lodge a complaint to the Information Regulator or an application with a court against the decision within 30 days after notice is given, after which the requester will be given access to the record after the expiry of the 30 day period.

19. Notification of Decision

The Information Officer will, within 30 days of receipt of the request, decide whether to grant or decline the request and give notice with reasons (if required) to that effect.

The 30 day period, within which Company has to decide whether to grant or refuse the request, may be extended for a further period of not more than 30 days if the information cannot reasonably be obtained within the original 30 day period. For example, the time period may be extended if the request is for a large amount of information, or the request requires Company to search for information held at another office of Company.

The Information Officer will notify the requester in writing should an extension be required.  The requester may lodge a complaint to the Information Regulator or an application with a court against the extension.

20. Remedies Available for Refusals for a Request for Information

All complaints, by a requester or a third party, can be made to the Information Regulator or a court, in the manner prescribed below.

The requester or third party, as the case may be, may submit a complaint in writing to the Information Regulator, within 180 days of the decision, alleging that the decision was not in compliance with the provisions of PAIA.

The Information Regulator will investigate the complaint and reach a decision – which may include a decision to investigate, to take no further action or to refer the complaint to the Enforcement Committee established in terms of POPIA.  The Information Regulator may serve an enforcement notice confirming, amending or setting aside the impugned decision, which must be accompanied by reasons.

An application to court maybe brought in the ordinary course.  For purposes of PAIA, any reference to an application to court includes an application to a Magistrates’ Court.


  • The fee for a copy of the manual as contemplated in regulation 9(2)(c) is R1,10 for every photocopy of an A4-size page or part thereof.
  • The fees for reproduction referred to in regulation 11(1) are as follows:
    • For every photocopy of an A4-sized page or part thereof: R1,10
    • For every printed copy of an A4-sized page or part thereof held on a computer or in electronic or machine-readable form: R0,75
    • For a copy in a computer-readable form on:
      • stiffy disc R7,50
      • compact disc R70,00
      • For visual images:
        • a transcription of visual images, for an A4-size page or part thereof 40,00
        • For a copy of visual images R60,00
      • For an audio record:
        • For a transcription of an audio record, for an A4-size page or part thereof R20,00
        • For a copy on an audio record R30,00
      • The request fee payable by a requester, other than a personal requester, referred to in regulation 11(2) is R50,00.
      • The access fees payable by a requester referred to in regulation 11(3) are as follows:
        • Fees are:
          • For every photocopy of an A4-size page or part thereof R1,10
          • For every printed copy of an A4-size page or part thereof held on a computer or in electronic or machine-readable form R0,75
          • For a copy in a computer-readable form on:
            • stiffy disc R7,50
            • compact disc R70,00
          • For a transcription of visual images:
            • for an A4-sized page or part thereof R40,00
            • For a copy of visual images R60,00
          • For a transcription of an audio record:
            • For an A4-size page or part thereof R20,00
            • For a copy of an audio record R30,00
          • To search for and prepare the record for disclosure, R30,00 for each hour or part of an hour reasonably required for such search and preparation.
        • For purposes of section 54(2) of the Act, the following applies:
          • Six hours as the hours to be exceeded before a deposit is payable; and
          • one third of the access fee is payable as a deposit by the requester.
        • The actual postage is payable when a copy of a record must be posted to a requester.
      • Deposits
        • Where Company receives a request for access to information held on a person other than the requester himself/herself and the Information Officer upon receipt of the request is of the opinion that the preparation of the required record of disclosure will take more than 6 hours, a deposit is payable to the requester. The amount of the deposit is equal to 1/3 of the amount of the applicable access fee.

Please note: In terms of Regulation 8, Value Added Tax (VAT) must be added to all fees prescribed in terms of the Regulations. Therefore, the fees reflected above are VAT inclusive.

To view our privacy statement please visit our website:

Access Request- Record Of Private Body

(Section 53(1) of the Promotion of Access to Information Act, 2000 and Section 23 of the Protection of Personal Information Act of 2013)

Please use the following links below to download the request forms as needed:


  • Notes for completing the form:

* The Access Request Form must be completed in full.
* Proof of identity is required to authenticate the identity of the Attach a copy of the requester’s identification document.
* Type or print in BLOCK LETTERS an answer to every
* If a question does not apply, state “N/A”.
* If there is nothing to disclose in reply to a question, state “nil”.
* When there is insufficient space on a printed form, additional information may be provided on an attached folio, and each answer on such folio must reflect the applicable title.

© Copyright - Staffroom 2021