PAIA Manual

Prepared in terms of section 51 of the Promotion of Access to Information Act, 2000 (as amended)

Date of compilation: 7 January 2026
Date of last revision: 7 January 2026

Company Details

Private Body: TriplicityID Pty Ltd

Company registration number: 2025/774082/07

Registered Office: 4 Fricker Road, Illovo, Sandton, 2196

List of Acronyms and Abbreviations

• CEO – Chief Executive Officer
• Company – TriplicityID Pty Ltd
• IO – Information Officer
• PAIA – Promotion of Access to Information Act, 2000
• POPIA – Protection of Personal Information, 2013
• Regulator – Information Regulator

Purpose of this PAIA Manual

This PAIA Manual is prepared in accordance with section 51 of PAIA and serves to provide members of the public with information on how to request access to records held by the Company, the types of records held, and the processing of personal information in line with POPIA.

Key Contact Details

Information Officer:

Name: Nevellan Moodley
Designation: CEO
Email: Nevellan@triplicityid.com

Guide on How to Use PAIA

The Information Regulator has published a guide on how to use PAIA. The guide is available from the Information Regulator at https://www.justice.gov.za/inforeg/ .

Categories of Records Automatically Available

• Website content
• Publicly published policies and notices
• Marketing materials

Records Available in Terms of Legislation

• Memorandum of Incorporation – Companies Act, 2008
• PAIA Manual – PAIA

Subjects and Categories of Records Held

• Corporate records – MOI and constitutional documents, shareholder and director records, corporate governance and statutory records
• Financial records – accounting records, financial statements, tax records, tax returns, invoices, receipts, payment records, banking records, audit and financial review records
• Operational records – internal policies, procedures, guidelines, IT and systems documentation, supplier records, business process documentation, website administration and content records, HR-related documentation
• Compliance records – PAIA and POPIA compliance documentation, risk assessments and compliance reports, policies and procedures documentation
• Customer data related to products and services – customer relationship information, client onboarding and account information, client communications, service usage and support records

Purpose for Processing of Personal Information

The Company processes personal information for business operations, relationship management, compliance with legal obligations, website administration, and the provision of products and services.

Categories of Data Subjects

• Customers / Clients – contact details, business or professional information, contractual information, communications, and service-related records
• Prospective Clients and Business Contacts – names, contact details, professional information, and communications
• Website Users – technical and usage information, IP addresses, browser information, device data, and website interaction data
• Employees and Contractors – identification details, employment or engagement records, contact information, and related administrative records
• Suppliers and Service Providers – contact details, contractual information, billing information, and communications

Categories of Recipients

• Internal Recipients – authorised employees, contractors, or representatives of TriplicityID who require access for business, operational, or compliance purposes
• Service Providers – trusted third-party service providers supporting business operations, subject to appropriate contractual and confidentiality obligations
• Clients – where personal information is processed or shared in connection with the provision of products or services
• Regulatory and Public Authorities – bodies such as the Information Regulator, CIPC, SARS, or other authorities where disclosure is required or permitted by law

Transborder Flow of Personal Information

Personal information may be transferred to and processed by service providers or business partners located outside the Republic of South Africa, where permitted by law and subject to appropriate safeguards to ensure a level of protection substantially similar to that provided under POPIA.

Information Security Measures

The Company implements appropriate technical and organisational measures to ensure the confidentiality, integrity, and availability of personal information. These measures include access controls, role-based access on a need-to-know basis, data encryption where appropriate, secure system configurations, anti-malware and security monitoring, and ongoing review of security practices.

Availability of this Manual

This manual is available on the Company website and upon request to the Information Officer.

Updating of this Manual

This PAIA Manual will be reviewed and updated on a regular basis.

Contact Us

If you have any questions about this PAIA Manual or our data protection practices, please contact Nevellan@triplicityid.com.