Summit AI PAIA Manual

Summit AI PAIA Manual

1. INTRODUCTION

This Manual is published in terms of Section 51 of the Promotion of Access to Information Act, 2 of 2000 (hereinafter referred to as “the Act” or “PAIA”). The Act gives effect to the provisions of Section 32 of the Constitution of the Republic of South Africa, 1996, which provides for the right of access to information held by the State and to information held by another person that is required for the exercise or protection of any right.

The reference to any information in addition to that specifically required in terms of Section 51 of the Act does not create any right or entitlement (contractual or otherwise) to receive such information, other than in terms of the Act.

This manual applies to Summit AI. The Information Officer named below is appointed in respect of Summit AI.

2. DEFINITIONS

Unless the context clearly indicates otherwise, the following terms shall have the meanings assigned to them hereunder:

  • “Act” means the Promotion of Access to Information Act, Act 2 of 2000, as amended from time to time;
  • “Data Subject” means the person to whom the personal information relates;
  • “Information Officer” means the person acting on behalf of Summit AI (Pty) Ltd and discharging the duties and responsibilities assigned to the “head” of Summit AI by the Act. The Information Officer is duly authorised to act as such;
  • “Manual” means this manual published in compliance with Section 51 of the Act;
  • “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person, including, but not limited to: 
    • information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, disability, religion, conscience, belief, culture, language and birth of the person;
    • information relating to the education or the medical, financial, criminal or employment history of the person;
    • any identifying number, symbol, email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
    • the biometric information of the person;
    • the personal opinions, views or preferences of the person;
    • correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
    • the views or opinions of another individual about the person; and
    • the name of the person if it appears with other personal information relating to the person or if the disclosure ofthe name itself would reveal information about the person.
  • “Personnel” means any person who works for or provides services to or on behalf of Summit AI and receives or is entitled to receive any remuneration. This includes, without limitation, directors (both executive and non-executive), all permanent, temporary and part-time staff as well as contract workers;
  • “POPIA” means the Protection of Personal Information Act, Act 4 of 2013;
  • “Record” means any recorded information, regardless of form or medium, which is in the possession or under the control of Summit AI, irrespective of whether it was created by Summit AI;
  • “Request” means a request for access to a record of Summit AI;
  • “Requestor” means any person, including a public body or an official thereof, making a request for access to a record of Summit AI and includes any person acting on behalf of that person; and
  • “SAHRC” means the South African Human Rights Commission.
  • “Special Personal Information” means personal information concerning the religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information of a data subject; or the criminal behaviour of a data subject to the extent that such information relates to the alleged commission by a data subject of any offence or any proceedings in respect of any offence allegedly committed by a data subject or the disposal of such proceedings.

Unless a contrary intention clearly appears, words signifying:

  • the singular includes the plural and vice versa;
  • any one gender includes the other genders and vice versa; and
  • natural persons include juristic persons.

Terms defined in the Act shall have the same meaning in this Manual.

3. SUMMIT AI OVERVIEW

Summit AI  is a company focused on providing Artificial Intelligence governance solutions and services. Our tagline, “AI. Simplified. Strategised. Delivered,” encapsulates our commitment to making AI accessible and effective for our clients.

Summit AI  supports the constitutional right of access to information and we are committed to provide you access to our records in accordance with the provisions of the Act, the confidentiality we owe third parties and the principles of our law.

4. AVAILABILITY OF THIS MANUAL

A copy of this Manual is available on our website (www.summitai.co.za) or by sending a request for a copy to the Information Officer by email. The Manual may also be inspected at our head office [if applicable, provide address here] and the SAHRC at the respective addresses set out below. This Manual will be updated from time to time, as and when required.

5. THE SECTION 10 GUIDE ON HOW TO USE PAIA

The Section 10 Guide on How to Use PAIA, as drafted by the South African Human Rights Commission and updated by the Information Regulator, will be available at the offices of the Information Regulator and on its website as prescribed by Section 10 of PAIA and in accordance with the Protection of Personal Information Act, 2013 (“POPIA”). Please direct any queries regarding this guide to:

The Information Regulator (South Africa) JD House 27 Stiemens Street, Braamfontein, Johannesburg, 2017 P.O. Box 31533, Braamfontein, Johannesburg, 2017 Telephone Number: 010 023 5200 Telefax Number: N/A Website: https://inforegulator.org.za/ Email (complaints): PAIAComplaints@inforegulator.org.za Email (general enquiries): enquiries@inforegulator.org.za

6. HOW TO REQUEST ACCESS TO RECORDS HELD BY SUMMIT AI

Requests for access to records held by Summit AI must be made on the request forms that are available from the SAHRC website (www.sahrc.org.za) or the Department of Justice and Constitutional Development (www.doj.gov.za) (under “regulations”).

For the convenience of requestors, copies of such forms may be made available upon request from our Information Officer. Please note that requestors are also required to make payment of the prescribed fees. This issue is dealt with more fully below.

Requests for access to records must be made to our Information Officer at the email address provided for below.

The requester must provide sufficient detail on the request form to enable the Information Officer to identify the record and the requester. The requester should also indicate which form of access is required and indicate if he or she wishes to be informed in any other manner and state the necessary particulars to be so informed.

Requests will be received by the Summit AI  Information Officer as indicated in the prescribed manner detailed below. The requestor will be notified within 30 days of the receipt of the completed request forms. The request will be evaluated by the Summit AI Information Officer.

Summit AI reserves the right to notify the requestor of an extension period that is required to access the requested information. The said notice will include reasons for such extension, the required extension period which will not exceed 60 days as well as the requestor’s right to approach a court via application proceedings for relief in the event that the requestor is against the extension and/or the procedure. Further to that, Summit AI may notify the requestor whether a deposit is required. This deposit will be determined by factors such as, the format and/or volume of the information requested as well as the time required for the searching and preparation of the records. The notice will set out the required deposit amount as well as the requestor’s right to approach a court via application proceedings for relief in the event that the requestor is against the payment of the required deposit and/or the procedure.

The requester must identify the right that he or she is seeking to exercise or protect and provide an explanation of why the requested record is required for the exercise or protection of that right.

If a request is made on behalf of a person, the requester must then submit proof, in the form of an affidavit or letter of consent, of the capacity in which the requester is making the request to the satisfaction of the Summit AI Information Officer.

The standard form that must be used for the making of requests is attached as Annexure 2 in the official PAIA Regulations (which can be found via the Information Regulator’s website). Not using this form could cause your request to be refused (if you do not provide sufficient information or otherwise) or delayed.

The requester is required to pay a fee for evaluating the request and then providing the records requested, including the requirement to pay a deposit in certain circumstances. The list detailing the prescribed fees payable to Summit AI  in respect of requests and the fees in respect of access to records (if the request is granted) is attached as Annexure 3 in the official PAIA Regulations.

Kindly note that all requests to Summit AI  will be evaluated and considered in accordance with the Act. Publication of this manual and describing the categories and subject matter of information held by Summit AI ( does not give rise to any rights (in contract or otherwise) to access such information or records except in terms of the Act.

If it is reasonably suspected that a requestor has obtained access to Summit AI’s records through the submission of materially false or misleading information, legal proceedings may be instituted against such requestor.

7. CONTACT DETAILS

Name of Private Body: Summit AI  Designated Information Officer: Mr  Ntsoane, Information Officer: info@summitai.co.za

Street address:

4 Brian Street, Coachman’s Crossing Office Park, Block G. Lyme Park, Bryanston, 2021@summitai.co.za

+27 78 604 6745

8. VOLUNTARY DISCLOSURE

Summit AI is not obliged to and has not published a notice in terms of Section 52(2) of the Act. Nevertheless, Summit AI  may make certain information freely available on its website at www.summitai.co.za from time to time. This may include, but is not limited to, company profiles, service descriptions, and publicly available news or press releases.

Certain information is also made available to employees of Summit AI, which is not generally made available to the public. To avoid confusion, these items of information are not listed here but may be obtained by Summit AI  employees through internal channels.

9. RECORDS AVAILABLE IN TERMS OF ANY OTHER LEGISLATION

Information is retained in terms of the following South African legislation. The information retained in terms of this legislation will only be made available to the persons or entities specified in the legislation and without requiring formal request in terms of this PAIA Manual:

  • Companies Act 71 of 2008
  • Income Tax Act 58 of 1962
  • Value Added Tax Act 89 of 1991
  • Labour Relations Act 66 of 1995
  • Basic Conditions of Employment Act 75 of 1997
  • Employment Equity Act 55 of 1998
  • Skills Development Act 97 of 1998
  • Skills Development Levies Act 9 of 1999
  • Unemployment Insurance Act 63 of 2001
  • Unemployment Contributions Act 4 of 2002
  • Compensation for Occupational Injuries and Diseases Act 130 of 1993
  • Occupational Health & Safety Act 85 of 1993
  • Protection of Businesses Act 99 of 1978
  • Electronic Communications and Transactions Act 25 of 2002 (if applicable)
  • Consumer Protection Act 68 of 2008 (if applicable)

10. RECORDS HELD BY SUMMIT AI

Summit AI maintains records on the following categories and subject matters. However, please note that recording a category or subject matter in this Manual does not imply that a request for access to such records would be granted.

All requests for access will be evaluated on a case by case basis in accordance with the provisions of the Act. In the event that there is no extension period or deposit required then the requestor will be notified within 30 days of the outcome of their request. If the request is successful then the requestor will be notified of the access fee payable upon gaining access to the record (if any), an indication of the form in which the access will be granted as well as a notice of the requestor’s right to approach a court via application proceedings for relief in the event that the requestor is against the payment of the required access fee and/or the procedure.

If the record requested contains information about a third party, Summit AI  is obliged to inform them of such request. This serves to allow the third party the opportunity to respond by either granting consent to the access request or to provide reasons why the request should be denied. The reasons provided by the third party either for consent or denying access will be considered by the Summit AI Information Officer in making a final decision regarding whether access should be granted or refused.

All records in the possession of Summit AI that possess Special Personal Information shall only be provided to the person to whom the Personal Information pertains. In the event that the requestor is not the subject of the Special Personal Information then the requestor must submit proof of consent to request such record for their use or on behalf of the data subject.

Summit AI may legitimately refuse to grant access to records that fall within certain categories. The grounds to refuse access to a particular record/s include:

  • records contain Personal Information of a third party and must be protected from unreasonable disclosure including records of a deceased person;
  • records containing third party commercial information that must be protected from unreasonable disclosure;
  • disclosure of a record would result in a breach of a duty of confidence owed in terms of an agreement to a third party;
  • disclosure of a record would result in an individual’s life being endangered;
  • disclosure of a record would prejudice or impair the security of property;
  • disclosure of a record would prejudice or impair the protection of a person under witness protection;
  • disclosure of a record would prejudice or impair public safety;
  • disclosure of a record is privileged in terms of legal proceedings, unless such privilege has been waived;
  • disclosure of a record would harm the commercial and financial interests of the company; and
  • disclosure of a record would put Summit AI at a disadvantage in contractual or other negotiations or prejudice it in commercial competition.

In the event that the requested record cannot be located and it is believed that the record does not exist or merely cannot be located, then Summit AI will inform the requestor by way of affidavit or affirmation of the reason for delay or inability to locate the record.

10.1 GENERIC RECORDS

10.1.1 Internal records The following are records pertaining to Summit AI’s own affairs:

  • Memorandum of Incorporation
  • Financial records
  • Operational records
  • Intellectual property records
  • Marketing records;
  • Internal correspondence;
  • Product and service development records;
  • Statutory records;
  • Internal policies and procedures;
  • Records held by officials of Summit AI.

10.1.2 Personnel records (these records can only be requested by the person the record pertains to) Personnel records include the following:

  • Any personal records provided to Summit AI (Pty) Ltd by its personnel;
  • Any records a third party has provided to Summit AI about any of its personnel;
  • Conditions of employment and other personnel-related contractual and quasi-legal records;
  • Internal evaluation records; and
  • Other internal records and correspondence.

10.1.3 Other Parties Records are kept in respect of other parties, including without limitation contractors, commercial banks, auditors and consultants, suppliers, joint venture companies and service providers, and general market conditions.

In addition, such other parties may possess records which can be said to belong to Summit AI . The following records fall under this category:

  • Personnel, customer, or Summit AI  records which are held by another party as opposed to being held by Summit AI; and
  • Records held by Summit AI pertaining to other parties, including financial records, correspondence, contractual records, records provided by the other party, and records third parties have provided about the contractors or suppliers.

10.1.4 Other Records Further records are held including:

  • Information relating to Summit AI’s own commercial activities; and
  • Research information belonging to Summit AI or carried out on behalf of a third party.

10.2 CLIENT-RELATED RECORDS

Client-related information includes the following:

  • Any records a client has provided to Summit AI;
  • Any records a third party has provided to Summit AI either directly or indirectly concerning a client;
  • Records generated by or within Summit AI pertaining to its clients, including project details, proposals, contracts, and communication logs.

10.3 DESCRIPTION OF PERSONAL INFORMATION PROCESSING IN TERMS OF POPIA

10.3.1 Purpose of the processing:

  • To provide AI solutions and services to clients.
  • To market products and services.
  • To comply with statutory obligations.
  • Customer relations purposes.
  • To conduct market research and gather feedback.
  • Security, administrative, and legal purposes.
  • To fulfil contractual obligations that we have with clients, customers, or third parties.
  • For internal business operations and improvement.

10.3.2 Data subject categories and their personal information:

  • Employees: records of employee lifecycle (e.g., contact details, employment history, payroll information).
  • Clients/Prospective Clients: names, contact details, project requirements, communication history.
  • General public: general enquiries and website viewing data (e.g., IP addresses, browser information).
  • Industry bodies: membership records.
  • Media: records of media interactions.
  • Service providers: records of service provider lifecycle (e.g., contractual details, payment information).

10.3.3 Recipients of personal information

  • Employee pension funds (if applicable).
  • Financial institutions (for payment processing, if applicable for services).
  • Industry bodies.
  • Law enforcement (as required by law).
  • Medical aid schemes (if applicable for employees).
  • Operators (third-party service providers who process personal information on our behalf).
  • Statutory authorities (e.g., SARS, CIPC).
  • Other members within the Summit AI group (if applicable).

10.3.4 Expected transnational transfer of personal information

  • Transfer of personal information to operators (service providers located outside of South Africa, if applicable, subject to adequate data protection safeguards).
  • Transfer of personal information to other members in the group (if applicable, across borders).
  • Transfer of personal information through social media platforms (if individuals interact with Summit AI via these platforms and their data is transferred internationally by the platform provider).

10.3.5 Security measures to protect personal information

  • Physical security measures (e.g., access controls to offices).
  • Access control measures (e.g., restricted access to data based on roles).
  • Internal security measures (e.g., internal policies and procedures for data handling).
  • Cyber security measures (e.g., encryption, intrusion detection).
  • Anti-spam measures.
  • Anti-virus measures.
  • Installing security firewalls.
  • Password control and strong authentication.
  • Training programs on information security for personnel.
  • Regular information security audits.
  • IT-related company policies governing data handling and security.

For information on how we process personal information, please refer to our privacy policy contained within our Terms and Conditions document available at www.summitai.co.za.

    Summit Ai - Logo Primary

    BOOK YOUR DISCOVERY CALL

    Fill out the form below, and we will be in touch shortly.

    Contact Information
    Services Required
    Preferred Date and Time Selection
    Summit Ai - Logo Primary

    BOOK YOUR DISCOVERY CALL

    Fill out the form below, and we will be in touch shortly.