1. INTRODUCTION

This manual is published in terms of Section 51 of the Promotion of Access to Information Act 2 of 2000 (“PAIA”), as amended. PAIA gives effect to the constitutional right of access to any information held by another person that is required for the exercise or protection of any rights.

This manual provides information on the records held by Refraime (Pty) Ltd and the procedure to be followed when requesting access to such records.

2. CONTACT DETAILS OF THE PRIVATE BODY

3. INFORMATION OFFICER
The Information Officer is the person designated in terms of POPIA Section 55 to be responsible for compliance with PAIA and POPIA.

4. GUIDE PUBLISHED BY THE INFORMATION REGULATOR

The Information Regulator has compiled a guide in terms of Section 10 of PAIA to assist persons who wish to exercise their right of access to information. The guide is available from:

The Information Regulator

JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

P O Box 31533, Braamfontein, Johannesburg, 2017

Tel: +27 12 406 4818

Email: inforeg@justice.gov.za

Website: www.inforegulator.org.za

5. RECORDS HELD BY REFRAIME

The following categories of records are held by Refraime. This list is not exhaustive and the inclusion of a category does not mean that access will automatically be granted.

5.1 Company Records

• Memorandum of Incorporation and company registration documents
• Minutes of board meetings and shareholder resolutions
• Financial statements and annual returns
• Tax records and SARS correspondence

5.2 Employment Records

• Employment contracts and agreements
• Payroll records
• Leave records
• Disciplinary records
• Skills development records

5.3 Financial Records

• Banking records and statements
• Invoices (issued and received)
• Client contracts and service agreements
• Supplier and vendor agreements
• Insurance records

5.4 Client and Operational Records

• Client service agreements and End-User License Agreements
• Data Processing Agreements
• Client onboarding and configuration records
• Support ticket logs
• Platform audit trail records

5.5 Intellectual Property Records

• Software source code and documentation
• Trademarks and brand assets
• Patents and patent applications (if any)
• Research and development records

5.6 Information Technology Records

• System architecture documentation
• Security policies and procedures
• Incident and breach response records
• Sub-processor agreements

6. RECORDS AVAILABLE WITHOUT A REQUEST (SECTION 52)

The following records are freely available on the Refraime website without the need for a formal PAIA request:

• Privacy Policy
• This PAIA Manual
• Platform End-User License Agreement (EULA)
• Cookie Notice
• A Data Subject’s own account profile information and system-generated audit logs of their own activity (available via the Platform dashboard)

7. HOW TO REQUEST ACCESS RECORDS

Step 1: Complete the prescribed form

Requests for access to records must be made on Form 2, as set out in Annexure B of the Regulations relating to the Promotion of Access to Information, 2021. The form is available from the Information Regulator’s website (www.inforegulator.org.za) or from Refraime upon request.

Step 2: Submit the request

Completed forms should be submitted to the Information Officer at:

• Email: privacy@refraime.ai
• Post: P O Box 3912, Cramerview, 2060
• Hand delivery: 325 Main Avenue, Ferndale, Randburg, 2194

Step 3: Pay the prescribed fee

An initial request fee of R90.00 is payable before the request will be processed. Additional fees may be payable for searching, preparing, and reproducing the records, as prescribed in the PAIA Regulations. The Information Officer will notify the requester of any additional fees before proceeding.

Step 4: Await a response

The Information Officer will respond within 30 days of receipt of the request. This period may be extended by a further 30 days if the request is for a large volume of records, if the records must be searched for at another location, or if consultation with a third party is required.

8. GROUNDS FOR REFUSAL OF ACCESS

Access to records may be refused on the grounds set out in PAIA, including but not limited to:

• Protection of the privacy of a third party (Section 63)
• Protection of commercial information of a third party (Section 64)
• Protection of confidential information of a third party (Section 65)
• Protection of the safety of individuals or property (Section 66)
• Refraime will specifically refuse requests for access to alert imagery where such disclosure would reveal the Personal Information of other residents or members of the public (third parties) without their express consent, or where it would compromise the security of the precinct/property (Section 66)
• Records that are privileged from production in legal proceedings (Section 67)
• Protection of the commercial activities of the private body (Section 68)
• Records relating to research being carried out on behalf of a third party (Section 69)

Where access is refused, the Information Officer will provide reasons for the refusal and inform the requester of their right to lodge a complaint with the Information Regulator or to apply to a court for relief.

9. PROCESSING OF PERSONAL INFORMATION (POPIA SECTION 51(1)(c))

In terms of Section 51(1)(c) of PAIA (as inserted by POPIA), Refraime hereby provides the following description of its processing of Personal Information:

9.1 Purpose of Processing

Refraime processes Personal Information for the purpose of providing intelligent video analytics services – including intrusion detection and, where enabled by the client, Agentic AI behavioural analysis – to security companies, residential estates, and homeowners. Full details are set out in our Privacy Policy, available at www.refraime.ai.

9.2 Categories of Data Subjects

• Individuals captured incidentally in security alert imagery
• Platform users (security operators, administrators)
• Client personnel (responders, managers, key holders)
• Homeowners participating in community camera sharing

|9.3 Categories of Personal Information

• Alert imagery (incidental images of individuals)
• Alert metadata (timestamps, locations, event classifications)
• User account data (usernames, hashed passwords, optional names, email addresses)
• Site configuration data (contact details, locations, procedures)
• Audit logs (user actions, access records, session logs)

9.4 Recipients of Personal Information

• Authorised platform users within the Client’s organisation
• Sub-processors: Data Sciences Corporation (cloud hosting), Twilio/SendGrid (email), Telegram (notifications), Google LLC and other Tier-1 AI Infrastructure providers (AI model inference for Agentic AI, where enabled)
• Law enforcement (only when legally compelled)

9.5 Cross-Border Transfers

Refraime stores all core platform data in South African data centres. Limited cross-border transfers occur only in relation to email and push notification delivery via SendGrid and Telegram, and where a client has enabled Agentic AI features, alert imagery transmitted to Google’s AI inference infrastructure. Full details are set out in our Privacy Policy.

9.6 Security Measures

Refraime implements appropriate technical and organisational security measures, including encryption, role-based access control, audit logging, and automated data retention enforcement. Full details are set out in our Data Processing Agreement. 

10. REMEDIES AVAILABLE IF REQUEST IS REFUSED

If a request for access to a record is refused, the requester may:

• Lodge a complaint with the Information Regulator within 180 days of the notification of the decision.
• Apply to a court of competent jurisdiction for appropriate relief within 180 days of the notification of the decision.

The Information Regulator’s contact details are provided in Section 4 of this manual.

 
11. ANNUAL REPORTING

Refraime (Pty) Ltd shall, in accordance with Section 83(4) of PAIA, submit an annual report to the Information Regulator regarding the number of requests for access received, granted, and refused during the preceding financial year.

 
12. AVAILABILITY AND UPDATES

This manual is available for inspection at Refraime’s offices during normal business hours and on the Refraime website at www.refraime.ai/paia-manual. A copy may be requested from the Information Officer.

This manual will be updated as and when required to reflect changes in the company’s operations, records, or applicable legislation.