POPI Policy
Policy statement and manual of Protection of Personal, Information and the Retention of Documents for
HIC Underwritting Managers Pty Ltd and all its subsidiaries (hereinafter referred to as “HIC”) (Registration
number:1998/003265/07)
Last Updated: SEPTEMBER 2017
Index
Protection of personal information in terms of the Protection of Personal Information Act 4 of 2013
1. Protection of Personal Information Act, 4 Of 2013 HIC Group POPI Policy 2017 2
2. Amendments to this policy 4
Policy on the retention & confidentiality of documents, information and electronic transactions
1. Purpose 5
2. Scope and definitions 5
3. Access to documents 5
4. Disclosure to 3rd Parties 6
5. Storage of documents 6
6. Destruction of documents 11
7. Sources 11
POPI Policy Page 2
Protection of personal information in terms of the Protection of Personal Information Act
4 of 2013
1. Protection of Personal Information Act, 4 Of 2013 HIC Group POPI Policy 2017
(a) Introduction
HIC is a company functioning within the short term Insurance underwriting sector, that is
obligated to comply with The Protection of Personal Information Act 4 of 2013. POPI requires HIC
to inform their clients as to the manner in which their personal information is used, disclosed
and destroyed.
HIC is commitment to protecting its client’s privacy and ensuring that their personal information
is used appropriately, transparently, securely and in accordance with applicable laws. The Policy
sets out the manner in which HIC deals with their client’s personal information as well as stipulates
the purpose for which said information is used. The Policy is made available on HIC company
website www.hicsa.co.za and by request from HIC head office. The Policy is drafted in conjunction
with the Financial Intermediary Association’s (“FIA”) Protection of Personal Information Notice.
(b) Personal information collected
Section 9 of POPI states that “Personal Information may only be processed if, given the purpose
for which it is processed, it is adequate, relevant and not excessive.”
HIC collects and processes client’s personal information pertaining to the client’s insurance needs.
The type of information will depend on the need for which it is collected and will be processed for
that purpose only. Whenever possible, HIC will inform the client as to the information required
and the information deemed optional. Examples of personal information we collect include, but
is not limited to:
(i) The Client’s Identity number, name, surname, address, postal code, marital status, and
number of dependants;
(ii) Description of the client’s residence, business, assets; financial information, banking
details, etc-.
(iii) Any other information required by HIC, suppliers and Insurers in order to provide clients
with an accurate analysis of their Insurance needs.
HIC also collects and processes the client’s personal information for marketing purposes in order
to ensure that our products and services remain relevant to our clients and potential clients.
HIC aims to have agreements in place with all product suppliers, insurers and third party service
providers to ensure a mutual understanding with regard to the protection of the client’s personal
information. HIC suppliers will be subject to the same regulations as applicable to HIC.
With the client’s consent, HIC may also supplement the information provided with information
HIC receives from other providers in order to offer a more consistent and personalized experience
in the client’s interaction with HIC. For purposes of this Policy, clients include potential and
existing clients.
(c) The usage of personal information
The Client’s Personal Information will only be used for the purpose for which it was collected and
as agreed. This may include:
(i) Providing products or services to clients and to carry out the transactions requested;
(ii) For underwriting purposes;
(iii) Assessing and processing claims;
(iv) Confirming, verifying and updating client details;
(v) For purposes of claims history;
(vi) For the detection and prevention of fraud, crime, money laundering or other malpractices;
(vii) Conducting market or customer satisfaction research;
POPI Policy Page 3
(viii) For audit and record keeping purposes;
(ix) In connection with legal proceedings;
(x) Providing HIC services to clients, to render the services requested and to maintain and
constantly improve the relationship;
(xi) Providing communication in respect of HIC and regulatory matters that may affect
clients; and
(xii) In connection with and to comply with legal and regulatory requirements or when it is
otherwise allowed by law.
(xiii) According to section 10 of POPI, personal information may only be processed if certain
conditions, listed below, are met along with supporting information for HIC processing of
Personal Information:
(1) The client’s consents to the processing: – consent is obtained from clients during the
introductory, appointment and needs analysis stage of the relationship;
(2) The necessity of processing: in order to conduct an accurate analysis of the client’s
needs for purposes of amongst other credit limits, insurance requirements, etcetera.
(3) Processing complies with an obligation imposed by law on HIC;
(4) The Financial Advisory and Intermediary Services Act (‘FAIS’) requires Financial Service
Provider’s (‘FSPs’) to conduct a needs analysis and obtain information from clients
about their needs in order to provide them with applicable and beneficial products;
(5) Processing protects a legitimate interest of the client — it is in the client’s best interest
to have a full and proper needs analysis performed in order to provide them with an
applicable and beneficial product or service.
(6) Processing is necessary for pursuing the legitimate interests of HIC or of a third party
to whom information is supplied — in order to provide HIC clients with products
and or services both HIC and any of our product suppliers require certain personal
information from the clients in order to make an expert decision on the unique and
specific product and or service required.
(d) Disclosure of personal information
(i) HIC may disclose a client’s personal information to any of the HIC subsidiaries, joint venture
companies and or approved product supplier or third party service providers whose services
or products clients elect to use. HIC has agreements in place to ensure compliance with
confidentiality and privacy conditions.
(ii) HIC may also share client personal information with, and obtain information about clients
from third parties for the reasons already discussed above.
(iii) HIC may also disclose a client’s information where it has a duty or a right to disclose in
terms of applicable legislation, the law, or where it may be deemed necessary in order to
protect HIC rights.
(e) Safeguarding client information
It is a requirement of POPI to adequately protect personal information. HIC will continuously
review its security controls and processes to ensure that personal
(f) Information is secure
(i) The HIC Information Officer is Denleigh Wilensky whose details are available below and who
is responsible for the compliance with the conditions of the lawful processing of personal
information and other provisions of POPI. She is assisted by Monique Oosthuizen who will
function as the Group’s Deputy Information Officer;
(ii) This policy has been put in place throughout HIC and training on this policy and the POPI
Act has already taken place and will be conducted during 2017 by HIC;
POPI Policy Page 4
(iii) Each new employee will be required to sign an EMPLOYMENT CONTRACT containing relevant
consent clauses for the use and storage of employee information, or any other action so
required, in terms of POPI;
(iv) Every employee currently employed within HIC will be required to sign an addendum to
their EMPLOYMENT CONTRACTS containing relevant consent clauses for the use and storage
of employee information, or any other action so required, in terms of POPI;
(v) HIC archived client information is stored off site at Metrofile which is also governed by POPI,
access to retrieve information is limited to authorized personal.
(vi) HIC product suppliers, insurers and other third party service providers will be required to
sign a service level agreement guaranteeing their commitment to the Protection of Personal
Information; this is however a ongoing process that will be evaluated as needed.
(vii) All electronic files or data are backed up by IMVULA IT Division and Ilanga which is also
responsible for system security that protects third party access and physical threats. The IT
Division is responsible for Electronic Information Security;
(g) Access And Correction Of Personal Information
Clients have the right to access the personal information HIC holds about them. Clients also have
the right to ask HIC to update, correct or delete their personal information on reasonable grounds.
Once a client objects to the processing of their personal information, HIC may no longer process
said personal information. HIC will take all reasonable steps to confirm its clients’ identity before
providing details of their personal information or making changes to their personal information.
The details of HIC’S Information Officer and Head Office are as follows:
Information Officer Denleigh Wilensky
Telephone Number (011) 455 5271
Fax Number (011) 450 4307
E-Mail Address denleighw@hicsa.co.za
Deputy Information Officer Monique Oosthuizen
Telephone Number (011) 455 5271
Fax Number (011) 450 4307
E-Mail Address moniqueo@hicsa.co.za
Head Office Details
Telephone (011) 455 5271
Fax (011) 450 4307
Postal PO Box 2253 Bedfordview 2008
Physical 11 B Riley Road, Eastwood Office Park,
Makana House, Bedfordview, 2007
2. Amendments to this policy
Amendments to, or a review of this Policy, will take place on an ad hoc basis or at least once a year.
Clients are advised to access HIC’S website periodically to keep abreast of any changes. Where material
changes take place, clients will be notified directly or changes will be stipulated on the HIC website.
POPI Policy Page 5
Policy on the retention & confidentiality of documents, information and electronic transactions
1. Purpose
(a) To exercise effective control over the retention of documents and electronic transactions:
(i) as prescribed by legislation; and
(ii) as dictated by business practice.
(b) Documents need to be retained in order to prove the existence of facts and to exercise rights the
Company may have. Documents are also necessary for defending legal action, for establishing
what was said or done in relation to business of the Company and to minimize the Company’s
reputational risks.
(c) To ensure that the Company’s interests are protected and that the Company’s and clients’ rights
to privacy and confidentiality are not breached.
(d) Queries may be referred to the Company Secretary.
2. Scope and definitions
(a) All documents and electronic transactions generated within and/or received by the Company.
(b) Definitions:
(i) Clients includes, but are not limited to, shareholders, debtors, creditors as well as the
affected personnel and/or departments related to a service division of the Company.
(ii) Confidential Information refers to all information or data disclosed to or obtained by the
Company by any means whatsoever.
(iii) Constitution: Constitution of the Republic of South Africa Act, 108 of 1996.
(iv) Data refers to electronic representations of information in any form.
(v) Documents include books, records, security or accounts and any information that has been
stored or recorded electronically, photographically, magnetically, mechanically, electromechanically
or optically, or in any other form.
(vi) ECTA: Electronic Communications and Transactions Act, 25 of 2002.
(vii) Electronic communication refers to a communication by means of data messages.
(viii) Electronic signature refers to data attached to, incorporated in, or logically associated with
other data and which is intended by the user to serve as a signature.
(ix) Electronic transactions include e-mails sent and received.
(x) PAIA: Promotion of Access to Information Act, 2 of 2000.
3. Access to documents
(a) All Company and client information must be dealt with in the strictest confidence and may only
be disclosed, without fear of redress, in the following circumstances (also see clause 4 (b) below):
(i) where disclosure is under compulsion of law;
(ii) where there is a duty to the public to disclose;
(iii) where the interests of the Company require disclosure; and
(iv) where disclosure is made with the express or implied consent of the client.
POPI Policy Page 6
4. Disclosure to 3rd Parties
(a) All employees have a duty of confidentiality in relation to the Company and clients.
(i) Information on clients: Our clients’ right to confidentiality is protected in the Constitution
and in terms of ECTA. Information may be given to a 3rd party if the client has consented in
writing to that person receiving the information.
(ii) Requests for company information:
(1) These are dealt with in terms of PAIA, which gives effect to the constitutional right
of access to information held by the State or any person (natural and juristic) that
is required for the exercise or protection of rights. Private bodies, like the Company,
must however refuse access to records if disclosure would constitute an action for
breach of the duty of secrecy owed to a third party.
(2) In terms hereof, requests must be made in writing on the prescribed form to the
Company Secretary, who is also the Information Officer in terms of PAIA. The
requesting party has to state the reason for wanting the information and has to pay
a prescribed fee.
(3) The Company’s manual in terms of PAIA, which contains the prescribed forms and
details of prescribed fees, is available on the intranet and the HIC website http://
www.hicsa.co.za
(iii) Confidential company and/or business information may not be disclosed to third parties as
this could constitute industrial espionage. The affairs of the Company must be kept strictly
confidential at all times.
(b) The Company views any contravention of this policy very seriously and employees who are guilty
of contravening the policy will be subject to disciplinary procedures, which may lead to the
dismissal of any guilty party.
5. Storage of documents
(a) Hard Copies
(i) Documents are stored in an archive different location.
(ii) Companies Act, No 71 of 2008:
(1) With regard to the Companies Act, No 71 of 2008 and the Companies Amendment
Act No 3 of 2011, hard copies of the documents mentioned below must be retained
for 7 years:
– Any documents, accounts, books, writing, records or other information that a
company is required to keep in terms of the Act;
– Notice and minutes of all shareholders meeting, including resolutions adopted
and documents made available to holders of securities;
– Copies of reports presented at the annual general meeting of the company;
– Copies of annual financial statements required by the Act;
– Copies of accounting records as required by the Act;
– Record of directors and past directors, after the director has retired from the
company;
– Written communication to holders of securities and
– Minutes and resolutions of directors’ meetings, audit committee and directors’
Committees
(2) Copies of the documents mentioned below must be retained indefinitely:
– Registration certificate;
– Memorandum of Incorporation and alterations and amendments;
– Rules;
– Securities register and uncertified securities register;
POPI Policy Page 7
– Register of company secretary and auditors and
– Regulated companies (companies to which chapter 5, part B, C and Takeover
Regulations apply) – Register of disclosure of person who holds beneficial interest
equal to or in excess of 5% of the securities of that class issued.
Consumer Protection Act, No 68 of 2008:
(i) The Consumer Protection Act seeks to promote a fair, accessible and sustainable market
place and therefore requires a retention period of 3 years for information provided to a
consumer by an intermediary such as:
(1) Full names, physical address, postal address and contact details;
(2) ID number and registration number;
(3) Contact details of public officer in case of a juristic person;
(4) Service rendered;
(5) Intermediary fee;
(6) Cost to be recovered from the consumer;
(7) Frequency of accounting to the consumer;
(8) Amounts, sums, values, charges, fees, remuneration specified in monetary terms;
(9) Disclosure in writing of a conflict of interest by the intermediary in relevance to goods
or service to be provided;
(10) Record of advice furnished to the consumer reflecting the basis on which the advice
was given;
(11) Written instruction sent by the intermediary to the consumer;
(12) Conducting a promotional competition refer to Section 36(11)(b) and Regulation 11 of
Promotional Competitions;
(13) Documents Section 45 and Regulation 31 for Auctions.
Financial Advisory and Intermediary Services Act, No 37 of 2002:
(i) Section 18 of the Act requires a retention period of 5 years, except to the extent that it is
exempted by the registrar for the below mentioned documents:
(1) Known premature cancellations of transactions or financial products of the provider
by clients;
(2) Complaints received together with an indication whether or not any such complaint
has been resolved;
(3) The continued compliance with this Act and the reasons for such noncompliance;
(4) And the continued compliance by representatives with the requirements referred to
in section 13(1) and (2).
(5) The General Code of Conduct for Authorized Financial Services Provider and
(6) Representatives requires a retention period of 5 years for the below mentioned
documents:
(7) Proper procedures to record verbal and written communications relating to a financial
service rendered to a client as are contemplated in the Act, this Code or any other
Code drafted in terms of section 15 of the Act;
(8) Store and retrieve such records and any other material documentation relating to the
client or financial services rendered to the client;
(9) And keep such client records and documentation safe from destruction;
(10) All such records must be kept for a period after termination to the knowledge of the
provider of the product concerned or in any other case after the rendering of the
financial service concerned.
POPI Policy Page 8
Financial Intelligence Centre Act, No 38 of 2001:
(i) Section 22 and 23 of the Act require a retention period of 5 years for the documents and
records of the activities mentioned below:
(1) Whenever an accountable transaction is concluded with a client, the institution must
keep record of the identity of the client;
(2) If the client is acting on behalf of another person, the identity of the person on
whose behalf the client is acting and the clients authority to act on behalf of that
other person;
(3) If another person is acting on behalf of the client, the identity of that person and that
other person’s authority to act on behalf of the client;
(4) The manner in which the identity of the persons referred to above was established;
(5) The nature of that business relationship or transaction;
(6) In the case of a transaction, the amount involved and the parties to that transaction;
(7) All accounts that are involved in the transactions concluded by that accountable
institution in the course of that business relationship and that single transaction;
(8) The name of the person who obtained the identity of the person transacting on behalf
of the accountable institution;
(9) Any document or copy of a document obtained by the accountable institution.
(10) These documents may also be kept in electronic format.
Compensation for Occupational Injuries and Diseases Act, No 130 of 1993:
(i) Section 81(1) and (2) of the Compensation for Occupational Injuries and Diseases Act requires
a retention period of 4 years for the documents mentioned below:
(1) Register, record or reproduction of the earnings, time worked, payment for piece work
and overtime and other prescribed particulars of all the employees.
(ii) Section 20 (2) documents with a required retention period of 3 years:
(1) Health and safety committee recommendations made to an employer in terms of
issues affecting the health of employees and of any report made to an inspector in
terms of the recommendation;
(2) Records of incidents reported at work.
(3) Asbestos Regulations, 2001, regulation 16(1) requires a retention period of minimum
40 years for the documents mentioned below:
– Records of assessment and air monitoring, and the asbestos inventory;
– Medical surveillance records;
– Hazardous Biological Agents Regulations, 2001, Regulations 9(1) and (2):
– Records of risk assessments and air monitoring;
– Medical surveillance records.
(iii) Lead Regulations, 2001, Regulation 10:
(1) Records of assessments and air monitoring;
(2) Medical surveillance records.
(iv) Noise – induced Hearing Loss Regulations, 2003, Regulation 11:
(1) All records of assessment and noise monitoring;
(2) All medical surveillance records, including the baseline audiogram of every employee.
Hazardous Chemical Substance Regulations, 1995, Regulation 9 requires a retention
period of 30 years for the documents mentioned below:
– Records of assessments and air monitoring;
– Medical surveillance records.
POPI Policy Page 9
Basic Conditions of Employment Act, No 75 of 1997:
(i) The Basic Conditions of Employment Act requires a retention period of 3 years for the
documents mentioned below:
(1) Section 29 (4):
– Written particulars of an employee after termination of employment;
(2) Section 31:
– Employee’s name and occupation;
– Time worked by each employee;
– Remuneration paid to each employee;
– Date of birth of any employee under the age of 18 years.
Employment Equity Act, No 55 of 1998:
(i) Section 26 and the General Administrative Regulations, 2009, Regulation 3(2) requires a
retention period of 3 years for the documents mentioned below:
(1) Records in respect of the company’s workforce, employment equity plan and other
records relevant to compliance with the Act;
(ii) Section 21 and Regulations 4(10) and (11) require a retention period of 3 years for the report
which is sent to the Director General as indicated in the Act.
Labour Relations Act, No 66 of 1995:
Sections 53(4), 98(4) and 99 require a retention period of 3 years for the documents
mentioned below:
(i) The Bargaining Council must retain books of account, supporting vouchers, income and
expenditure statements, balance sheets, auditor’s reports and minutes of the meetings;
(ii) Registered Trade Unions and registered employer’s organizations must retain books of
account, supporting vouchers, records of subscriptions or levies paid by its members, income
and expenditure statements, balance sheets, auditor’s reports and minutes of the meetings;
(iii) Registered Trade Unions and employer’s organizations must retain the ballot papers;
(iv) Records to be retained by the employer are the collective agreements and arbitration awards.
(v) Sections 99, 205(3), Schedule 8 of Section 5 and Schedule 3 of Section 8(a) require an
indefinite retention period for the documents mentioned below:
(1) Registered Trade Unions and registered employer’s organizations must retain a list of
its members;
(2) An employer must retain prescribed details of any strike action involving its employees;
(3) Records of each employee specifying the nature of any disciplinary transgressions, the
actions taken by the employer and the reasons for the actions;
(4) The Commission must retain books of accounts, records of income and expenditure,
assets and liabilities.
Unemployment Insurance Act, No 63 of 2002:
(i) The Unemployment Insurance Act, applies to all employees and employers except:
(1) Workers working less than 24 hours per month;
(2) Learners;
(3) Public servants;
(4) Foreigners working on a contract basis;
(5) Workers who get a monthly State (old age) pension;
(6) Workers who only earn commission.
(ii) Section 56(2)(c) requires a retention period of 5 years, from the date of submission, for the
documents mentioned below:
POPI Policy Page 10
(1) Employers must retain personal records of each of their current employees in terms
of their names, identification number, monthly remuneration and address where the
employee is employed.
Tax Administration Act, No 28 of 2011:
(i) Section 29 of the Tax Administration Act, states that records of documents must be
retained to:
(1) Enable a person to observe the requirements of the Act;
(2) Are specifically required under a Tax Act by the Commissioner by the public notice;
(3) Will enable SARS to be satisfied that the person has observed these requirements.
(ii) Section 29(3)(a) requires a retention period of 5 years, from the date of submission for
taxpayers that have submitted a return and an indefinite retention period, until the return
is submitted, then a 5 year period applies for taxpayers who were meant to submit a return.
(iii) Section 29(3)(b) requires a retention period of 5 years from the end of the relevant tax
period for taxpayers who were not required to submit a return, but had capital gains/losses
or engaged in any other activity that is subject to tax or would be subject to tax but for the
application of a threshold or exemption.
(iv) Section 32(a) and (b) require a retention period of 5 years but records must be retained
until the audit is concluded or the assessment or decision becomes final, for documents
indicating that a person has been notified or is aware that the records are subject to an
audit or investigation and the person who has lodged an objection or appeal against an
assessment or decision under the TAA.
Income Tax Act, No 58 of 1962:
(i) Schedule 4, paragraph 14(1)(a)-(d) of the Income Tax Act requires a retention period of 5
years from the date of submission for documents pertaining to each employee that the
employer shall keep:
(1) Amount of remuneration paid or due by him to the employee;
(2) The amount of employees tax deducted or withheld from the remuneration paid or due;
(3) The income tax reference number of that employee;
(4) Any further prescribed information;
(5) Employer Reconciliation return.
(ii) Schedule 6, paragraph 14(a)-(d) requires a retention period of 5 years from the date of
submission or 5 years from the end of the relevant tax year, depending on the type of
transaction for documents pertaining to:
(1) Amounts received by that registered micro business during a year of assessment;
(2) Dividends declared by that registered micro business during a year of assessment;
(3) Each asset as at the end of a year of assessment with cost price of more than R 10 000;
(4) Each liability as at the end of a year of assessment that exceeded R 10 000.
Value Added Tax Act, No 89 of 1991:
(i) Section 15(9), 16(2) and 55(1)(a) of the Value Added Tax Act and Interpretation Note 31, 30
March requires a retention period of 5 years from the date of submission of the return for
the documents mentioned below:
(1) Where a vendor’s basis of accounting is changed the vendor shall prepare lists of
debtors and creditors showing the amounts owing to the creditors at the end of the
tax period immediately preceding the changeover period;
(2) Importation of goods, bill of entry, other documents prescribed by the Custom and
Excise Act and proof that the VAT charge has been paid to SARS;
POPI Policy Page 11
(3) Vendors are obliged to retain records of all goods and services, rate of tax applicable
to the supply, list of suppliers or agents, invoices and tax invoices, credit and debit
notes, bank statements, deposit slips, stock lists and paid cheques;
(4) Documentary proof substantiating the zero rating of supplies;
(5) Where a tax invoice, credit or debit note, has been issued in relation to a supply by
an agent or a bill of entry as described in the Customs and Excise Act, the agent shall
maintain sufficient records to enable the name, address and VAT registration number
of the principal to be ascertained.
(b) Electronic Storage
(i) The internal procedure requires that electronic storage of information: important
documents and information must be referred to and discussed with IT who will arrange
for the indexing, storage and retrieval thereof. This will be done in conjunction with the
departments concerned.
(ii) Scanned documents: If documents are scanned, the hard copy must be retained for as long
as the information is used or for 1 year after the date of scanning, with the exception of
documents pertaining to personnel. Any document containing information on the written
particulars of an employee, including: employee’s name and occupation, time worked by
each employee, remuneration and date of birth of an employee under the age of 18 years;
must be retained for a period of 3 years after termination of employment.
(iii) Section 51 of the Electronic Communications Act No 25 of 2005 requires that personal
information and the purpose for which the data was collected must be kept by the person
who electronically requests, collects, collates, processes or stores the information and a
record of any third party to whom the information was disclosed must be retained for a
period of 1 year or for as long as the information is used. It is also required that all personal
information which has become obsolete must be destroyed.
6. Destruction of documents
(a) Documents may be destroyed after the termination of the retention period specified in Annexure
“A” hereto. Registration will request departments to attend to the destruction of their documents
and these requests shall be attended to as soon as possible.
(b) Each department is responsible for attending to the destruction of its documents, which must be
done on a regular basis. Files must be checked in order to make sure that they may be destroyed
and also to ascertain if there are important original documents in the file. Original documents
must be returned to the holder thereof, failing which, they should be retained by the Company
pending such return.
(c) After completion of the process in 6.2 above, the General Manager of the department shall, in
writing, authorise the removal and destruction of the documents in the authorisation document.
These records will be retained by Registration.
(d) The documents are then made available for collection by the removers of the Company’s
documents, who also ensure that the documents are shredded before disposal. This also helps to
ensure confidentiality of information.
(e) Documents may also be stored off-site, in storage facilities approved by the Company.
7. Sources
(a) SAICA Guidelines-Updated October 2013 (also refers to the Banks Act and Insolvency Act);
(b) Companies Act, 61/1973;
(c) Income Tax Act, 58/1962;
(d) Financial Intelligence Centre Act, 38/2001;
(e) ECTA, 25/2002;
(f) RICA, 70/2002;
POPI Policy Page 12
(g) Second Hand Goods Act, 23/1955;
(h) Firearms Control Act, 60/2000;
(i) Basic Conditions of Employment Act, 75/1997;
(j) Unemployment Insurance Act, 63/2001;
(k) Unemployment Insurance Contributions Act, 4/2002;
(l) National Credit Act, 34/2005;
(m) Compensation for Occupational Injuries & Diseases Act, 130/1993;
(n) Skills Development Levies Act, 9/1999;
(o) Employment Equity Act, 55/1998;
(p) Labour Relations Act, 66/1995;
(q) Securities Services Act, 36/2004;
(r) Value-Added Tax Act, 89/1991;
(s) POPI, 4/2013;
(t) PRECCA, 12/2004;
(u) PROCDATRA, 33/2004;
(v) FAIS, 37/2002;
(w) Prescription Act, 68/1969;
(x) Safex Rules;
(y) Legal advice (Juta);
(z) Standard Practice (Juta); and
(aa) OHSA, 85/1993.
(ab) Companies Amendment Act 3/2011
(ac) Companies Regulations 2011;
(ad) Tax Administration Act, 28/2011.