Abbreviation

Meaning

CEO

Chief Executive Officer

DIO

Deputy Information Officer

IO

Information Officer

PAIA

Promotion of Access to Information Act, 2 of 2002 (as amended)

POPIA

Protection of Personal Information Act, 4 of 2013

Record category

Record type

Available at our website at nedbank.co.za

Available on request

Human resources

Statutory and other employee records

X

X

External-candidate profiles and positions applied for

X

Company secretarial

Own portfolio or shareholdings, tax statements for share transactions (IT3), frequently asked questions (FAQs) and rules of the share scheme

X

Own portfolio or shareholdings (transactions, dividends), tax statements for share transactions (IT3), FAQs and rules of the share scheme

X

Annual financial statements (audited), Stock Exchange News Service (SENS) announcements and share prices

X

Market conduct; financial advisory and intermediary services (FAIS)

Debarments and date-of-first-appointment (DOFA) documents

X

Account statement for a specific period

X

X

Account statement for a specific period (Corporate Saver)

X

X

Copies of legal agreements (Corporate Saver)

X

Profile setup (Corporate Saver)

X

Confirmation of balances

X

X

Transaction listing

X

Needs analysis and disclosures

X

Available balance on account

X

Historic client receipts

X

Call recordings

X

Home loans

Account statement for a specific period

X

X

Settlement letter

X

X

Quotation

X

X

Reconciliation

X

Decline letter

X

Approval letter

X

X

Personal loans and unsecured lending

Account statement for a specific period

X

X

Application form for a personal loan, an overdraft or a student loan

X

FAIS acknowledgement for a personal loan, an overdraft or a student loan

X

Settlement letter for a personal loan or unsecured lending

X

Account closure letter for a personal loan or unsecured lending

X

Welcome letter for a personal loan or unsecured lending

X

Statement

X

X

Motor Finance Corporation (MFC)

Settlement quote

X

X

Confirmation of client details changes

X

Tax certificate

X

X

Copy of registration papers

X

X

Cross-border letter

X

X

Transaction history

X

X

Banking details update

X

X

Addendum

X

Amortisation

X

Repayment schedule

X

Balloon quote

X

Balloon manual quote

X

Capital interest statement

X

Interest rate letter

X

Settlement letter

X

Change-of-owner settlement letter

X

Authorisation letter for police clearance

X

Relocation letter

X

Copy of the National Administration Traffic Information System (NaTIS) document

X

Contract addendum relating to value-added product services

X

Cost of credit/Additional credit

X

Vehicle finance contract

X

Invoice

X

Remittance

X

Proof of payment

X

Copy of a NaTIS document

X

Business banking

Original NaTIS document

X

Own-entity product statement

X

Copy of facility letters, suretyships, title deeds, mortgage bond documents, etc

X

Original securities

X

NedFleet

X

Replacement cards

X

Applicable legislation

Category of record

Banks Act, 94 of 1990 (guidance notes and directives)

·   South African Reserve Bank (SARB) outsourcing list.

·   Materiality risk assessments.

·   Letters or notifications to SARB.

Basic Conditions of Employment Act, 75 of 1997

·   Employee details.

·   Labour relations reports.

·   Information regarding dismissals for dishonesty-related behaviour.

·   Information on disability, trade union membership, race and religion.

·   Employee next of kin or emergency contact details.

·   Conflict-of-interest declarations.

·   Education information.

·   Health and safety records.

·   Pension and provident fund records.

·   Leave records.

·   Internal evaluations and performance records.

·   Disciplinary records.

·   Training records.

·   Background checks.

Broad-based Black Economic Empowerment Act, 53 of 2003

·   Skills development section on the Financial Services Council report (no unique identifiers).

·   BBBEE status (MTN ZF).

·   BBBEE status of suppliers.

·   Supplier employee information.

·   Contractor and supplier agreements.

·   List of suppliers, products, services and distributors.

Code of Banking Practice

·   Code of Banking Practice

·   Terms and conditions

Companies Act, 71 of 2008

·   Memorandum of incorporation.

·   Award letter.

·   Annual financial statements.

·   Share register (MTN ZF).

·   CIPC company registration document.

·   CoR 14.3 registration certificate.

·   COR123.1.

·   Business application form.

·   Certificate of incorporation.

·   Dealer application.

·   The details of all share trades by employees, directors and officers of the organisation.

·   Own-organisational title deeds.

·   Register of disclosures in terms of section 140(1A) of the Companies Act, 71 of 2008.

·   Regulated-company (as defined in Chapter 5, Parts B and C, of the Companies Act, 71 of 2008) register of disclosures.

·   Company rules.

·   Records of directors.

·   Copies of reports presented at annual general meetings.

·   Notices and minutes of shareholder meetings.

·   Resolutions and their supporting documents.

·   Copies of written communications generally sent to securityholders.

·   Minutes of meetings of directors, directors’ committees, audit committees, shareholders.

·   Securities registers.

·   Record of company secretaries and auditors.

Compensation for Occupational Injuries and Diseases Act, 130 of 1993

·  Record of the earnings and other prescribed particulars of all employees.

·  Auction-related records.

·  Promotional-competition-related records.

Consumer Protection Act, 68 of 2008

·   Promotion and marketing material

·   Terms and conditions

·   Direct marketing consent

·   Complaints process document

Copyright Act, 98 of 1978 (as amended by Act 2 of 2002)

Software licences

Disaster Management Act, 57 of 2002

·   Covid-19 registers

·   Business continuity management plans

·   Business impact assessment

Electronic Communications and Transactions Act, 25 of 2002

·   Digital signatures

·   Transactional record

·   Electronic terms and conditions

·   Records of third parties to whom information is disclosed

Employment Equity Act, 55 of 1998

Employment equity plans and targets

Employment Services Act, 4 of 2014

·   Employment work permits

·   Job advertisements

Exchange Control Amnesty and Amendment Taxation Laws Act, 12 of 2003

·   Reports on foreign spend greater than R10 million to the South African Revenue Service (quarterly).

·   Cross-border transfer-of-funds applications and transactions.

Financial Advisory and Intermediary Services (FAIS) Act, 37 of 2002

·   Learning history reports.

·   Registers of representatives, key individuals, qualifications completed by intermediaries and competences.

·   Records evidencing representatives’ compliance with section 13(1)–(2) of FAIS.

·   Continued professional development (CPD) programme and activity records.

·   Records of financial and system procedures.

·   Records evidencing supervision actions undertaken, including evidence regarding the rendering of services under supervision, the method followed and frequency thereof during the period under supervision.

·   Records evidencing the deployment of adequate technological resources to maintain client records and data integrity.

·   Records relating to conclusions regarding compliance with independent requirements, and the substance of relevant discussions that support those conclusions.

·   Records relating to giving advice, call recordings and product agreements.

·   Records relating to debarments of FAIS representatives and key individuals.

·   Records relating to business continuity plans.

·   Records relating to competency requirements (copies of Grade 12, FSCA-recognised qualifications, class of business training, CPD and product-specific training).

·   Signed supervision agreements.

·   Representative letters of authority.

·   Key-individual authorisation letters.

·   Compliance reports.

·   FSP licence and addendum with conditions.

·   Complaints management (contact details of the compliance officer).

Financial Intelligence Centre Act (FICA), 38 of 2001

·   Identification and verification records

·   Client due-diligence records

·   Applications for credit or credit agreements

·   Foreign Account Tax Compliance Act

·   Common Reporting Standard

·   IRS W-8BEN-E; IRS W-8BEN; IRS W-9; IRS W-8ECI.

·   Self-certification forms.

Income Tax Act, 58 of 1962

·   IT3.

·   IRP5.

·   IT3a.

·   Monthly IRP5 files.

·   Unemployment Insurance Fund (UIF) files.

·   PAYE information.

·   SDL information.

·   VAT records.

·   Ledgers.

·   Cash books.

·   Journals.

·   Cheque books.

·   Bank statements.

·   Deposit slips.

·   Paid cheques.

·   Invoices.

·   Stock lists.

·   Other books of accounts.

·   Electronic representations of information.

Labour Relations Act, 66 of 1995

·   Disciplinary records, including  outcomes.

·   Labour relations reports.

·   Arbitration awards.

·   Records of strike action and protests.

Long-term Insurance Act, 52 of 1998

·   Retrenchment claim documents (retrenchment letter, retrenchment claim form, copy of the identity document, etc).

·   Disability claim documents (disability claim form, medical report, copy of the identity document, etc).

·   Death claim documents (death certificate, claim form, etc).

Lotteries Act, 57 of 1997

Personal information and LOTTO transactions of clients

National Credit Act, 34 of 2005

·   Loan or credit agreements.

·   Applications for credit.

·   Occupation information.

·   Credit bureau demographic, financial and consumer credit information (credit bureau information).

·   Credit refusal letter.

·   Pre-agreement statement and quote transactions and transactional history.

·   Bank details, contact details and location information.

·   Documentation in support of steps taken after default by consumer.

National Payment System Act, 78 of 1998

·   Records obtained by so-called ‘system participants’ during the course of the operation and administration of the settlement system.

·   Records of payment instructions generated and/or obtained by it during the course of the operation and administration of the payment clearing house (PCH).

·   Records obtained during the course of operation and administration of a payment or SARB settlement system.

Occupational Health and Safety Act, 85 of 1993

·   Occupational health and safety (OHS) reports including the following:

-        Learning history report

-        OHS agreement

-        OHS appointment letters

-        Data centre procedure documents

-        Incident reports

-        Personal information for workmen’s compensation

-        Personal information of visitors to our premises and branches

-        CCTV footage

Prevention and Combating of Corrupt Activities Act, 12 of 2004

·   Corrupt or fraudulent employee, client or merchant activities.

·   Reports on corrupt and fraudulent activities to law enforcement agencies.

·   Supplier Code of Ethics.

·   Business case.

·   Scorecards.

·   Tender awards.

Promotion of Access to Information Act, 2 of 2000

The PAIA manual

Promotion of Equality and Prevention of Unfair Discrimination Act, 4 of 2000

Grievance logged and outcome

Protection of Personal Information Act, 4 of 2013

·   POPIA operating contract

·   Data transfer agreement

·   Privacy Notice

Regulation of Interception of Communications and Provision of Communication-related Information Act, 70 of 2002

·   Mobile policy

·   Employee ID and proof of address

·   SIM card number

·   IME number

·   Cellphone number

Short-term Insurance Act, 53 of 1998

·   Original NaTIS documents

·   Settlement letters

·   Agreements of loss

·   Proof of payment

·   Rejection letters

Skills Development Act, 97 of 1998

·   Sector Education and Training Authority (SETA) reports (no unique identifiers).

·   Learning history reports.

·   Skills development levies.

·   Certificates of completion.

UK Bribery Act

·   Personal information of directors

·   Financial statements

·   Tax returns

·   Other documents relating to tax or invoices  

·   Accounting records

·   Auditor reports

·   Banking records

·   Bank statements

·   Electronic banking records

·   Asset registers

·   Financial agreements

Value-added Tax Act, 89 of 1991

·   Invoices.

·   Tax invoices.

·   Credit notes.

·   Debit notes.

·   Bank statements.

·   Deposit slips.

·   Stock lists.

·   Paid cheques relating thereto (no longer relevant since 30 December 2020)

Subjects on which a body holds records

Categories of records

Strategy, plans and proposals

Annual reports, strategic plans and annual performance plans.

Human resources

·   HR policies and procedures.

·   Employee records.

·   Advertised posts.

·   Updates to employee records.

·   Onboarding and offboarding of employees.

·   Internal- and external-candidate records.

·   Psychometric assessment information.

·   Leave records.

·   Tax.

·   Additional earnings.

·   Additional deductions.

·   Third-party deductions (retirement funds, etc).

·   Performance management.

·   Bursary information.

·   Educational assistance.

·   Labour relations information.

·   Training records.

Shareholders

·  Share registers

·  Cash and script holdings

·  Tax reporting

·  Shareholder statements

Suppliers

·  Supplier profile

·  Supplier invoices

Occupational health and safety

·  OHS policies, procedures and guidelines.

Data subject categories

Personal information that may be processed

Shareholders

Names, addresses, identity numbers, registration numbers, employment status, BBBEE information and banking details, income tax numbers, email addresses, telephone and cellphone numbers, physical addresses, postal addresses, disability, veteran status, and gender.

Service providers

Names, registration numbers, VAT numbers, addresses, and banking details.

Employees

Names, surnames, addresses and contact details, qualifications and professional registrations, CVs, tax information, marital status, gender, disability status, citizenship, race, banking details, identity numbers, next of kin, beneficiaries and benefit selections, training records, leave, and Covid-19 information.

Pensioners

Names, surnames, identity numbers, accounting information and medical aid details.

Suppliers

Names, addresses, company registration numbers, tax numbers, PAYE numbers, banking details, and contact details.

Clients

Names, surnames, addresses, registration or identity numbers, employment status, and banking details.

Category of personal information

Recipients or categories of recipients to whom personal information may be given

Identity numbers, fingerprints and names for criminal checks.

South African Police Service

Qualifications for qualification verifications

South African Qualifications Authority

Credit and payment history for credit information

Shareholders contact details only

Credit bureaus

Tracing shareholders

Tracing agent

Shareholder information

Ince (to run virtual shareholder meetings)

BBBEE (shareholders and suppliers)

BBBEE assessment or verification agency

Employee names, identity numbers and demographics.

SETA (for programmes)

Employee names and identity numbers

FAIS and OHS training providers

·   Suppliers

·   Credit checks

·   Media screening

·   Sanctions checks

·   Experian 

·   Dow Jones

·   World check

Identity number, names, psychometric test scores and reports, employee numbers, contact details, employment dates, performance history, industrial relations information, union membership fees, statutory requirements (including tax) and salary information.

·   Old Mutual (retirement fund).

·   Medscheme (medical aid).

·   Safrican (funeral fund).

·   Alexander Forbes (Defined-benefit Pension Fund – closed scheme).

·   Department of Employment and Labour (UIF).

·   South African Revenue Service (PAYE, SDL, UIF).

·   Commission for Conciliation, Mediation and Arbitration (labour relations).

·   Psychometric-assessment suppliers.

·   Reference checks for former employees.

·   South African Society of Bank Officials (Sasbo union).

·   YES office and implementation partners.

·   Holsboer resorts and timeshare.

Identity numbers, names and facial biometrics.

Department of Home Affairs

Corporate Saver agent information

·   Legal Practitioners Fidelity Fund

·   Legal Practice Council

·   Office of the Master of the High Court

·   FSCA

·   Estate Agencies Affairs Board

Client information

SARB

Identity numbers, names and surnames, physical and email addresses, payslips, medical records, and contact numbers.

·   Corporate Industrial and Risk consultants.

·   Compensation Commissioner.

·   Department of Employment and Labour.

·   Department of Health.

·   ER24 and medical facilities.

·   Compliance Safety (Pty) Ltd (COMSAF).

Identity numbers and names for criminal checks

South African Police Service

Qualification verifications

South African Qualifications Authority

Credit and payment history for credit information

Credit bureaus

Names, identity numbers, and qualifications.

·   Compliance Institute Southern Africa

·   Khulisane Academy