Privacy Policy

Updated: 20 April 2026

POPI POLICY STATEMENT AND MANUAL

This is of Protection of Personal, Information and the Retention of Documents for the Beekman Group and all its subsidiaries and divisions (hereinafter referred to as the “BEEKMAN GROUP”).

INDEX

  1. Introduction
  2. Background and Purpose
  3. Personal Information Collected
  4. The Use of Personal Information
  5. Disclosure of Personal Information
  6. Safeguarding Personal Information
  7. Correction of Personal Information
  8. Amendment to this Policy
  9. Access to Documents
  10. Request for Beekman Group Information
  11. Beekman Group Information Process Flow
  12. Retention of Documents
  13. Destruction of Documents
    Annexure A
    Annexure B

Protection of personal information in terms of the Protection of Personal Information Act 4 of 2013

1. INTRODUCTION

The BEEKMAN GROUP is a leading leisure property development, management and services group operating in South Africa under a number of brands, including The Holiday Club®, Beekman Managed Portfolio®, iExchange®, Anytime Holidays® and Vacation Management Services with 70 000 members and owners and a staff complement of 1 100 (the “clients”). This requires the BEEKMAN GROUP to collect, collate, store and disseminate a vast amount of personal information on a daily basis, obliging the BEEKMAN GROUP to comply with the Protection of Personal Information Act 4 of 2013 (“POPI”).

POPI requires the BEEKMAN GROUP to inform their clients as to the manner in which their personal information is used, disclosed and destroyed. The BEEKMAN GROUP is commitment to protecting its client’s privacy and ensuring that their personal information is used appropriately, transparently, securely and in accordance with applicable laws. This Policy sets out the manner in which the BEEKMAN GROUP deals with their client’s personal information as well as stipulates the purpose for which said information is used.

The Policy is made available on the BEEKMAN GROUP website www.beekmangroup.com and by request from the Group head office.

The Policy is drafted in conjunction with the National Credit Act 34 of 2005, and the Consumer Protection Act 68 of 2008.

2. BACKGROUND AND PURPOSE

What is the purpose of POPI?

The aim of POPI is to ensure the right of South African citizens to the privacy of personal information and to regulate all organisations that collect, store and disseminate personal information.

Personal information may only be processed if the process meets the conditions of the Act. There are eight distinct conditions which organisations need to meet to be acting lawfully:

  • Accountability
  • Processing limitation
  • Purpose specification
  • Use limitation
  • Information quality
  • Openness
  • Security safeguards
  • Individual/data subject participation

What is “personal information”?

Personal information means any information relating to an identifiable natural person (and existing juristic persons where applicable), including information relating to:

  • Race, gender, sex, pregnancy, marital status, mental health, well-being, disability, religion, belief, culture, language and birth
  • Education, medical, financial, criminal or employment
  • Identity number, electronic and physical addresses, telephone numbers and on-line identifiers
  • Biometric information
  • Personal opinions, views or preferences
  • Correspondence sent by a person implicitly or explicitly of a personal nature or confidential

An organisation may not process the personal information of a child (under 18) unless the processing:

  • Is carried out with the consent of the legal guardian
  • Is necessary to establish, exercise or defence of a right or obligation in law (?)
  • Is necessary for historical, statistical or research purposes
  • Is information that is deliberately been made public by the child with the consent of the guardian

What is processing personal information?

Processing means any operation or activity, or set of activities, by automatic means or otherwise, including:

  • Collecting, receiving, recording, collating, storing, updating, modifying, retrieving or use
  • Disseminating by means of transmission, distribution or any other means
  • Merging, linking, restricting, erasing or destructing

of information.

Who must comply?

All public and private bodies must comply.

What does compliance mean?

a) Accountability:

Organisations must assign responsibility to ensure compliance with POPI to a suitable person.

Each organisation has an “information officer”. This will be the same person who has been appointed by the organisation as head in terms of the Promotion of Access to Information Act, ie the CEO or equivalent.

The information officer, together with an executive team/board, should decide on and record the POPI policy and procedure.

The information officer must appoint a “data controller” or a number of data controllers who decide

  • the purpose of the data processing
  • the way the personal information should be processed

The data controllers should be management who execute the POPI policy and procedure.

“Data processor/s” perform the processing administration/function (eg data capturing etc).

b) Processing limitation

Personal information may only be processed if it is:

  • adequate, relevant and necessary for the purpose for which it is processed
  • with the consent of the data subject
  • necessary for the contract to which the data subject is party
  • necessary for the protection of a legitimate interest of the data subject
  • required by law
  • necessary to pursue the legitimate interest of the organisation
  • collected directly from the data subject, except in certain circumstances (eg in public domain or to do so would defeat the purpose for collecting and processing)

“Consent” must be:

  • voluntary
  • specific
  • informed

Informed consent requires that the data subject understand:

  • what information is being collected/processed
  • why the information is being processed
  • how the information is be processed
  • where the information is being processed
  • to whom the information is intended to be given

c) Purpose specification

The data subject must be made aware of the purpose for which the information is being collected (“identified purpose”). This is necessary for giving consent (see above).

d) Use limitation

Information/records may only be kept for as long as it is necessary to achieve the identified purpose. There are some statutory record keeping periods which may exceed this. After this retention period the responsible person must delete or destroy such information as soon as reasonably possible.

If the purpose changes (eg something else occurs that could use the same information again for this alternative purpose), it may be necessary to inform the data subject and get consent again.

e) Information quality

Information must be as accurate as possible, complete and updated if necessary.

Information must be available to the data subject to verify/object to the accuracy thereof.

f) Openness

The Organisation must take reasonable practical steps to ensure that the data subject is aware of what personal information is being collected, stored and used, whether or not collected directly from the data subject.

g) Security safeguards

The organisation must secure the integrity and confidentiality of personal information und must take appropriate technical/organisational measure to prevent:

  • the loss of or damage to personal information
  • the unlawful access to or processing of personal information

To do this, the organisation must:

  • identify all reasonable foreseeable internal and external risks to personal information held
  • establish and maintain appropriate reasonable safeguards against the risks
  • monitor the safeguards and regularly verify safeguards are effective
  • ensure safeguards are updated to respond to new risks or deficiencies in previous safeguards

The data controllers and data processors must operate under his/her authority from the information officer and treat all personal information as confidential. This should be in writing.

Where there are reasonable grounds for suspecting a breach of data security, the responsible person must notify the Regulator and the data subject (if known).

h) Data subject participation

Any person who can positively identify themselves is entitled to access their own personal information.

A data subject has the right to correct or amend any of their personal information that may be inaccurate, misleading or out of date.

What steps should be taken to comply?

a) An audit should be conducted of the following:

  • what personal information is held?
  • where the personal information is being held?
  • by whom is the personal information being held?

b) Establish what personal information is being collected in one place and being transferred to another.

c) Review website and other privacy statement.

d) Review website and other privacy statement.

e) Review IT outsourcing contracts and arrangements.

f) Review data collecting activities (completion of forms etc).

g) Appoint an information officer for POPI and PAIA purposes.

Details of Information Officer and Head Office

The details of the BEEKMAN GROUP’S Information Officer and Head Office are as follows:

Information Officer:
Cindy-Jane Allan
Telephone Number (039) 688 5000
Email Address popi@beekmangroup.com

Deputy Information Officer:
Ayanda Sibiya
Telephone Number (039) 688 5086
Email address popi@beekmangroup.com

Head Office Details:
Beekman House
3 Daly Street, Port Shepstone, 4240
Telephone (039) 688 5000
Postal Private Bag 702, Port Shepstone, 4240

3. PERSONAL INFORMATION COLLECTED

Section 9 of POPI states that “Personal Information may only be processed if, given the purpose for which it is processed, it is adequate, relevant and not excessive.”

The Beekman Group collects and processes client’s personal information pertaining to the client’s leisure requirements and preferences, including financial obligations to the Group. The type of information will depend on the need for which it is collected and will be processed for that purpose only. Whenever possible, the Beekman Group will inform the client as to the information required and the information deemed optional.

BEEKMAN GROUP also collects and processes the client’s personal information for marketing purposes in order to ensure that our products and services remain relevant to our clients and potential clients.

BEEKMAN GROUP aims to have agreements in place with all product suppliers and third party service providers to ensure a mutual understanding with regard to the protection of the client’s personal information. BEEKMAN GROUP suppliers will be subject to the same regulations as applicable to BEEKMAN GROUP.

With the client’s consent, BEEKMAN GROUP may also supplement the information provided with information BEEKMAN GROUP receives from other providers in order to offer a more consistent and personalized experience in the client’s interaction with BEEKMAN GROUP. For purposes of this Policy, clients include potential and existing clients.

4. THE USE OF PERSONAL INFORMATION

The Client’s Personal Information will only be used for the purpose for which it was collected and as agreed. This may include:

4.1 Providing products or services to clients and to carry out the transactions requested;

4.2 Assessing and processing reservations and exchanges;

4.3 Confirming, verifying and updating client details;

4.4 For purposes of reservation and exchange history;

4.5 Conducting market or customer satisfaction research;

4.6 For audit and record keeping purposes;

4.7 In connection with legal proceedings;

4.8 Providing BEEKMAN GROUP services to clients, to render the services requested and to maintain and constantly improve the relationship;

4.9 Providing communication in respect of BEEKMAN GROUP and regulatory matters that may affect clients; and

4.10 In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law.

4.11 According to section 10 of POPI, personal information may only be processed if certain conditions, listed below, are met along with supporting information for BEEKMAN GROUP processing of Personal Information:

  • The client’s consents to the processing: – consent is obtained from clients during the introductory, appointment and needs analysis stage of the relationship;
  • The necessity of processing: in order to conduct an accurate analysis of the client’s needs for purposes of amongst other credit limits, insurance requirements, etcetera.
  • Processing complies with an obligation imposed by law on BEEKMAN GROUP;
  • The National Credit Act requires a Credit Provider’s to conduct an affordability assessment;
  • Processing protects a legitimate interest of the client
  • Processing is necessary for pursuing the legitimate interests of BEEKMAN GROUP or of a third party to whom information is supplied – in order to provide BEEKMAN GROUP clients with products and or services both BEEKMAN GROUP and any of our product suppliers require certain personal information from the clients in order to make an expert decision on the unique and specific product and or service required.

5. DISCLOSURE OF PERSONAL INFORMATION

5.1 The BEEKMAN GROUP may disclose a client’s personal information to any of the BEEKMAN GROUP subsidiaries, joint venture companies and or approved product supplier or third party service providers whose services or products clients elect to use. BEEKMAN GROUP has agreements in place to ensure compliance with confidentiality and privacy conditions.

5.2 The BEEKMAN GROUP may also share client personal information with, and obtain information about clients from third parties for the reasons already discussed above.

5.3 The BEEKMAN GROUP may also disclose a client’s information where it has a duty or a right to disclose in terms of applicable legislation, the law, or where it may be deemed necessary in order to protect BEEKMAN GROUP rights.

5.4 All employees have a duty of confidentiality in relation to the BEEKMAN GROUP and clients.

5.5 Information on clients: Our clients’ right to confidentiality is protected in the Constitution and in terms of the Law. Information may be given to a 3rd party if the client has consented in writing to that person receiving the information.

5.6 The BEEKMAN GROUP views any contravention of this policy very seriously and employees who are guilty of contravening the policy will be subject to disciplinary procedures, which may lead to the dismissal of any guilty party.

6. SAFEGUARDING PERSONAL INFORMATION

6.1 It is a requirement of POPI to adequately protect personal information. The BEEKMAN GROUP will continuously review its security controls and processes to ensure that personal Information is secure, protected against unauthorized access, disclosure, alteration, and destruction, and is handled in compliance with applicable data protection legislation.

6.2 The BEEKMAN GROUP Information Officer is Cindy-Jane Allan whose details are available below and who is responsible for the compliance with the conditions of the lawful processing of personal information and other provisions of POPI. She is assisted by Ayanda Sibiya who will function as the Group’s Deputy Information Officer.

6.3 This policy has been put in place throughout the BEEKMAN GROUP and training on this policy and the POPI Act has already taken place and will be conducted during 2019 by the BEEKMAN GROUP.

6.4 Each new employee will be required to sign an Employment Contract containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI;

6.5 Every employee currently employed within the BEEKMAN GROUP will be required to sign an addendum to their Employment Contracts containing relevant consent clauses for the use and storage of employee information, or any other action so required, in terms of POPI;

6.6 BEEKMAN GROUP archived client information is stored off site at a secured location which is also governed by POPI, access to retrieve information is limited to authorized personal.

6.7 BEEKMAN GROUP product suppliers, insurers and other third party service providers will be required to sign a service level agreement guaranteeing their commitment to the Protection of Personal Information; this is however a ongoing process that will be evaluated as needed.

6.8 All electronic files or data are backed up on a secured server/s which is also responsible for system security that protects third party access and physical threats. The IT Division is responsible for Electronic Information Security;

7. CORRECTION OF PERSONAL INFORMATION

Clients have the right to access the personal information the BEEKMAN GROUP holds about them. Clients also have the right to ask the BEEKMAN GROUP to update, correct or delete their personal information on reasonable grounds. Once a client objects to the processing of their personal information, the BEEKMAN GROUP may no longer process said personal information. The BEEKMAN GROUP will take all reasonable steps to confirm its clients’ identity before providing details of their personal information or making changes to their personal information.

8. AMENDMENTS TO THIS POLICY

Amendments to, or a review of this Policy, will take place on an ad hoc basis or at least once a year. Clients are advised to access the BEEKMAN GROUP’S website periodically to keep abreast of any changes. Where material changes take place, clients will be notified directly or changes will be stipulated on the BEEKMAN GROUP website.

9. ACCESS TO DOCUMENTS

All Company and client information must be dealt with in the strictest confidence and may only be disclosed, without fear of redress, in the following circumstances:

9.1 where disclosure is under compulsion of law;

9.2 where there is a duty to the public to disclose;

9.3 where the interests of the Company require disclosure;

9.4 and where disclosure is made with the express or implied consent of the client.

10. REQUESTS FOR BEEKMAN GROUP INFORMATION:

10.1 These are dealt with in terms of the Promotion of Access to Information Act, 2 of 2000 (“PAIA”), which gives effect to the constitutional right of access to information held by the State or any person (natural and juristic) that is required for the exercise or protection of rights. Private bodies, like the BEEKMAN GROUP, must however refuse access to records if disclosure would constitute an action for breach of the duty of secrecy owed to a third party.

10.2 In terms hereof, requests must be made in writing on the prescribed form to the Information Officer in terms of PAIA. The requesting party has to state the reason for wanting the information and has to pay a prescribed fee.

10.3 The BEEKMAN GROUP’s manuals in terms of PAIA, which contains the prescribed forms and details of prescribed fees, is available on the intranet and the BEEKMAN GROUP website http://www.beekmangrop.com.

10.4 Confidential company and/or business information of the BEEKMAN GROUP may not be disclosed to third parties as this could constitute industrial espionage. The affairs of the BEEKMAN GROUP must be kept strictly confidential at all times.

11. BEEKMAN GROUP INFORMATION PROCESS FLOW

The collection, storage, access and dissemination of personal information is set out in Annexure A.

12. RETENTION OF DOCUMENTS

12.1 Hard Copy

The statutory periods for the retention of documents is set out in Annexure B.

12.2 Electronic Storage

12.2.1 The internal procedure requires that electronic storage of information: important documents and information must be referred to and discussed with IT who will arrange for the indexing, storage and retrieval thereof. This will be done in conjunction with the departments concerned.

12.2.2 Scanned documents: If documents are scanned, the hard copy must be retained for as long as the information is used or for 1 year after the date of scanning, with the exception of documents pertaining to personnel. Any document containing information on the written particulars of an employee, including: employee’s name and occupation, time worked by each employee, remuneration and date of birth of an employee under the age of 18 years; must be retained for a period of 3 years after termination of employment.

12.2.3 Section 51 of the Electronic Communications Act No 25 of 2005 requires that personal information and the purpose for which the data was collected must be kept by the person who electronically requests, collects, collates, processes or stores the information and a record of any third party to whom the information was disclosed must be retained for a period of 1 year or for as long as the information is used. It is also required that all personal information which has become obsolete must be destroyed.

13. DESTRUCTION OF DOCUMENTS

13.1 Documents may be destroyed after the termination of the retention period specified in Annexure “A” hereto. Registration will request departments to attend to the destruction of their documents and these requests shall be attended to as soon as possible.

13.2 Each department is responsible for attending to the destruction of its documents, which must be done on a regular basis. Files must be checked in order to make sure that they may be destroyed and also to ascertain if there are important original documents in the file. Original documents must be returned to the holder thereof, failing which, they should be retained by the Company pending such return.

13.3 After completion of the process in 6.2 above, the General Manager of the department shall, in writing, authorise the removal and destruction of the documents in the authorisation document. These records will be retained by Registration.

13.4 The documents are then made available for collection by the removers of the Company’s documents, who also ensure that the documents are shredded before disposal. This also helps to ensure confidentiality of information.

13.5 Documents may also be stored off-site, in storage facilities approved by the Company.

Annexure A

Download Annexure A

Annexure B

12. RETENTION OF DOCUMENTS

12.1 Hard Copies

Documents are stored in an archive different location.

12.1.1 Companies Act, No 71 of 2008:

– With regard to the Companies Act, No 71 of 2008 and the Companies Amendment Act No 3 of 2011, hard copies of the documents mentioned below must be retained for 7 years:

  • Any documents, accounts, books, writing, records or other information that a company is required to keep in terms of the Act;
  • Notice and minutes of all shareholders meeting, including resolutions adopted and documents made available to holders of securities;
  • Copies of reports presented at the annual general meeting of the company;
  • Copies of annual financial statements required by the Act;
  • Copies of accounting records as required by the Act;
  • Record of directors and past directors, after the director has retired from the company;
  • Written communication to holders of securities and
  • Minutes and resolutions of directors’ meetings, audit committee and directors’ Committees

– Copies of the documents mentioned below must be retained indefinitely:

  • Registration certificate;
  • Memorandum of Incorporation and alterations and amendments;
  • Rules;
  • Securities register and uncertified securities register;
  • Register of company secretary and auditors and

12.1.2 National Credit Act, No 34 of 2005:

The National Credit Act aims to promote a fair and transparent credit industry which requires the retention of certain documents for a specified period. Retention for 3 years from the earliest of the dates of which the registrant created, signed or received the document or from the date of termination of the agreement or in the case of an application for credit that is refused or not granted for any reason, from the date of receipt of the application which applies to the documents mentioned below:

Regulation 55(1)(b):

  • Records of registered activities such as an application for credit declined;
  • Reason for the decline of the application for credit;
  • Pre-agreement statements and quotes;
  • Documentation in support of steps taken in terms of section 81(2) of the Act;
  • Record of payments made;
  • Documentation in support of steps taken after default by consumer.

Regulation 55(1)(c) in respect of operations:

  • Record of income, expenses and cash flow;
  • Credit transaction flows;
  • Management accounts and financial statements.

Regulation 55(1)(d) with regard to the Credit Bureau:

  • All documents relating to disputes, inclusive of but not limited to, documents from the consumer;
  • Documents from the entity responsible for disputed information;
  • Documents pertaining to the investigation of the dispute;
  • Correspondence addressed to and received from sources of information as set out in section 70(2) of the Act and Regulation 18(7) pertaining to the issues of the disputed information.

Regulation 55(1)(a) with regard to Debt Counsellors:

  • Application for debt review;
  • Copies of all documents submitted by the consumer;
  • Copy of rejection letter;
  • Debt restructuring proposal;
  • Copy of any order made by the tribunal and/or the court and a copy of the clearance certificate.

Regulation 56 with regard to section 170 of the Act:

  • Application for credit;
  • Credit agreement entered into with the consumer.

Regulation 17(1) with regard to Credit Bureau information:

Documents with a required retention period of the earlier of 10 years or a rehabilitation order being granted:

  • Sequestrations
  • Administration orders.

Documents with a required retention period of 5 years:

  • Rehabilitation orders – Payment profile.

Documents with a required retention period of the earlier of 5 years or until judgment is rescinded by a court or abandoned by the credit provider in terms of section 86 of the Magistrate’s Court Act No 32 of 1944:

  • Civil Court Judgments

Documents with a required retention period of 2 years:

  • Enquiries.

Documents with a required retention period of 1.5 years:

  • Details and results of disputes lodged by the consumers.

Documents with a required retention period of 1 year:

  • Adverse information.

Documents with an unlimited required retention period:

  • Liquidation.

Documents required to be retained until a clearance certificate is issued:

  • Debt restructuring

12.1.3 Consumer Protection Act, No 68 of 2008:

– The Consumer Protection Act seeks to promote a fair, accessible and sustainable market place and therefore requires a retention period of 3 years for information provided to a consumer by an intermediary such as:

  • Full names, physical address, postal address and contact details;
  • ID number and registration number;
  • Contact details of public officer in case of a juristic person;
  • Products delivered and service rendered;
  • Cost to be recovered from the consumer;
  • Frequency of accounting to the consumer;
  • Amounts, sums, values, charges, fees, remuneration specified in monetary terms;
  • Conducting a promotional competition refer to Section 36(11)(b) and Regulation 11 of Promotional Competitions;
  • Documents Section 45 and Regulation 31 for Auctions.

12.1.4 Compensation for Occupational Injuries and Diseases Act, No 130 of 1993:

– Section 81(1) and (2) of the Compensation for Occupational Injuries and Diseases Act requires a retention period of 4 years for the documents mentioned below:

  • Register, record or reproduction of the earnings, time worked, payment for piece work and overtime and other prescribed particulars of all the employees.

– Section 20(2) documents with a required retention period of 3 years:

  • Health and safety committee recommendations made to an employer in terms of issues affecting the health of employees and of any report made to an inspector in terms of the recommendation;
  • Records of incidents reported at work.

12.1.5 Basic Conditions of Employment Act, No 75 of 1997:

– The Basic Conditions of Employment Act requires a retention period of 3 years for the documents mentioned below:

  • Section 29(4):

– Written particulars of an employee after termination of employment;

  • Section 31:

– Employee’s name and occupation;

– Time worked by each employee;

– Remuneration paid to each employee;

– Date of birth of any employee under the age of 18 years.

12.1.6 Employment Equity Act, No 55 of 1998:

– Section 26 and the General Administrative Regulations, 2009, Regulation 3(2) requires a retention period of 3 years for the documents mentioned below:

  • Records in respect of the company’s workforce, employment equity plan and other records relevant to compliance with the Act;

– Section 21 and Regulations 4(10) and (11) require a retention period of 3 years for the report Beekman Group is sent to the Director General as indicated in the Act.

12.1.7 Labour Relations Act, No 66 of 1995:

– Sections 99, 205(3), Schedule 8 of Section 5 and Schedule 3 of Section 8(a) require an indefinite retention period for the documents mentioned below:

  • An employer must retain prescribed details of any strike action involving its employees;
  • Records of each employee specifying the nature of any disciplinary transgressions, the actions taken by the employer and the reasons for the actions;

12.1.8 Unemployment Insurance Act, No 63 of 2002:

– The Unemployment Insurance Act, applies to all employees and employers except:

  • Workers working less than 24 hours per month;
  • Learners;
  • Foreigners working on a contract basis;
  • Workers who get a monthly State (old age) pension;
  • Workers who only earn commission.

– Section 56(2)(c) requires a retention period of 5 years, from the date of submission, for the documents mentioned below:

  • Employers must retain personal records of each of their current employees in terms of their names, identification number, monthly remuneration and address where the employee is employed.

12.1.9 Tax Administration Act, No 28 of 2011:

– Section 29 of the Tax Administration Act, states that records of documents must be retained to:

  • Enable a person to observe the requirements of the Act;
  • Are specifically required under a Tax Act by the Commissioner by the public notice; • Will enable SARS to be satisfied that the person has observed these requirements.

– Section 29(3)(a) requires a retention period of 5 years, from the date of submission for taxpayers that have submitted a return and an indefinite retention period, until the return is submitted, then a 5 year period applies for taxpayers who were meant to submit a return.

– Section 29(3)(b) requires a retention period of 5 years from the end of the relevant tax period for taxpayers who were not required to submit a return, but had capital gains/losses or engaged in any other activity that is subject to tax or would be subject to tax but for the application of a threshold or exemption.

– Section 32(a) and (b) require a retention period of 5 years but records must be retained until the audit is concluded or the assessment or decision becomes final, for documents indicating that a person has been notified or is aware that the records are subject to an audit or investigation and the person who has lodged an objection or appeal against an assessment or decision under the TAA.

12.1.10 Income Tax Act, No 58 of 1962:

– Schedule 4, paragraph 14(1)(a)-(d) of the Income Tax Act requires a retention period of 5 years from the date of submission for documents pertaining to each employee that the employer shall keep:

  • Amount of remuneration paid or due by him to the employee;
  • The amount of employees tax deducted or withheld from the remuneration paid or due;
  • The income tax reference number of that employee;
  • Any further prescribed information;
  • Employer Reconciliation return.

– Schedule 6, paragraph 14(a)-(d) requires a retention period of 5 years from the date of submission or 5 years from the end of the relevant tax year, depending on the type of transaction for documents pertaining to:

  • Amounts received by that registered micro business during a year of assessment;
  • Dividends declared by that registered micro business during a year of assessment;
  • Each asset as at the end of a year of assessment with cost price of more than R 10 000;
  • Each liability as at the end of a year of assessment that exceeded R 10 000.

12.1.11 Value Added Tax Act, No 89 of 1991:

– Section 15(9), 16(2) and 55(1)(a) of the Value Added Tax Act and Interpretation Note 31, 30 March requires a retention period of 5 years from the date of submission of the return for the documents mentioned below:

  • Where a vendor’s basis of accounting is changed the vendor shall prepare lists of debtors and creditors showing the amounts owing to the creditors at the end of the tax period immediately preceding the changeover period;
  • Importation of goods, bill of entry, other documents prescribed by the Custom and Excise Act and proof that the VAT charge has been paid to SARS;
  • Vendors are obliged to retain records of all goods and services, rate of tax applicable to the supply, list of suppliers or agents, invoices and tax invoices, credit and debit notes, bank statements, deposit slips, stock lists and paid cheques;
  • Documentary proof substantiating the zero rating of supplies;
  • Where a tax invoice, credit or debit note, has been issued in relation to a supply by an agent or a bill of entry as described in the Customs and Excise Act, the agent shall maintain sufficient records to enable the name, address and VAT registration number of the principal to be ascertained.