(in accordance with section 51 of the Promotion of Access to Information Act No. 2 of 2000)

    1.1 Purpose of the PAIA Manual

    Section 51 of the PAIA requires a Private Body to compile an Access to Information Manual (“Manual”) which sets out the procedure and requirements to be adhered to in seeking to obtain access to information held by that Private Body.  The objective of the Act as amended by section 110 of PoPIA is to give effect to the constitutional right of access to information outlined in section 32 of the Constitution of the Republic of South Africa.  

    The purpose of this Manual is to outline:

    • a non-exhaustive list of the type and categories of records held by Vodacom (Pty) Ltd (“Vodacom”); including categories of records available without having to submit a formal PAIA request;
    • the process to submit requests for access to information;
    • the grounds for refusal of access to information;
    • descriptions of records which are available in accordance with any other legislation;
    • relevant contact details of the Information Officer and Deputy Information Officer;
    • description of the guide on how to use PAIA, as updated by the Regulator and how to obtain access to it; and
    • the Processing of Personal Information in terms of POPIA.

    1.2 Contact Details for Access to Information

    1.2.1 Information Officer Details

    Company Registration: Vodacom (Pty) Ltd             


    Chief Executive Officer/Information Officer

    Sitho Mdlalose

    Deputy Information Officer

    Mamoneuwa Maduna

    Street Address

    082 Vodacom Boulevard, Vodacom Valley, Midrand, 1685                                                           

    Postal Address

    Private Bag X9904, Sandton, 2146


    011 653 5734



    E mail

    [email protected]


    1.2.2 Contact Details for Access to Information

    In order to ensure that Vodacom complies with PAIA and PoPIA, the following entry points have been designated for access to information requests:

    • Are you requesting a record or description of your Personal Information held by Vodacom?

    Before submitting an access request relating to your own Personal Information, we urge any Data Subject who is a current customer of Vodacom to consider whether other mechanisms for receiving their information are available. All Vodacom customers  are allowed to access their own product/service-related information (which may also include Personal Information) without lodging a formal access request in terms of paragraph 6 below (subject to providing the requisite proof of identification). The information a customer has access to includes, but is not limited to:

    • Products/service information;
    • Personal details related to product/service registration;
    • Account details;
    • Detailed data usage; and/or
    • Bill information

    As a current customer,  please consider using the Vodacom App/VodaPay App to view all your product related information or contact our various customer service channels published on our website at https://help.vodacom.co.za/personal/contactus

    Please note that, where applicable,  there may be reproduction costs associated with retrieval of information records.  You will be informed if such costs apply to your request.

    Please note: Itemised billing is only available for the last 90 days.  Any itemised billing requests outside this time frame constitutes call data records which is only available through the PAIA application from the Law Enforcement Agency (LEA) department [please see details in par 1.2.2(b)].

    Physical Address

    082 Vodacom Boulevard,

    Vodacom Valley, Midrand, 1685                                                            

    Postal Address

    Vodacom Customer Care

    Private Bag X9904, Sandton, 2146


    (082) 135

    E mail

    [email protected]


    • Are you requesting information belonging to another person or any other records that are not classified as your own Personal Information?

    In order to request other records that are not classified as your own Personal Information or Call Data Records, please contact Vodacom Legal Enforcement Agency (LEA) using the details outlined below. Please follow the Request Procedure outlined in paragraph 6 below.

    Physical Address

    Vodacom Law Enforcement Agency (LEA), 082 Vodacom Boulevard, Vodacom Valley, Midrand, 1685

    Postal Address

    Vodacom Law Enforcement Agency (LEA), Private Bag X9904, Sandton, 2146


    Standby nr

    087 289 6450 / 087 289 3501

    082 537 6618

    E mail

    [email protected]

    1.3 Availability of the Manual

    A copy of the Manual is available:

    A fee for a copy of the Manual, shall be payable per each A4-size photocopy made in line with prescribed fee outlined in paragraph 7.

    Vodacom will on a regular basis update this manual, and the updated Manual will be published on the website.

    The Information Regulator (“Regulator”) has in terms of section 10(1) of PAIA, as amended, updated and made available the revised PAIA Guide (“Guide”) which provides information and guidance that is needed by any person who wishes to exercise any right contemplated in the PAIA and POPIA.

    The Guide has been published in 10 official  languages on the Regulator's website on https://inforegulator.org.za/training/wp/paia-guidelines/

    Members of the public can also inspect or make copies of the Guide from the offices of Vodacom (see address in 1.2.1) by contacting the Deputy Information Officer, any Vodacom shop, website of Vodacom, website or the office of the Regulator, during normal working hours. The English, isiZulu and Sesotho Guide has been published on the Vodacom website at https://www.vodacom.co.za/vodacom/privacypolicy/terms?icmp=Home/Footer/PrivacyPolicy#ae486950-tabs-vertical--item-wrapper-842007807-842007807


    Any questions or queries relating to the Guide published by the Information Regulator must be addressed to:

    Physical Address

    JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001.

    Postal Address

    P.O Box 31533, Braamfontein, Johannesburg, 2017


    010 023 5200



    E mail

    [email protected]


    The following words shall bear the same meaning as under PoPIA:

    3.1   “Data Subject” means the person to whom Personal Information relates.

    3.2   “Information Officer” means the Head of Vodacom, equivalent officer, duly authorised person or any person who is acting as such as contemplated in section 1 of the Act.

    3.3   “Minister” means the Minister of Justice and Correctional Services.

    3.4   “Personal Information” means information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person including:

    • information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
    • information relating to the education or the medical, financial, criminal or employment history of the person;
    • any identifying number, symbol, e-mail address, physical address, telephone number or other particular assignment to the person;
    • the blood type or any other biometric information of the person;
    • the personal opinions, views or preferences of the person;
    • correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
    • the views or opinions of another individual about the person; and
    • the name of the person if it appears with other Personal Information relating to the person or if the disclosure of the name itself would reveal information about the person.

    3.5   “Processing” means any operation or activity or any set of operations, whether or not by automatic means, concerning Personal Information, including:

    (a) the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use;

    (b) dissemination by means of transmission, distribution or making available in    any other form; or

    (c) merging, linking, as well as blocking, degradation, erasure or destruction of information.

    3.6   “Private body” means a natural person who carries or has carried on any trade, business or profession in that capacity, a partnership or juristic person.

    3.7    “Responsible party” means a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for Processing Personal Information.

    3.8     "Vodacom Group” means Vodacom Group Limited, registration number 1993/005461/06, a public company duly incorporated in accordance with the laws of the Republic of South Africa.

    3.9   “Requester” in relation to a private body means any person, including, but not limited to, a public body or an official thereof, making a request for access to a record of that private body or any person acting on behalf of that person.

    The categories of information listed are not exhaustive but are merely meant to give a broad indication of the information subject and categories held by Vodacom, without specification.  A category may therefore contain sub-categories and sub-sets of information, which are not specifically listed.

    4.1 Categories of records automatically available

    The following categories of information are automatically available without having to request access to these records. To access a list of records that are automatically available, please visit our ‘access information’ page at https://www.vodacom.co.za/vodacom/privacy-policy/terms?icmp=Home/Footer/PrivacyPolicy#ae486950-tabs-vertical--item-wrapper-842007807-842007807

    Description of category of records automatically available 

    Manner of access to records

    Website Link

    Product Information including terms and conditions

    Soft copy/website


    Media Releases, Published events

    Website/Soft copy



    Bid Advertisements

    Website/Soft copy


    Privacy Statements



    PAIA Manual and Guides

    Website/Soft Copy/Physical inspection


    Note: The Published Annual Reports and Financial Statements of Vodacom Group are automatically available and can be found at www.vodacom.com.

    4.2 Categories of records that are not readily available

    Each request for information will be dealt with on a case-by-case basis and the mere fact that a record is listed below does not mean that access to that record will be granted. Please note that the below list is not exhaustive.


    Categories of Records


    Board/Governance committee reports and meeting minutes

    Strategic Plan, Annual Performance Plan.

    Legal records not in the public domain

    Organisational structure and positions

    Internal Policies, Standards and Procedures

    Human Resources

    Employee and non-employee records (employment contracts, performance, payroll and remuneration, disciplinary, training, job application details, education, employee onboarding records.


    Contract/customer agreements

    Credit information

    Customer profile records

    Billing, monitoring customer data usage

    Call data records, SMS event records

    Loyalty Rewards

    Customer Interactions

    Call Centre Recordings

    Customer complaints, requests, and enquiries


    Records relating to the account holders (customer transactions, invoices, payment information, contracts, authentication records)


    Authentication, Physical and Digital Access control records

    Supply Chain Management

    Third party onboarding records

    Responses to tenders and contract records

    Records of agreements/contracts, Service level agreements (SLA’s), Invoice records

    Corporate Social Investment

    Funding applications and related records

    4.3 Description of the records which are available in accordance with any other legislation

    Please see Annexure B for a description of the records which are created as a result of legislation applicable to Vodacom. Please note that these records are not readily available, and the Requester must go through the process outlined in paragraph 1.2.2.

    Note: Please visit the Vodacom Privacy Policy on https://www.vodacom.co.za/vodacom/privacy-policy/terms?icmp=Home/Footer/PrivacyPolicy#ae486950-tabs-vertical--item-wrapper-763180282-763180282 for more detailed information on how Vodacom processes Personal Information of Data Subjects.

    5.1 Purpose of Processing Personal Information of Data Subjects by Vodacom

    Vodacom will process Personal Information of Data Subjects based on:

    • The performance of contract with the Data Subject or to enter into the contract and to take action on their requests. For example, to make calls and texts, and browse the internet on their phone, Vodacom process things like the numbers dialled, how much data was used and how it is used so that it can provide connectivity. This also enables Vodacom to generate Data Subject’s bills, based on their usage. Vodacom also needs to conduct credit checks when the Data Subjects apply for a product or service.
    • Vodacom's legitimate business interests, for example, fraud prevention, prevention of tax evasion and financial crime, maintaining the security of its network and services, direct marketing, and the improvement of services.
    • Protecting Data Subject’s legitimate interests - for example, providing notifications regarding network availability and performance in their area, notification of emergency services, and fraud prevention.
    • Compliance with a mandatory legal obligation, including for example, accounting and tax requirements, which are subject to strict internal policies, procedures, and Data Subject’s right to restrict usage of their Personal Information, which control the scope of legal assistance to be provided. Vodacom is also required to process Personal Information pursuant to legislation including but not limited to the Financial Intelligence Centre Act, 38 of 2001 (FICA), the Regulation of Interception of Communications and Provisions of Communication-related Information Act 70 of 2002 (RICA), the Electronic Communications and Transactions Act, 2002 (ECTA), the Electronic Communications Act, 2005 (ECA), the Consumer Protection Act, 2008 (CPA), the Promotion of Access to Information Act, 2000 (PAIA), and the Cybercrimes Act, 2020.
    • Data Subject consent where Vodacom does not rely on another legal basis (referred to above). Consent may be withdrawn at any time. When Data Subject give their consent, they will be given details on how to change their mind.

    The purpose for which Personal Information is processed by Vodacom will depend on the nature of the services or products being provided to the Data Subjects. Below are some purposes for Processing Personal Information:

    • to provide Data Subjects with product and services;
    • to bill Data Subjects for using Vodacom’s products and services, or to take the appropriate amount of credit;
    • contact Data Subjects if the billing information they provided with is about to expire or Vodacom is not able to take payment;
    • to respond to any questions or concerns about its network, products or services;
    • to provide roaming services;
    • for employment purposes;
    • managing third party relationships;
    • managing its networks and understanding network usage;
    • marketing and tailoring service to Data Subjects;
    • to contact Data Subjects with customer service messages to keep them updated with current information about products and services they have taken. For example, changes to our terms and conditions or service interruptions;
    • to deliver advertising to Data Subjects;
    • credit checks, fraud prevention and security;
    • to manage visits by different stakeholders to any Vodacom premises;
    • for research and analytics.

    5.2 Categories of Data Subjects and their Personal Information

    Vodacom holds information and records relating to the following Data Subjects. Please note that this list is non-exhaustive:

    a) employees /personnel of Vodacom;

    b) clients/customers of Vodacom;

    c) any third party and/or supplier with whom Vodacom conducts its business;

    d) contractors of Vodacom;

    e) partners and agents;

    f) service providers of Vodacom;

    (g) Requesters in terms of PAIA and POPIA.

    The categories of Personal Information that Vodacom processes of the Data Subjects defined below includes the following:

    • Full names, address, phone and/or mobile number, date of birth, gender, information about their property or household, and email address.
    • Credit or debit card information - information about bank account and other banking information. For example, when a Data Subject opens an account with Vodacom or process a payment whenever they make a purchase.
    • Traffic data - this is data Vodacom see as part of providing Data Subjects with connectivity, like the numbers they call, the time and duration of the call or how data is used.
    • Location data - this can be precise where it uses Global Positioning System (GPS) data or by identifying nearby mobile phone and Wi-Fi hotspots and the Data Subject enables location-based services or features. It can also be less precise where, for example, a location is derived from Data Subject’s IP address or data such as a post code or name of a town or city.
    • Correspondence - such as a note or recording of a call Data Subjects make to one of its contact centres, a Live Chat, an email or letter sent, or other records of any contact with Vodacom.
    • Account information - such as dates of payment owed or received, subscriptions, account numbers or other information related to an account or included in My Vodacom.
    • Credential information – Vodacom collects passwords, hints and similar security information used for authentication and access to accounts and services.
    • Preferences for particular products, services and lifestyle activities
    • Data sessions - to enable connection to be made and for billing purposes, fraud investigations, network and store planning, campaign planning, marketing specific products such as URL bundles, identify visits to competitor websites, and personalisation of services.
    • Photographs and images - when attending any of Vodacom’s events or functions or accessing premises with surveillance cameras.
    • Information obtained from other sources, such as credit agencies, fraud-prevention agencies, and from other data providers. This includes demographic data and interest-based data.

    5.3 The recipients or categories of recipients to whom the Personal Information may be supplied by Vodacom

    Vodacom may supply information or records of information to the following categories of recipients:

    a) its employees as part of executing its business functions;

    b) statutory oversight bodies, regulators (such as the Information Regulator), law enforcement agencies or judicial commissions of enquiry making a request for information;

    c) any court, administrative or judicial forum, arbitration, statutory commission, or ombudsman making a request for data or discovery in terms of the applicable rules;

    d) South African Revenue Services, or another similar authority;

    e) emergency Service Organisation (if the Data Subject make an emergency call), including their approximate location;

    f) anyone making a successful application for access in terms of PAIA, to the extent that such access is permitted in terms of PAIA, as amended by POPIA.;

    g) subject to the provisions of POPIA and the National Credit Act No. 34 of 2005, Vodacom may share information about a client’s creditworthiness with any credit bureau or credit providers;

    h) debt collection agencies or other debt-recovery organisations;

    i) any third party and/or supplier with whom Vodacom conducts its business;

    j) contractors of Vodacom;

    k) partners and agents;

    l) service providers of Vodacom;

    m) third-parties that we use to provide you with marketing and advertisements; and

    n) companies in the Vodacom and Vodafone Group.

    o) verification agencies for employment purposes

    5.4 Planned trans-border flows of Personal Information 

    Vodacom does transfer Personal Information of Data Subjects across the borders, including but not limited to countries in the European Union,  United States of America, United Kingdom, India, Australia and to the Vodafone and Vodacom group companies and/or authorised third parties beyond the borders of the countries to achieve a defined purpose. The defined purposes include the i) achievement of its business functions, ii) provision of products and services that the customer has requested,  iii) hosting or storage of some of its systems and infrastructure, iv) data warehousing activities and for the v) provision of centralised business activities within the Vodafone and Vodacom group of companies such as where we share technology and resources.

    Vodacom will only engage in the cross-border transfer of information if one of the following conditions are met and the transfer has been assessed and approved by the Deputy Information Officer:

    • The recipient is subject to existing legislation in his /her/it’s country, a binding corporate or binding agreement that provides an adequate level of protection for the personal information that is substantially similar to the data protection laws applicable to South Africa;
    • The Data Subject has consented to such cross-border transfer;
    • The transfer is necessary for the conclusion and/or performance of a contract between Vodacom and the Data Subject;
    • The transfer is necessary for the conclusion or performance of a contract entered into, in the interest of the Data Subject, between Vodacom and the relevant Vodacom Group company or the Authorised Third Party;
    • The transfer is to the benefit of the Data Subject and must take place in circumstances under which it is not reasonably possible to obtain the Data Subject’s consent and if it were reasonably possible to obtain such consent, the Data Subject would be likely to give it.

    The processing of Personal Information in a foreign jurisdiction may be subject to the laws of the country in which it is held, and may be subject to disclosure to the Governments, Courts of law, Enforcement or Regulatory Agencies of such other country, pursuant to the laws of such country. As a measure, Vodacom conducts Transfer Impact Assessments to assess the legislative framework that governs disclosures of information in jurisdictions where information is transferred and implements security and contractual measures to limit the risk exposure. However, where such disclosures are required, Vodacom will ensure the adequate protection of your Personal Information.

    5.5 General Description of Information Security Measures

    • Vodacom is committed to continuously implement security safeguards to protect Personal Information. For this reason, Vodacom has specialised security teams that constantly review and improve its measures to secure the integrity and confidentiality of Personal Information by taking appropriate, reasonable technical and organisational measures to protect it from unauthorised or unlawful access, accidental loss, damage, disclosure or destruction.
    • If Vodacom has an agreement with another organisation to provide services on its behalf, Vodacom will take reasonable steps to ensure that they have appropriate security measures in place that are substantially similar to the security measures implemented by Vodacom. These organisations will not be entitled to use Personal Information for their own purposes. If necessary, the security teams will conduct an audit on them to ensure they meet Vodacom’s security requirements.
    • Vodacom has implemented various information security measures such as, but not limited to:
      • Firewall and network endpoint protection;
      • Antivirus and Multifactor Authentication;
      • A dedicated support network of cyber security professionals;
      • Encryption and/or similar cryptographic technologies and techniques;
      • Access control methodologies based on user roles and security clearance levels;
      • Confidentiality protocols that apply to all internal documents and correspondence; and/or
      • Disaster Recovery and Business Continuity Management Protocols and Procedures

    6.1 Procedure to be followed by the Requester

    • A request for access to a record must be made in a prescribed Form 2 (Annexure A) to Vodacom at its address, fax number, or electronic email address outlined in paragraph 1.2.2. The form is available on request from Vodacom Customer Care or from the website on vodacom.co.za. The form is also available at https://www.vodacom.co.za/sites/vodacomcoza/files/media/documents/pdf/access-request-form.pdf
    • The Requester must provide sufficient information for identification purposes. Therefore, proof of identity is required to authenticate the Requester such as a certified copy of their identity document, driver’s license or passport.
    • If the request is made on behalf of another person, the Requester must provide proof of the capacity in which they are making the request and authorisation to make such request.
    • In instances where information or records pertaining to any of Vodacom's products (other than marketing information) is requested, the Requester must prove ownership of the MSISDN (Mobile Station International Subscriber Directory Number, i.e., the mobile phone number) to which the requested information or records relate. The Requester may also be required to provide further particulars to prove ownership or to provide an explanation why access to the identified records is required.

    A request which does not comply with the formalities contained in this Manual (including Forms not completed correctly) will be referred back to the Requester with advice on the necessary steps for compliance.

    Note: Information will not be furnished unless a person clearly provides sufficient particulars to enable Vodacom to identify the right the Requester seeks to protect as well as an explanation of why the requested information is required for the exercise or protect that right.

    6.2 Procedure to be followed by Vodacom after receipt

    The following procedure will be followed by Vodacom after receipt of the request for access:

    • Once a request is made in the prescribed Form 2, Vodacom will send an acknowledgment of receipt.
    • The Requester will receive notice from Vodacom to pay a request fee of R140.00 (if applicable).
    • The prescribed fee must be paid before the request is processed.
    • Payment of this fee should be made as directed by Vodacom.
    • If the request is granted then the Requester might be required to pay a further access fee for the search, reproduction and preparation of the record as well as for the time that has exceeded the prescribed hours to search and to prepare the record for disclosure. This includes for Personal Information requests, where applicable.

    6.3 Guidance for completing the request Form

    The Requester can contact Vodacom using the details outlined in paragraph 1.2.2 or any Vodacom shop for guidance on how to complete Form 2, and the documents that need to be submitted or applicable fees.

    An oral request for access to a record(s) may be made as a result of the illiteracy or disability of the Requester. The Deputy Information Officer, LEA department or any Vodacom shops will assist the Requester to complete the prescribed form on behalf of such Requester and provide him/her with a copy of the completed form.

    6.4 Response Time

    • All requests complying with the requirements set out above will be processed and a written notice of the decision provided to the Requester within 30 days after receiving the completed Form 2. In case of a request being refused, the notification will include the reasons for the refusal.
    • Vodacom may request an extension of the 30-day notice period for a further period not exceeding 30 days due to the nature of the request and the amount of time required to gather the requested information.
    • Vodacom will make the extension request prior to the expiry of the 30-day period and provide reasons for the extension.

    6.5 Granting or Refusal of a Request

    • If the request for access is granted, then Vodacom will advise the Requester of:
      • the prescribed reproduction fees for accessing the information or documentation,
      • payable deposit fee and balance outstanding (if any),
      • the form in which access will be given, and
      • the right to lodge an application in court or complain to the Information Regulator against the access fee to be paid or the form of access to be granted, within 180 days of Vodacom notifying the Requester of its decision.
    • If the request for access is refused, Vodacom will advise the Requester about the reasons for refusal of access and may advice the Requester that they may lodge an application in court or complain the Information Regulator against the refusal of the request.
    • Chapter 4 of the PAIA stipulates the following grounds for refusing requests for information:
    • protection of the privacy of a third party who is a natural person;
    • protection of commercial information of a third party;
    • protection of certain confidential information of a third party;
    • protection of safety of individuals and protection of property;
    • protection of records privileged from production in legal proceedings;
    • commercial information of the Private Body;
    • protection of research information of a third party and of the Private Body.
      • These grounds of refusal are also endorsed in section 23(4)(a) of PoPIA. If a request for access to Personal Information is made and part of that information may or must be refused in terms of PAIA, every other part will be disclosed.

    6.6 Records that cannot be located or do not exist

    Where records cannot be located but to which a Requester would have had access if the record was available, Vodacom will provide a response in the form of an affidavit or affirmation. This also applies where the requested records do not exist.

    The Act entitles a Private Body to levy a prescribed fee to a Requester before further Processing the request.

    According to section 23(3) of PoPIA, a Responsible Party may require payment of a prescribed fee for the provision of a record of Personal Information about the Data Subject in its possession. Vodacom will provide the Requester a written estimate of the fee before providing the services; and may require the Requester to pay a deposit for all or part of the fee.

    Please see below prescribed fees applicable that have been published in the Annexure B of PAIA Regulations, 2021.





    Request fee payable by every Requester



    Photocopy/printed black and white copy of a A4-size page

    R2.00 per page or part thereof


    Printed copy of A4-size page

    R2.00 per page or part thereof


    For a copy in a computer-readable form on flash drive (provided by Requester)



    For a copy in a computer-readable form on compact disc (if provided by Requester)



    For a copy in a computer-readable form on compact disc (if provided to the Requester)



    For a transcription of visual images per A4-size page

    Services to be outsourced, will depend on quotation from Service Provider


    Copy of visual images


    Transcription of an audio record per A4-size page



    For a copy of an audio record on Flash drive (to be provided by Requester)



    For a copy of an audio record on compact disc (if provided by Requester)



    For a copy of an audio record on compact disc (if provided to the Requester)



    To search for and prepare the record for disclosure for each hour or part of an hour, excluding the first hour, reasonably required for such search and preparation

    To not exceed a total cost of:

    R 145.00



    R 435.00


    Deposit: If search exceeds 6 hours

    One third of the amount per request calculated in terms of above items


    Postage, email or any other electronic transfer

    Actual expense, if any

    Vodacom, as a private body registered under the Value Added Tax Act, 1991 will add VAT to all the above-mentioned fees.

    The Act makes provision for the lodgment of a complaint to the Information Regulator by any person who alleges that the decision was not in compliance with the Act for refusing access,  aggrieved by a decision regarding fees prescribed, the extension of the period within which the request must be dealt; or refusing access in the form requested by the Requester.  The complainant may also apply to a court with appropriate jurisdiction. The complaint to the Information Regulator must be in the prescribed manner and form as published on the website of the Information Regulator and lodged within 180 days of the decision from Vodacom


    (Regulation 7 of the Promotion of Access to Information Act, 2 of 2000)

    1. Particulars of Vodacom

    The Head: Vodacom

    082 Vodacom Boulevard

    Vodacom Valley




    Private bag x 9904



    Select Type of Request

    Type of Request

    Where to send the request?

    Request for records or description of Personal Information that Vodacom holds about the Requester (any record excluding itemized billing older than 90 days, call data records, RICA / Ownership details)

    Use the various channels outlined on https://help.vodacom.co.za/personal/contactus?icmp=Home%2FFooter%2FContactUs


    Other requests of records held by Vodacom (any and all call data records, RICA / Ownership details and itemized billing older than 90 days, including third party requests)

    [email protected]


    1. Particulars of person requesting access to the record

    a) The particulars of the person who requests access to the record must be completed below

    b) Proof of identity must be attached by the Requester

    c) If request is made on behalf of another person, proof of such authorisation must be attached to this form

    d) An affidavit as part of this form must be completed and signed where the request is made on behalf of another person

    Mark with an “X”

    Request is made in my own name Request is made on behalf of another person


    Full names and surname: _____________________________________________________________ Identity number: __________________________________________________________________

    Postal address: : __________________________________________________________________ Fax number: ___________________________________________________________________
    Telephone number: ____________________________________________________________

    E-mail address: ___________________________________________________________________

    Capacity in which request is made, when made on behalf of another person:

    1. Particulars of person on whose behalf request is made

    This section must be completed ONLY if a request for information is made on behalf of another person

    Full names and surname: ____________________________________________________________ Identity number / Company Registration Number: __________________________________________

    1. Particulars of record requested

    a) Provide full particulars of the record to which access is requested, including the reference number if that is known to you, to enable the record to be located.

    b) If the provided space is inadequate, please continue on a separate page and attach it to this form.

    The Requester must sign all the additional pages


    1) Description of record or relevant part of the record:



    1. Reference number, if available: ___________________________________________________


    1. Any further particulars of record: __________________________________________________



    1. Type of Record

    Mark the applicable box with an “X”

    Record is in written or printed form


    Record comprises virtual images (this includes photographs, slides, video recordings, computer-generated images, sketches, etc.)


    Record consists of recorded words or information which can be reproduced in sound


    Record is held on a computer or in an electronic, or machine-readable form

    1. Form of access to record

    Mark the applicable box with an “X”

    Printed copy of record (including copies of any virtual images, transcriptions and information held on computer or in an electronic or machine-readable form)


    Written or printed transcription of virtual images (this includes photographs, slides, video recordings, computer-generated images, sketches, etc.)


    Transcription of soundtrack (written or printed document)


    Copy of record on flash drive (including virtual images and soundtracks)


    Copy of record on compact disc drive (including virtual images and soundtracks)


    Copy of record saved on cloud storage server

    1. Manner of Access

    Mark the applicable box with an “X”

    Personal inspection of record at registered address of Vodacom (including listening to recorded words, information which can be reproduced in sound, or information held on computer or in an electronic or machine-readable form)

    Note: Call recordings will be made available to be heard at a Vodacom shop


    Postal services to postal address


    Postal services to street address


    Courier service to street address


    Facsimile of information in written or printed format (including transcriptions)


    E-mail of information (including soundtracks if possible)


    Cloud share/file transfer


    Preferred language:

    Note: If the record is not available in the language you prefer, access may be granted in the language in which the record is available)

    1. Particulars of right to be exercised or protected

    If the provided space is inadequate, please continue on a separate page and attach it to this form. The Requester must sign all the additional pages

    1. Indicate which right is to be exercised or protected:




    1. Explain why the record requested is required for the exercise or protection of the aforementioned right:



    1. Fees

    a) A request for access to a record, other than a record containing Personal Information about yourself, will be processed only after a request fee has been paid

    b) You will be notified of the amount required to be paid as the request fee

    c) The fee payable for access to a record depends on the form in which access is required and the reasonable time required to search for and prepare such record

    d) If you qualify for exemption of the payment of any fee, please state the reason for exemption.

    Reason for exemption from payment of fees:


    1. Notice of decision regarding request for access

    You will be notified in writing whether your request has been approved/ denied. If you wish to be informed in another manner, please specify the manner and provide the necessary particulars to enable compliance with your request.

    How would you prefer to be informed of the decision regarding your request for access to the record? Select preference (Postal address, Fax, Electronic communication such as email)


    Signed at this day of 20






    I, the undersigned, ………………………………………………………. (Please insert full names) do hereby make oath and say:

    1. I am an adult male/female residing at ………………………………………………………. I am the Requester in terms of the Promotion of Access to Information Act, No 2 of 2000.

    2. The facts herein contained are true and correct and within my personal knowledge, unless indicated to the contrary, and are in all respects true correct.

    3. I am the owner and user of a cellular telephone with cellular number_________________. I am duly authorised to lodge this request in terms of the Promotion of Access to Information Act, No 2 of 2000.

    4. The information requested pertains to call data (details of outgoing calls and SMS’s as well as base station (tower) information on cellular number ……………………………… for the period between ………………… …………………….and ………………………. (also include time period as well).

    5. My Identity number is ………………………………………………………… and I attach hereby a certified copy of my identity document.

    6. I am the owner or authorised user of a Vodacom cellular telephone with cellular telephone number ______________________ allocated to me and I am duly authorised to consent to a third-party requesting information on my behalf in terms of the Promotion of Access to Information Act 2 of 2000.

    7. I hereby confirm that I have given consent to _____________________________ request and receive information (which is more fully detailed in the document attached hereto and marked Annexure _____ which has been initialed by me for purpose of identification) from Vodacom LEA Support requested on my behalf in terms of the Promotion of Access to Information Act 2 of 2000. Furthermore, I hereby waive any rights that I may have against Vodacom in regard to any damages that I may suffer arising from the release by Vodacom LEA Support to ____________________________________ in the information referred to in Annexure _____

    8. I am aware that I could be prosecuted for making a statement knowing it might be used in court proceedings and known by me to be false and intended to mislead.

    I know and understand the contents of this statement. I have no objections in taking the prescribed oath. I consider the prescribed oath to be binding on my conscience.

    SIGNED AT ___________________________ ON THIS _______________ DAY OF__________________ 20____


    Deponent (Signature of person

    swearing or affirming the statement)

    I certify that the deponent has acknowledged that he/she knows and understands the contents of this affidavit, which was signed and sworn to, before me at this ___________ day of ____________ 20___ and that he/she has no objection to taking the prescribed oath.


    (Signature Commissioner of Oaths or other official before whom the statement is sworn/affirmed). …………………………………………………..

    Full Names and Surname


    Business Address (Street Address)



    Vodacom keeps information and/or documents in accordance with the following legislation (This is not an exhaustive list):


    Type of information to be retained

    a) Basic Conditions of Employment Act No. 75 of 1997

    Records of information containing the personal details of all its employees, working times and remuneration package.

    b) Broad Based Black Economic Empowerment Act No. 53 of 2003 (“BBBEE”)

    Records of activities undertaken in order to promote economic transformation and meaningful participation of black people in the mainstream economy.

    a)     Companies Act No. 71 of 2008

    Company documents and records,

    Memorandum of incorporation and records of their directors.  

    b)       Compensation for Occupational Injuries and Health Diseases Act No. 130 of 1993

    Employee record or reproduction of same relating of wages, time worked, payment for piece work and overtime 

    c)       Consumer Protection Act No. 68 of 2008

    Records of transactions aimed at promoting and protecting the economic interests of consumers.

    d)       Criminal Procedure act No. 51 of 1977

    The Act makes provision for the admissibility of documents as evidence where such documents were compiled in the course of trade or business by persons who have personal knowledge of matters contained in the document.

    e)      Electronic Communications and Transactions Act No. 25 of 2002

    Records of electronic transactions.

    f)        Employment Equity Act No. 55 of 1998  

    Records relating to the workforce, employment equity plans and other relevant employment related records.

    g)      Financial Intelligence and Centre Act No. 38 of 2001 

    Records necessary to establish a relationship

    • Client’s Identity Document  
    • ID of a person on whose behalf the client is acting and proof of authority
    • Nature of business relationship/transaction
    • Amounts involved
    • Details of employee who captured info on behalf of company

    h)      Labour Relations Act No. 66 of 1995

    Records of disciplinary transgressions against employees, actions taken and reasons for the action

    i)        National Credit Act No. 34 of 2005

    Records of all applications for credit, credit agreements and credit accounts in the prescribed manner and form and for the prescribed time.

    j)        Occupational Health and Safety Act No. 85 of 1993

    Records relating to the health and safety of persons in the workplace

    k)       Pension Funds Act 24 of 1956

    Every fund is expected to maintain books of account and other records as may be necessary for the purpose of the fund. All the money and assets belonging to the fund may be kept in the name of the pension fund by other institutions subject to conditions determined by the Minister.

    l)        Prevention and Combating of Corrupt Activities Act No. 12 of 2004

    Records relating to any offer of improper gratification relating to the procurement or execution of contracts or employment relationship.

    m)    Regulation of Interception of Communications and Provision of Communication Related Information Act No. 70 of 2002 (“RICA”)

    The Act requires the following information to be stored in respect of all customers:

    • Name, surname, ID number, MSISDN and one address
    • For businesses: name, registration number, business address, name and surname of business representative, his or her ID number as well as the address

    n)     Skills Development Act no. 97 of 1998

    Records of all learnership agreements.

    o)      Skills Development Levies Act No. 9 of 1999

    Every employer is expected to make payments towards the skills development levy at a rate of 1% of the leviable amount. Records detailing payments made by the Employer are expected to be kept.

    p)      Unemployment Insurance Act No. 30 of 1996

    Records relating to payment of contributions to the Unemployment Insurance Fund relating to: illness, maternity and for dependents.

    Below are a list of records  that are automatically available without a person having to request access in terms of the Promotion of Access to Information Act 2 of 2000



    Mode of Accessibility


    My Vodacom App/VodaPay App





    Media Releases, Published events






    Human Resource

    Job advertisements







    Product information







    PAIA Manual







    Privacy Statements