“It’s important to remember your competitor is only one mouse click away” (Doug Warner)

Your website, social media profiles, and other online platforms play a vital role in your business strategy and in staying ahead of your competition at all times.

However, it’s not just about marketing effectively. Ensuring compliance with regulations is equally crucial, although often overlooked.

Why is Compliance Important?

Compliance ensures that your business:

  • Meets all legal requirements.
  • Reduces risks associated with user engagement.
  • Enhances your brand’s image.
  • Builds trust and loyalty with users.
  • Safeguards your reputation.
  • Prevents unnecessary costs.
A Checklist for Website Compliance

Website compliance involves adhering to various laws, regulations, and standards governing online operations and content. Here’s what it entails:

  • Legal Compliance: Your website must follow local, national, and international laws, covering online business, intellectual property, and consumer protection requirements.
  • Accessibility Compliance: Websites should be accessible to people with disabilities, as mandated by some countries’ laws.
  • Cookie Compliance: Inform users about cookies and obtain their consent before placing them on their devices, as required by many countries.
  • Privacy Compliance: Comply with privacy regulations when collecting user data, such as POPIA in South Africa and (where applicable) GDPR in the EU.
  • Security Compliance: Implement security measures like encryption and secure logins to protect user data and prevent unauthorized access.
  • Content Compliance: Ensure content doesn’t violate copyright or trademark laws.
  • Financial Compliance: Adhere to regulations for online payments and financial transactions if your website conducts such activities.
  • Advertising Compliance: Ensure ads meet advertising standards and regulations to avoid deception or violation of laws.
  • Terms of Service/Supply and Policies: Make legal documents clear, transparent, and legally sound for users to agree to.
  • Industry-Specific Compliance: Some industries have specific regulations, like healthcare websites complying with health information privacy laws.
Integrate compliance into step 1 of your website’s development

Integrate compliance into the very earliest developmental stage of your website, focusing not only on content but also design and process. This ensures that your online presence remains compliant from the outset, reducing the risk of non-compliance issues down the line.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

 “Owning one’s own business is an adventure – enjoy it every step of the way.” (From the SME Toolkit article referenced below)

First, three questions to ask yourself…

If you dream of going into business for your own account in 2023, ask yourself these questions before you get started –

  1. Am I an entrepreneur? You have an amazing idea, you can’t wait to launch your new business, success and wealth beckon! But wait a second – are you really suited for the hurly-burly of entrepreneurship? It can be hugely rewarding, not just in the financial sense but also in terms of lifestyle and life satisfaction. But it also carries far more risk than the classic “9 to 5 employee” option, so think long and hard before choosing. There are many online quizzes to help you decide – try for example DeLuxe’s “Quiz: Are you ready to start your own business?” here.
  2. What’s my plan? Without a plan you sail rudderless through some very treacherous and shark-infested waters. Start-up failure rates are high, but luckily there is plenty of advice available to help you plan your course. Read for example the Business Partners “Ten Simple Rules For a Successful Start-up” on SME Toolkit.
  3. What legal entity should I use to trade? Don’t make the rookie mistake of setting sail in just any old boat. Starting off in the wrong entity and then having to change mid-stream will mean a lot of unnecessary expense, hassle and risk. Rather plan long term – ask yourself where you want your business to be in 5 or 10 years, how big it will be, what your exit plan will be and so on.

    We set out below some brief thoughts on the various alternatives available to you, but upfront professional advice, specific to your particular needs and circumstances, is a real no-brainer here.

    So, what are your choices?
…and four business vehicles to choose from

You have four main options –

  1. sole proprietorship (“sole trader”).  You are the business, trading for your own personal profit and loss, perhaps under a trading name such as “Syd Smith trading as ‘Syds Plumbing’”.
  2. partnership of 2 to 20 individuals or entities, pooling resources to carry on a trade, business or profession for a share of the profits.
  3. private company (“Pty Ltd”) with any number of shareholders. Controlled and administered by directors.
  4. A trust (number of trustees and beneficiaries not restricted). There are various types of trust, with trustees controlling and managing trust assets and/or trading for the benefit of beneficiaries.

Note that you might be advised to combine one or more of these entities in a corporate structure, and that there are other specialised types of entity available to, for example, non-profit organisations (charities etc), professionals (lawyers, accountants, doctors etc) and the like.

The pros and the cons of each

Have a look at the illustrative table below for a summary of the advantages and disadvantages of each of these options.

Don’t forget the tax and estate planning implications!

Each of your choices carries with it a mixed bag of positives and negatives when it comes to both tax and estate planning implications. For an overview, have a look at SARS’ “Starting a business and tax” webpage, with a link to its “Tax Guide for Small Businesses” PDF.

That Guide is 102 pages long, and unless you are comfortable with the complexities involved, professional advice specific to your circumstances is again essential.

In a nutshell –

  • Estate planning: You may be advised to use companies and trusts for tax-efficient and practical transfer of wealth to future generations, as well as for asset protection from creditors both before and after you die. Both companies and trusts are “perpetual” in the sense that they survive changes in directors/trustees (resignation, removal, retirement, insolvency, death etc), with potential multi-generational savings in estate duty and avoidance of the cost and delays inherent in deceased estate administration.
  • Tax efficiency: Sole traders and partners are taxed at individual rates; trusts other than special trusts at a flat rate of 45%; companies at a flat rate of 27% (27% for years of assessment ending on 31 March 2023 and later, previously 28%) with 20% dividends tax when you take profits out. There are a host of other factors to take into account here, including aspects such as Capital Gains Tax inclusion rates, exclusions, exemptions, small business breaks and the “trust conduit principle” all being highly relevant to the ultimate question – will you be better off being taxed as an individual or will some form of corporate and/or trust structure be more tax efficient for you?

Take that professional advice!

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“Strategy is the art of carefully selecting where a business applies its focus and resources in order to achieve its ultimate aim. A large part of the work is in selecting what not to do rather than what’s to be added.”

Strategic planning is an essential part of optimising your business for success. Without it you will drift rudderless, unfocused and wasting effort and resources with no clear destination in mind.

Jon Cherry’s article “The Four Strategies” on his Cherryflava website lists four key areas to consider – in combination, they will help drive your business forward, inspiring all the work, and the people, that hold your “North Star” vision close.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“All is fair in love and war…and business is war.” (Jasmine Kundra)

When company directors are locked in dispute, one of them may be tempted to cut off the other’s access to emails and to the business server – a tactic likely to have immediate and serious consequences for the director thus cut off.

Its appeal as a tactic to force the other director to the negotiating table is obvious, but the question is whether the director thus deprived has any legal remedy available to force immediate restoration of access.

A recent Supreme Court of Appeal matter saw a director in that exact position trying to get his access back urgently with a “spoliation order” application.

“Cut off his email and server access”

When the two directors fell out, one (let’s call him ‘A’) applied for liquidation of the company on the grounds of deadlock. Director B opposed this application, and, alleging that A had resigned his directorship, instructed the web hosting entity hosting the company’s server and email addresses to cut off A’s ‘email and company network/server access’ with immediate effect.

A, denying hotly that he had resigned, immediately applied to court for a “spoliation order” restoring his email and server access to him.

Spoliation – a quick and effective way to get back possession, but only if…
  • The spoliation process is designed to stop disputing parties from taking the law into their own hands and provides a quick and effective way of regaining possession of something if you have been wrongfully deprived of it. It’s a quick and effective remedy because “[T]he injustice of the possession of the person despoiled is irrelevant as he is entitled to a spoliation order even if he is a thief or a robber. The fundamental principle of the remedy is that no one is allowed to take the law into his own hands”. In other words, you can get an immediate spoliation order without having to prove your right to possession of the thing – all you have to prove is the wrongful dispossession.
  • So that would have been an ideal outcome for A, giving him immediate restoration of his access to his emails rather than having to fight his way slowly through a full trial proving his rights to email and server access. But it was not to be. His problem was that, in order get a spoliation order, one of the first things you must prove is that you were in “peaceful and undisturbed possession” of something.
  • Now A would have been able to prove such possession if he had for example been wrongfully deprived of use of a company car or even of an “incorporeal” right to use property (such as “quasi-possession” of a right of access under a servitude). But he was unable to convince the Court that his email/server access fell into any such category.
  • As the Court put it: “Thus only rights to use property, or incidents of occupation, will warrant a spoliation order.” A’s prior use of the email address and server was not an “incident of possession of movable or immovable property”, it is purely “a personal right enforceable, if at all, against [the company].”
  • In a nutshell, A must now prove his legal right to email and server access – perhaps he will be advised to apply for an ordinary interdict, perhaps he will sue for damages and/or re-instatement, but whichever course he chooses he will need to accept the inevitable delays. In other words, if B’s tactic was to put immediate and substantial pressure on A in the short term it worked – at least for now.

Don’t however take any action like this without professional advice – it could come back to bite you badly if it misfires.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“A man who procrastinates in his choosing will inevitably have his choice made for him by circumstance.” (Hunter S. Thompson)    

Since 2005 businesses have been repeatedly told “get your PAIA (Promotion of Access to Information Act) manual sorted now, the deadline is approaching”. And every 5 years since then, those (mostly smaller) businesses temporarily exempted from lodging manuals have been given yet another extension – usually at the very last minute.

“Crying Wolf” again?

With government “Crying Wolf” so often, small business owners can certainly be forgiven for treating this whole process with a great deal of scepticism. Perhaps though this deadline is one to take seriously, particularly since the related POPIA (Protection of Personal Information Act) is now fully in place and new PAIA Regulations have been promulgated to tie in with POPIA.

What businesses are currently exempt?

PAIA itself requires all public and private bodies to prepare, lodge and publish (including on any website you have) a PAIA information manual.  Every business operation, no matter how small, falls into that net – the definition of “private body” includes any person or partnership who carries on or has carried on “any trade, business or profession”, together with any “former or existing juristic person” and political parties.

In other words, all businesses of all types and sizes must have a PAIA manual once the current exemption comes to an end.

You are probably currently exempt if you are a smaller business, specifically a “private body”, including any private company.

But the exemption does not apply to any non-private company, nor to any private company in any of the business sectors listed below with either –

  • 50 or more employees, or
  • An annual turnover of or above specific thresholds – see the table below for details.
Do your Manual now anyway!

Even if the deadline is once again extended, you will almost certainly still have to comply somewhere down the line, and at least by getting this done now you have got rid of one annoying little red tape item from your Action List. Procrastinating, as Hunter S Thompson pointed out, just means having the choice made for you down the line.

Prepare your PAIA manual now; if you already have one, update it regularly.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews


The COVID-19 pandemic has closed many doors, but it has also levelled many playing fields and opened up a slew of new business opportunities. If you are one of the many budding entrepreneurs out there looking to start up your own business (perhaps by choice, perhaps after a business closure), you may wonder where and how to go about it.

Bizly’s “Start a business: How to get going fast, the lean start-up way” here shares some ideas for “action planning using rapid, feedback loops to get the business off the ground quickly and with minimal risk.”  Answer 6 preliminary questions, complete a one-page business plan, and prepare for launch!

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews


Virtual meetings are here to stay. Make the most of them with “Optimising the virtual boardroom: A guide to planning and executing virtual board meetings” from Nasdaq Governance Solutions on Moneyweb.

Learn how to –

  • “Build a virtual board table” (“creating a virtual seating arrangement” and so on),
  • “Mitigate meeting day glitches” (we’ve all wasted time on fiascos!), and 
  • “Keep it confidential” (paramount).

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews


Note: This is a complex topic and there is no substitute for tailored professional advice. What is set out below is of necessity no more than a simplified summary of some practical highlights.

You and your business are at substantial risk if you aren’t fully compliant with POPIA (the Protection of Personal Information Act) on 1 July 2021.

The clock is ticking! Have a look at the Information Regulator’s Countdown Clock here to see exactly how many days (and hours, minutes, and seconds!) you have left.

Be ready! Be compliant! Ask yourself these eleven questions –

  1. Does POPIA really apply to us?
    As soon as you in any way “process” (collect, use, manage, store, share, destroy and the like) any personal information relating to a “data subject” (suppliers, customers, members, employees and so on – whether individuals or “juristic persons” such as corporates and the like), you are a “responsible party”.The formal definition of a responsible party is “a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information” – very few businesses and organisations will fall outside that net. Equally you are unlikely to fall under exemptions such as that applying to information processed “in the course of a purely personal or household activity”.But don’t panic –. compliance is easily attainable for most businesses, particularly if you are a smaller operation with little in the way of sensitive personal information. Answer the questions below to get a feel for areas you need to concentrate on now.
  2. What risks do we run if we don’t comply with POPIA?
    If a data subject suffers any loss as a result of your breach of POPIA, the subject (or the Regulator at the request of the subject) can sue you for damages and you will be liable even if your breach was unintentional and not negligent. You also face criminal prosecution, penalties and administrative fines for some breaches.
  3. Have we registered our Information Officer/s?
    You must register your Information Officer (“IO”) with the Information Regulator – go to the Regulator’s Online Portal for the online and PDF versions of the registration form, plus the email address for support enquiries and a link to the Search page. The IO is responsible (and liable) for all compliance duties, working with the Regulator, establishing procedures, and the like. You are automatically your business’ IO if you are its “Head” i.e., a sole trader, any partner in a partnership, or (in respect of a “juristic person” such as a company) the CEO, MD or “equivalent officer”. You can “duly authorise” another person in the business (management level or above) to act as IO and you can designate one or more employees (again management level or above) as “Deputy Information Officers”.
  4. Do we have a list of all personal information we hold, and how and why we hold it?
    Make a full list of all the personal information you hold/process, whether physically or in electronic form. Then evaluate it against the test that, to collect and “process” personal information lawfully, you need to be able to show that you are acting safely, lawfully, and reasonably in a manner that doesn’t infringe the data subject’s privacy.You must show that “given the purpose for which it is processed, it is adequate, relevant and not excessive”. Data can only be collected for a specific purpose related to your business activities and can only be retained so long as you legitimately need to (or are allowed to) keep it for that purpose.
  5. What security measures do we have in place?
    You must “secure the integrity and confidentiality of personal information in [your] possession or under [your] control by taking appropriate, reasonable technical and organisational measures to prevent … loss of, damage to or unauthorised destruction of personal information … and unlawful access to or processing of personal information.”You are at great risk of liability and penalties if you suffer any form of data breach from a risk that is “reasonably foreseeable” unless you can prove that you took steps to “establish and maintain appropriate safeguards” against those risks. If you haven’t already done so, brainstorm with your team all possible internal and external vulnerabilities (physical as well as electronic) and address them.
  6. Do third parties hold/process personal information for us?
    If third parties (“operators”), hold or process any personal information for you, they must act with your authority, treat the information as confidential, and have in place all the above security measures. Further restrictions apply if the third party is outside South Africa.
  7. Do we know what to do if we suffer a breach?
    Any actual or suspected breaches (called “security compromises” in POPIA) must be reported “as soon as reasonably possible” to both the Information Regulator and the data subject/s involved.
  8. Do we do any “direct marketing” and if so do we comply with all requirements?
    Most businesses don’t think of themselves as doing any “direct marketing”, but the definition is wide and includes “any approach” to a data subject “for the direct or indirect purpose of … promoting or offering to supply, in the ordinary course of business, any goods or services to the data subject…”. So for example, emailing or WhatsApping your customers about a new product or a special offer will put you into that net.If your approach is by means of “any form of electronic communication, including automatic calling machines, facsimile machines, SMSs or e-mail”, you must observe strict limits. Whilst you can as a general proposition market existing customers/clients in respect of “similar products or services” (there are limits and recipients must be able to “opt-out” at any stage), potential new customers can only be marketed with their consent, i.e., on an “opt-in” basis. They can be approached only once for that consent so keep a record of everyone you have asked.
  9. Does our website use cookies and if so do we have a cookie notice and policy in place?
    As countries around the world ramp up their privacy laws, we will all see many more examples of “cookie notices” on websites we visit. You may wonder how your own website should be configured, and the short answer is that if it uses cookies (almost all do), POPIA very likely applies despite the fact that there is no specific mention of cookies in the current legislation. Bottom line – to be on the safe side, have a cookie notice and policy in place. Keep yours simple and user-friendly.
  10. Do we have a privacy policy and a POPIA manual in place?
    POPIA – unlike PAIA (the Promotion of Access to Information Act) – doesn’t require you to have a POPIA manual in place but in larger businesses it is certainly a good idea to prepare one.However you should certainly have a privacy policy in place. Make sure that everyone in your organisation is aware of it and of how critical it is to comply with it at all times.
  11. Is our staff team ready?
    Check that everyone in your business understands your compliance plan and their own individual roles and responsibilities in it. Make sure that nothing falls through the cracks – assign specific tasks to specific staff members.
Bodies Corporate and Homeowners Associations – how POPIA affects you

Bodies Corporate and Homeowners Associations (HOAs) fall into the POPIA compliance net and should be asking themselves the questions above.

In assessing what personal information you hold, how and why you hold it, and who you are sharing it with, remember to include not only scheme owners and HOA members but also your auditors, attorneys, managing agents, the CSOS (Community Schemes Ombud Service), security service providers and the like.

If you have gate security in the form of visitor registers, scanning of licence plates and driver’s licences and so on, be ready to address questions around having lawful reason for collection and retention of all the personal information you are gathering in this manner.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews

“For him to be forced out of a career of choice to start working in a different field at a time when many businesses are closing down, retrenchments and lay-offs being commonplace and individual[s] doing everything possible to survive and cope with the health and economic devastating effects of the covid 19 pandemic, is plainly unreasonable and contrary to public policy and constitutional values” (extract from judgment below)

Consider this unhappy (but not unlikely) scenario: For whatever reason, you part ways with your fellow director/shareholder (or perhaps a key employee), who goes off immediately to join (or found) the opposition. 

Now you have a major problem – he/she was privy to all your trade secrets and confidential information and they are now being used to compete against you. Your business could be crippled.

Using the time-tested restraint of trade clause

An effective and time-tested way of protecting your business from such a risk is to insist on all directors, shareholders and key employees signing restraint of trade agreements from the start. Such restraints are usually included as clauses in employment contracts and/or (less commonly) in shareholder agreements. 

However, it is vital to word the restraint clause correctly if it is to stand up to legal scrutiny.  Although our law has long recognised the right of businesses to enforce this type of contract so as to protect their “proprietary and protectable interests”, and although in general we are held by the law to the agreements that we conclude, there is always a balance struck with the employee’s constitutional rights to be economically active and to earn a living.

As the High Court put it recently: “It is settled law that restraints of trade are valid and binding and, as a matter of principle, enforceable unless, and to the extent that, they are contrary to public policy because they impose an unreasonable restriction on the former employee’s freedom to trade or to work. It is also settled that the onus of establishing that the restraint of trade is unreasonable falls on the former employee.”

A common mistake – going “too wide”

The most common mistake businesses make is to word the restraint of trade too widely (in one or more of type of activity, geographical area or time period). No matter how tempting it may be to do so, that is courting disaster. The wider the clause is, the greater the chances of a court holding it either totally invalid or only partially enforceable. Rather word your clauses tightly and defensibly.

Two recent High Court decisions illustrate both this principle, and the potential impact of the Covid-19 pandemic on our courts’ approach to the questions of reasonableness and time periods.

The impact of the pandemic on the “reasonableness” test
  • A director, shareholder and employee of a company specialising in media and advertising solutions resigned as both director and employee after a breakdown in relations, the company owing him R1.2m in short-paid salary. He however retained his shareholding. 
  • He was subject to restraints of trade (in both his employment and shareholder agreements) which prohibited him from working for a competitor, and from sharing confidential information and trade secrets with them, for 18 months in any of 29 African countries.
  • He nevertheless joined a direct competitor (active in 2 of the 29 African countries) and acted in breach of the restraint by contacting customers and business associates. When sued in the High Court for enforcement of the restraint clauses, his main defence was that they were unreasonable and prevented him from earning a living.
  • The Court confirmed the need to consider all the relevant circumstances, not only at the time a restraint is entered into, but also at the time that the business tries to enforce its restraint. In this case, the company’s attempts at enforcement encompassed the period March to July 2020 – a time of strict lockdowns and economic turmoil.
  • The upshot – the Court rejected the company’s suggestion that the ex-director could remain economically active in another field for which he was qualified, commenting: “For him to be forced out of a career of choice to start working in a different field at a time when many businesses are closing down, retrenchments and lay-offs being commonplace and individual[s] doing everything possible to survive and cope with the health and economic devastating effects of the Covid-19 pandemic, is plainly unreasonable and contrary to public policy and constitutional values”. The restraints were rejected as unenforceable.
The impact of the pandemic on time periods 

Another recent High Court decision saw the Court reducing a 2-year restraint, on sales employees who resigned in March and April 2020 respectively, to 14 months. 

In doing so the Court took what it considered to be a reasonable base period in the circumstances of 12 months and added 2 months “to compensate for the lockdown period”, also commenting that “…I am aware that our society is living in strange times. The COVID-19 pandemic has played havoc with, inter alia, our economy. Businesses have been prevented from operating and the ability of the applicants to appoint and train new salespersons will undoubtedly have been blunted by the state of the economy. This is of some relevance when considering the length of the period of restraint…”.  

So – are restraints of trade valid in times of pandemic and upheaval?

Neither decision means that restraints are necessarily unenforceable or only partially enforceable during times of economic turmoil and high unemployment. Each case will be decided on its own merits, but in assessing whether your own restraint clauses will be considered reasonable and enforceable, they are clearly factors to be borne in mind.


Now more than ever before, scenario planning is essential for the success of your business. But of course the next step in the process is just as critical – you need to create an actual business strategy based on your scenario planning. It’s a process that can be both quick and simple.

As the author of “From Scenarios to Strategy: Top 3 Methods” on the Medium website points out, even smaller businesses with limited resources will find the “wind tunneling” method both powerful and flexible.

Disclaimer: The information provided herein should not be used or relied on as professional advice. No liability can be accepted for any errors or omissions nor for any loss or damage arising from reliance upon any information herein. Always contact your professional adviser for specific and detailed advice.

© LawDotNews