Brush Up On The POPI Act And Other Legal Requirements For Your Business
As a business owner, you are faced with many legal obligations, among the most recent is the POPI Act, which is now a major part of your business’ operational requirements.
However, getting your business POPI compliant is only one of the many regulatory requirements that every business owner has to comply with.
To help you brush up on POPI and other legal requirements, we have compiled some of Monisha Prem, CEO and senior attorney at M Prem Inc‘s best legal advice for business owners.
1. Keep Your Customer’s Information Safe
Definition: The Protection of Personal Information Act (POPI) fundamentally alters the way in which you process your customers’ personal information, employees and any other natural and juristic persons, says Prem.
“POPI was created to promote the constitutional right to privacy by safeguarding personal information. POPI does this by protecting the flow of information and advancing the right to access information,” she explains adding that the “processing” of personal information involves its collection, use, retention, recording and alteration.
What You Need To Know: At the core of POPI lies the 8 conditions or minimum threshold requirements that businesses must comply with, says Prem. These, she says, are to ensure the lawful processing of personal information relating to employees and customers. They include:
– Accountability – The business is accountable for complying with the measures prescribed in the Act. These measures mean that the business will be responsible and liable from the time that the personal information is processed to the time of its deletion.
– Processing Limitation – Businesses are permitted to collect only the minimum required personal information for their purpose.
In addition, the consent of the data subject is required as it ensures that he/she is aware that personal information is being processed, the purpose as well as the type of information being processed.
– Purpose Specification – Personal information must be collected for a legitimate and lawful purpose and must not be retained for longer than the required period unless it is lawful to do so.
– Further Processing Limitation – Generally, this limits any secondary use of personal information, for any other purpose than the purpose for which it was collected for initial processing.
This includes preventing the disclosure or transfer of personal information to third parties.
– Information Quality – The business must take reasonably practical steps to ensure that personal information is complete, accurate, not misleading and updated where necessary.
– Openness – The business is required to inform the data subject of the reasons and “destiny” of the personal information.
– Security Safeguards – The business must secure the integrity and confidentiality of personal information in its possession by taking appropriate, reasonable and technical measures to prevent loss, damage and unlawful access.
– Data Subject Participation – This ensures that the data subject has some measure of influence over the processing of their personal data.
Definition: Prem says that if you supply goods or services (supplier) or if you use goods and services (consumer), the Consumer Protection Act 68 of 2008 (the Act) applies to you.
The Act entitles your consumers, among other things, to access a fair and sustainable marketplace; protection; information on goods or services as well as fair marketing and business practices.
What You Need To Know: Prem says 8 consumer rights you should always be conscious of are:
– Right to equality in the consumer market and protection against discriminatory marketing practices – The supplier is prohibited from limiting the consumer’s access to goods and services, to ensure high-quality, fair pricing of goods and services, and no consumer groups are prioritized over others. The consumer has the right to lodge complaints.
– The right to privacy – The consumer has the right to privacy and restrict unwanted direct marketing (text, telephone calls, letters or ‘spam’ e-mail) and the right to discontinue receipt of direct marketing at any time, the right to ‘opt out’ of receiving unsolicited direct marketing services by blocking the relevant supplier or marketer.
– The right to choose – The consumer has the right to select the supplier of their choice, to cancel or renew a fixed-term agreement, to request pre-authorization for repairs or maintenance services, to cancel direct marketing contracts within the cooling-off period.
– They also have the right to cancel advance reservations, bookings or orders, to return goods and seek redress for unsatisfactory services and to retain and not pay for unsolicited goods or services.
– The right to disclosure of information – The consumer has the right to demand agreements in easily-understood and plain language; has the right to disclosure of prices of goods and services provided by the supplier; and the right to product labeling and trade description to ensure that they understand what’s been sold or marketed to them.
– The right to fair and honest dealing – The consumer has the right to protection against behavior that is unethical or improper by the supplier and protection against false, misleading or deceptive representations to ensure that what you see is what you get without any unfair hidden clauses.
– The right to fair, just and reasonable terms and conditions – This right promotes clarity for the consumer such as the consumer’s need to know the details of any agreement entered into and that such terms and conditions are just and reasonable.
The consumer is entitled to be made aware by the supplier of any potential risks or liabilities.
– The right to fair value, good quality and safety – The consumer is entitled to quality goods and services, with the right to relevant warranties or to claim damages for injuries caused by unsafe/defective goods.
– Right to accountability from suppliers – The supplier is accountable to the consumer in lay-bye agreements or arrangements relating to prepaid certificates, credits and vouchers, and access to prepaid services and service facilities.
Definition: The Companies Act 71 of 2008 which came into effect on 1 April 2011, imposes greater transparency and accountability requirements on all companies, says Prem.
She says through this Act, business are required to be more accountable to various stakeholders by ensuring disclosures of business activities, more stringent accounting requirements and compliance with laws ensuring that directors discharge duties honestly, responsibly and diligently.
What You Need To Know: Prem says that the Act applies to all companies regardless of size, and non-compliance may result in penalties. She says requirements of the Act in terms of accountability and transparency are:
– Have a registered office – Every company must have a registered office in the Republic of South Africa, and the address must be indicated on the Notice of Incorporation.
– Maintain records for a certain period – All records and information that a company is required to keep must be held for a period of at least 7 years in written form, or any other form that allows it to be converted into written form, at the company’s registered office.
– Have a fixed financial year – Every company must have a fixed financial year, ending on a date set out in the Notice of Incorporation, subject to any change made by the board by filing a notice of such change with the CIPC.
– Complete reliable financial reports – All companies, whether big or small, must keep accurate and complete accounting records and prepare annual financial statements.
– File annual returns – All companies are required to file annual returns with the CIPC.
Definition: The new BEE Codes of Good Practice came into effect on 30 April 2015, Prem says and adds that the idea behind these codes is to address some of the shortfalls identified over the years, the biggest challenges being unemployment and a more equitable income.
As a result, the goal of the Code is to enhance the economic participation of black people in the economy, she says.
What You Need To Know: Prem says that according to the new codes, businesses should be aware of the following changes.
– New Thresholds – Exempted Micro Enterprises (EMEs) are businesses with turnover of R10 million or less and startups. EMEs that are 100% black-owned qualify for Level 1 recognition, or 51% black owned as Level 2.
Qualifying Small Enterprises (QSEs) are businesses with turnovers between R10 million and R50 million. QSEs that are 100% black-owned qualify for Level 1 recognition, or 51% black owned as Level 2.
Large enterprises are businesses with turnovers over R50 million, and are required to comply with all the elements of the Code, in particular the priority elements.
– Priority Elements – The priority elements are Ownership, Skills Development, Enterprise Development and Supplier Development. Businesses are compelled to meet 40% of the allocated scores in each of these categories.
Failure by business to do so will result in the status level received being discounted by 1 level.
– Score Allocation and Weighting – New score allocation and weighting per element has the net effect of lower recognition levels.
By way of illustration, previously a score of 75 would have qualified a business as a Level 3 rating, with the Code it would qualify as a Level 5 rating.
– Penalties – There is no legal obligation on firms to comply with the BEE targets. However, a business’s BEE status is an important factor affecting its ability to successfully apply for government and public entity tenders, to obtain licenses and in meeting procurement requirements.
Definition: Prem says packaging refers to the physical materials used to wrap or protect goods, whereas labels are attached on the product package to provide information such as the manufacturer of the product, date of manufacture, expiry date, ingredients, how to use the product, and its handling.
Apart from the aesthetics, the packaging and labeling must meet certain legal requirements.
What You Need To Know: When packaging and labeling products, Prem says that suppliers should keep the following in mind:
– Be truthful – Ensure that the product labeling is not false or misleading.
– Warn your customers of any dangers – Include a warning on all packaging in respect of unusual hazards which may be caused as a result of i.e. allergens, additives or colourants.
– Be clear about what the product is and what it does – The consumer must be clear on what the intended purpose of the product is and that harm may ensue should the consumer not use the product for that intended purpose.
– Make sure you are compliant – Before packaging and labeling is released for any product, it should be reviewed in terms of the applicable labelling legislation, regulations and standards.
Definition: While the specific contract requirements for each business may vary, Prem says there are three common legal contracts every business person should draw up for their business.
They include Constitutional contracts: These are contracts that regulate powers and limitations such as memorandum of incorporation (which protects the interests of shareholders) and partnership agreements (which detail the partnership relationship); Relational contracts: These are contracts that establish and manage rights and obligations between various business parties such as suppliers, customers and employees; as well as Transactional contracts: These contracts regulate commercial transactions such as purchase and sale of assets or shares, or raising debt or equity.
What You Need To Know: Prem says one of the first considerations all business persons should look at in a contract is an outline of each party’s rights and responsibilities. Prem says you should consider the following before signing a business contract:
– Does the other party have the capacity (ability) to enter into the agreement – a minor will not have capacity or whether the person signing on behalf of an entity (company or CC) is authorised without limitations of power to enter the agreement.
– Are there any specific laws that apply – such as those regulating the selling or buying of land or dealing with long leases or ante-nuptial contracts?
– Does the contract have any illegal element that is contrary to any law or society – if so the agreement cannot be enforced
– Ensure that the obligations for each party are possible to be performed
– Understand clearly how to terminate or exit the contract and under what circumstances you are entitled to do so, such as material breach.
– Be aware of significant dates or events that apply to each party the consequences of not complying.
READ MORE: See how to avoid costly legal mistakes.