Connect with us

Compliance

Are You Protecting Your Customer’s Data?

A company’s privacy policy dictates what personal information is processed, and the manner in which such information is collected, stored, and shared.

Kyle Torrington

Published

on

POPI-Act-south-africa

The collection, usage and sharing of personal information is regulated primarily by the Protection of Personal Information Act 4 of 2013. The Act was recently promulgated and is yet to be implemented. The Act seeks to give expression to the right to privacy provided for in the Constitution.

At the time of writing, the primary enforcement arm contemplated by the Act, the Information Regulator, has yet to be appointed. Once appointed, all businesses will be required to register with the Information Regulator to make public what personal information is being collected, and what it is being used for.

The Information Regulator will be empowered to enforce compliance with the Act, and able to investigate whether an entity is lawfully processing the public’s personal information. 

Related: Protect Your SME From PoPI

How are privacy policies affected?

The Act defines the term ‘processing’ broadly, and includes “the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation or use of a person’s personal information”. To process a person’s personal information, the prior consent of the person (data subject) is needed.

Personal information includes email addresses, names, identity numbers, phone numbers, the race, gender, religion, marital status of a person, and if applicable, an entity such as a company, to name but a few. One of the purposes of a business’ privacy policy is to obtain such consent, by an indication that the privacy policy has been read and agreed to.

The primary purpose of a privacy policy is to set out in clear and concise terms what personal information is collected by the company, and exactly what the company will and will not do with that information. It should also set out whether personal information will be shared, and with whom.

The Act restricts a company’s ability to store personal information outside of the country by requiring that it be transferred only to countries in which comparable security laws and data protection measures exist.

A situation such as this arises more easily than expected. Consider the example of the humble contact form: Your website, with its local server situated in Midrand, utilises a plugin to create custom contact forms.

Although your server may be in Midrand, every person who completes the contact form on your website has their personal information transferred and stored on servers in the home jurisdiction of your plugin creator, which may be in the US. But the plugin creator may also make use of third-party service providers based in Vietnam. An in-depth investigation of all third-party plugins and processes of a website is therefore required to ensure that you comply with the Act.

Access by a data subject to personal information

A data subject is entitled to request a full disclosure of any personal information held by the company.

As the procedures governing access to personal information overlap, companies should also ensure compliance with the processes outlined by the Promotion of Access to Information Act 2 of 2000 (‘PAIA’).

Related: Five Tips for Effective Marketing that Complies with the POPI Act

In terms of PAIA, all companies are required to compile a manual that needs to be registered with the South African Human Rights Commission. This manual sets out the company’s contact information, what records are available for inspection, the identity of the leadership of the company, as well as the manner in which a person may request access to information held by the company.

However, the Minister of Justice and Correctional Services has exempted private bodies from complying with this requirement for a period of five years, starting from
1 January 2016.

To ensure compliance with all data protection, privacy, and access to information laws, a privacy policy and a PAIA manual will be required by every business.

Kyle Torrington is the co-founder of Legal Legends, a company that aims to revolutionise the legal industry by being Africa’s first eCommerce website for quality legal services aimed specifically at start-ups and entrepreneurs

Company Posts

An Introduction To COID Registration And The Letter Of Good Standing

Company Partners is a leading COID Registration Service Provider in South Africa. They also assist Companies to obtain a Letter of Good Standing from COIDA.

Company Partners

Published

on

Compensation for Occupational Injuries and Diseases Act

What is COIDA?

The Compensation for Occupational Injuries and Diseases Act (Act 130 of 1993) replaced the “Workmen’s Compensation Act” (Act No. 30 of 1941), and was amended in 1997.

The Compensation Fund provides compensation for occupational injuries or diseases sustained or contracted by employees in the course and scope of their employment, or their dependents for death resulting from such injuries or disease, and to pay reasonable medical expenses incurred.

Who must register with COID?

According to prescription, anyone who employs one or more part- or full time workers must register with the Compensation Fund and pay annual assessment fees. The Compensation Fund is a trust fund that is controlled by the Compensation Commissioner and employer contributes to the Compensation Fund. The Commissioner is appointed to administer the Fund and approve claims lodge by employees or their dependants.

An employer must register with COID within seven days after the day on which he employs his first employee. An employer must register with the Commissioner by submitting Form W.As.2 with the particulars required therein to the Commissioner.

During COID registration copies of the following documentation should be included:

  • the registration certificate from the Register of Companies if they are a company or closed corporation;
  • or their ID document, if they are sole owners of the business.

What are assessment fees?

The annual assessment fee is of an employer is based on their employee’s earnings and the risks associated with the type of work or profession. Before 31 March each year, all employers (including contractors) must submit a statement (return) of earnings reflecting amount paid to all their workers from the beginning of March to the end of February.

Assessment tariffs, reviewed annually, are based on the risks related to a particular type of work.

Payment of assessments

  • Employers must pay within 30 days of receiving the notice of assessment;
  • Employers must apply in writing to settle assessments in installments (not exceeding 12 months);
  • 20% of the outstanding balance due is required upfront before instalment arrangements can be applied for;
  • Should the instalment fall overdue, the full amount becomes due and payable immediately.

Failure to comply may result in:

  • Penalty can be imposed for late submission of ROE (Sect 83(2) – 10%);
  • Estimations will be done if no returns (ROE) are submitted (Sect 83(6)(a);
  • Penalty on non-payment of assessments (Sect 87(1) – 10%);
  • Interest on late payment of assessment (prevailing prime rate);
  • Penalty for late reporting of accidents
  • A penalty is imposed where an employee meets an accident / death and employer is not registered with the Compensation Fund (not exceeding full compensation payable to the employee (Sect 87(2)(a))
  • An employer who fails to comply with a provision of this section shall be guilty of an offence – Sect 81(3)

Contractors and sub-contractors: 

  • Contractors and sub-contractors must register with the Compensation Fund and pay assessments;
  • Failure to comply with the COID Act by the sub-contractor will make the mandatory or main contractor to be responsible for any claims from the sub-contractor’s employees (thus the need for a letter of good standing);
  • The contractor may recover any such payments directly from the sub-contractor.

Letter of Good Standing:

The Letter of Good Standing is a certificate issued by the Compensation Fund to verify that a business actually exists, has paid all its statutory dues, has met all filing requirements and, therefore, is authorised to operate.

Conditions when applying for a letter of good standing:

  • Employer must be registered with the Fund as per section 80 of the COID Act,
  • Employer must have submitted all returns of earnings as per section 82 0f the COID Act,
  • Employer must be fully assessed as per section 83 of the COID Act,
  • Employer must have paid/ settled all outstanding debt as per section 86 of the COID Act.
  • Employers that have entered into an instalment arrangement will only be issued with a letter of good standing on a month‐to‐month basis.

Related: Register A Company In South Africa

What happens if an employee is injured?

employee-injury

The amount of compensation paid to you, depends on how much you were earning when you got injured or diagnosed. If you’ve stopped working by the time a disease is diagnosed, the compensation will be worked out according to what you would’ve been earning.

Types of compensation:

Medical costs: All your medical expenses will be paid for up to 2 years, from the date of the accident or the diagnosis of the disease. You are free to choose a medical service provider you want to consult with. All medical accounts and reports should be submitted to the Commissioner.

Temporary disability:  When you’re unable to work or can’t do all your work because of an injury or disease.

All medical expenses are also paid if the medical accounts are submitted to the Commissioner.

You can claim compensation for temporary disability for 1 year. This can be extended to 2 years, after which the Commissioner may decide that the condition is permanent and grant compensation on the basis of permanent disability.

Permanent disability:  A permanent disability is an injury or illness that you will never recover from. The seriousness of the disability will determine whether you’ll never be able to work again or whether you’ll find work more difficult.  If the disability is more than 30% disability, you will get paid a monthly pension. The size of the pension depends on what your wages were and on the seriousness of the disability.  If the disability is 30% or less, you’ll get paid a lump sum. The lump sum payment is a once-off payment.

Death benefits:  Burial expenses will be paid and the spouse of the deceased and children under the age of 18 (including illegitimate, adopted and step-children) are entitled to compensation.  If a family member that earns money to support the family (breadwinner) is killed by an occupational injury or disease, dependants can claim from the fund.

Company Partners

Company Partners is a leading COID Registration Service Provider in South Africa. They also assist Companies to obtain a Letter of Good Standing from COIDA.

Established in 2006, Company Partners guarantees that the services they offer meet the standards of the best in the industry. Over 30 full-time Consultants offer services and standards of the highest quality.


Useful Links

  1. COID Registration
  2. Letter of Good Standing

Continue Reading

Compliance

How To Stay On The Right Side Of The Law With A Marijuana Business

The verdict is in: It’s not (yet) legal to commercially grow cannabis, but there are multiple business opportunities for home growers that are on the right side of the law.

Nicole Crampton

Published

on

marijuana-business-legal

“The use, possession and cultivation of cannabis outside of a private space, or by, or around, under-age persons, still remains illegal,” says Paul-Michael Keichel, Partner at Schindlers Attorneys. “The caveat to this appears, however, to be that you may carry concealed cannabis in public, if the intention is to only consume it in a private space, away from under-age or non-consenting individuals.”

“What we are seeing is that most of our clients’ focus has been on the cultivation and commercialisation of cannabis itself. What is seemingly being overlooked are the secondary industries that will emerge or benefit from the legalisation of cannabis,” explains Maurice Crespi, Partner at Schindlers Attorneys.

“Take our M&R (medical and recreational) Cannabis Department as an example. Whilst not planned, it has emerged as a key department at Schindlers Attorneys. If cannabis legalisation presents an opportunity for attorneys, it begs the question as to what industry would not be presented with some form of opportunity as a result of its legalisation.

“Transport, courier services, injection moulding, advertising, fashion, accountants, medical, textiles and so on, are now all in a position to exploit the legalisation of cannabis to their benefit. I’m yet to think of an industry that will not be in a position to benefit from the legalisation of cannabis. Even Coca-Cola has found a way,” says Maurice.

Related: 10 Cannabis Business Opportunities You Can Start From Home

Grey areas yet to be resolved

“The question that has been left open, of course, is how and where does one get the cannabis seeds to grow the plants that one is now permitted to cultivate at home, or in private? Must these be shared, or can they be sourced or sold commercially?” says Paul-Michael.

“Until this answer is clear (we’re researching presently), it’s better to err on the side of caution. However, now that the major part of the fight is lost for them, I would be very surprised if Parliament doesn’t start appreciating the massive potential for increased tax revenue that would flow from a formalised and regulated cannabis industry.

“It serves almost everyone’s interests for them to entertain this option, especially because studies show that full legalisation decreases associated harms more than decriminalisation. Consider quality control, de-stigmatisation, elimination of the black market, beneficiation, and the list goes on,” explains Paul-Michael.

“That stated, SAHPRA (www.sahpra.org.za) is entertaining licence applications by growers and distributors for medicinal use of cannabis. The requirements are very tight but, for those able to comply and get licences, the commercial opportunity is almost unquantifiable,” says Paul-Michael.

Continue Reading

Compliance

Innovative Business Solutions And Compliance

Compliance with certification is a strong way to demonstrate that you are managing your business proactively.

Published

on

thinking-out-the-box

As a business owner, you are probably aware of where your business could improve. Sometimes a business owner would like to improve their business but is not sure how to begin. Therefore, it is of the utmost importance to develop an environment which will foster innovation and create key steps to improve your business while simultaneously trying to comply with all of the necessary legalities.

It is important for an entrepreneur to assess their situation first. Most business owners will ask the question why? Why can’t everyone will follow the same steps to success. Every business is different and unique, therefore, before you start making changes within your business, it is a good idea to make sure you have a full understanding of the factors affecting your business success and whether you are complying with necessary legalities.

Compliance may actually improve performance by giving your business a competitive edge. Legal compliance can assist you with improving your customer relations, enhancing your reputation and most importantly avoiding the cost of legal proceedings.

There’s this saying, ‘What gets measured gets improved’ explains Charles Gaudet, founder and CEO of Predictable Profits, a consulting firm that offers advanced marketing techniques to entrepreneurs who are passionate about expanding their small businesses.

Related: Compliance For Entrepreneurs

Here are a few strategies that you can use to make your business more profitable in the future.

Innovative Marketing solutions

For every business owner, marketing is an important tool to improve their businesses. You may think that you are missing an opportunity if you don’t jump right attracting customers with some type of marketing message.

However, as quoted by John Rampton ‘’one of the best things you can do to achieve growth is to slow down and spend time studying the trends.” What does this mean?  While rushing into marketing your product you tend to forget certain details, and once it is out in the public its difficult to forget or to undo. Therefore, its very important to research the market and consumer trends before launching anything.

This becomes very important when you consider the potential risk to your business for the infringement of another product, which is confusingly similar to your product. You also do not wish to be guilty of using a similar brand name, slogan or logo as one of your competitors.  Therefore, before you set out your personalised solutions when designing ads and directing messages to consumers ensure you are not infringing on anyone else’s rights as this will likely lead to expensive legal costs for your business.  

Compliance Breeds Confidence

It is important to remember that clients are concerned whether suppliers are properly compliant. Compliance with certification is a strong way to demonstrate that you are managing your business proactively and that the money a customer will spend i.t.o. buying your goods or services, is in safe hands. Conversely a failure in compliance can, as well as exposing you to the risk of regulatory sanctions, severely damage your business’ credibility.

Related: Why HR Legislation Compliance Can Curb Business Failure

For example, in the financial services industry there is an increasing requirement to demonstrate strong security to both external auditors and prospective customers.

With regulation that you feel is of no value, determine how to satisfy the requirements with the minimum effort necessary. Do, however, double check that you are not missing out on a benefit that may be rewarding for your business.

In conclusion, it is important to note when improving your business one always need to act in accordance with the correct laws and procedures. Therefore, if a company is embracing the difficult task of being compliant, I recommend using this as a competitive weapon to improve your business. It just might end up making you and your team better which is usually rewarded with more business.

Continue Reading
Advertisement

SPOTLIGHT

Advertisement

Recent Posts

Follow Us

Entrepreneur-Newsletters
*
We respect your privacy. 
* indicates required.
Advertisement

Trending