display:none
What Happens When Business Founders Want to Split Up?

What Happens When Business Founders Want to Split Up?

What Happens When Business Founders Want to Split Up?

Business Break-ups Can be Messy!

Unless the founders had something clear in writing beforehand, there is no end to the variety of things that can happen when founders want to go separate ways.

If there is nothing in writing and the split is not amicable, all sorts of time consuming, distracting and stressful things can happen. 

Here are some of the worst-case scenarios we have seen in practice, all where there was nothing in writing to start:

1. A Founder Dies Unexpectedly  

Whilst tragic at a personal level, it can also be very difficult for a business where one of the founders passes unexpectedly. Sometimes the family is aware of their business involvement, and sometimes they are not. In this case the family wanted the company to buy out the deceased founder’s interest in the business immediately and had some unrealistic expectations of what that interest was worth. 

Animosity was growing between the parties due poor communications. We were able to present a strategy which allowed for the progressive buy out of the deceased founder over a two year period, without interference by the family in the business, and at an amount set by a ‘desk top’ valuation completed by the company’s accountant. The family of the deceased founder were offered the opportunity to get an independent valuation, but at their cost, and the $11,000 price tag put them off.

2. One Founder is Stealing Money from the Business, and Another Finds Out

Unfortunately, this is not an uncommon scenario. 

We’ve seen this occur in a variety of businesses from software to building and construction, and it is rarely pretty, and usually a long and slow process of separation if nothing was agreed in writing when the business was founded. 

Too many people think “we don’t need a shareholder agreement, we will be fine” when they are all excited about getting started, and then when things go wrong, they have no protection.  

In one example with a tech company, there were four sets of lawyers involved and the end result was a comprehensive deed of release covering the transfer of shares, forgiveness of debts, payment of money, and indemnities from the exiting partner. There were no admissions of liability in the deed. The deed took more than 15 months to negotiate and some shareholders meetings to approve decisions. 

As long as the negotiations remain between the parties and their lawyers, law enforcement need not be involved. There is nothing that legally requires you to incriminate yourself or anyone else in the business. When fraud or theft is discovered and reported, it is usually through a third party.

3. A Founder Walks Away Without Notice, Making Demands

Things happen in people’s lives (like death, illness, an amazing job offer etc), and they can suddenly want out. This can be very hard on the people who want to continue with the business and a shock if not contemplated before one partner leaves. Business break ups are often referred to as like going through a divorce by the people affected. 

Sometimes people want out, and they want their money, whether or not there is any owed to them at the time. Many people exiting a business think in terms of the future value of the business, rather than where it is as they exit, and vastly overestimate both what it is worth and the capacity of the other parties, or the business to pay for the exit. 

If shares are to be transferred to existing business partners, then those individuals need to have the money to purchase the shares at the agreed value. In a start up phase, this is likely to be $1 a share and not onerous, but if the business has been running for a while and has some value, the remaining shareholders might not have thousands of dollars required to purchase those shares.

If the shareholder is exiting and the company is making a distribution or buying back the shares (not a simple process) then there needs to be sufficient funds in the company to pay out the exiting party. 

As long as you have clarity around ownership of assets, intellectual property and a realistic value of the business, then its just a process to be undertaken when someone leaves suddenly. If there is nothing in place, then it is a process of negotiation and often heartache before a resolution can be agreed. 

4. A Shareholder Stops Contributing

 In situations where you have people with different skills coming together to build a business, not everyone necessarily has the same energy to keep the business on track. We’ve come across several businesses where a lot of effort was required of one party in the initial set up (for example someone building an App or a Website) and then their contribution become maintenance only. Another person in the business might be responsible for promotion, and there work is constant, requires review and reinvention, and never lets up. 

An example we have is a digital business where the person responsible for service delivery got fed up with the lack of interest of the developer who originally built the website for the business. Their ongoing contribution was minimal and yet their deductions from the business stayed the same and the service deliver person felt like they were working to support two families, without any recognition.  

Differing levels of effort over time could have been written into a shareholder agreement and appropriately dealt with, with the service delivery person gaining a greater interest in the distributions over time. Unfortunately, they had nothing documented. Fortunately, the exiting party, being the person who initially built the site, was prepared to accept an independent valuation of the business and to be paid out over six months rather than an immediate exit. 

In another tech company, the exiting person was someone who thought that they were indispensable to the business, but kept upsetting customers to the extent they left. Again, and independent valuation was agreed and they accepted payment over time, but the process of getting to that point took 4 months and was disruptive to the business.  

5. A Founding Partner no Longer Gets on with Anyone Else in the Business

This was a strange scenario and there was no shareholder agreement. One of the founders had moved into the position of CEO of the business but was no longer on speaking terms with anyone in the business, whether other founders or staff. There were six founders, four of whom no longer had any involvement in the day-to-day operations of the business, but all were looking for a financial exit. 

The company did have prospects, but a sale was not going to be possible whilst the CEO still had voting power to stop it.  There was not enough cash in the business to buy out the CEO without adversely affecting cashflow. 

Through a succession of negotiations including an independent business advisor, we were able to get the CEO’s agreement to retire and stop being involved in the day-to-day operations, as well as converting his shares to a preference share which would be paid first in the event of any declaration of dividends or sale. The preference share had no voting rights. Tax consequences for the business and the individual were also examined before the transaction went through. 

Business operations were a lot smoother without the former CEO’s involvement and a sale was achieved within 12 months, with all founders getting paid. 

It is always easier to think through future scenarios and what is fair when everyone is excited about the business and getting started, and still friends. It is significantly harder, and more costly, to attempt to resolve an acrimonious split a couple of years down the track. 

We provide clients with questionnaires to help identify potential needs in the business, and how people might exit to get you thinking about what might become important when you get started, whether setting up a joint venture or a shareholder or unitholder situation. There a lots of options available.

How can Onyx Legal help you?

If you are or plan to go into business with someone else and you’d like to secure the future of your business, make an appointment with us to talk through your options. 

Employers’ Obligation to Protect Employee Mental Health 

Employers’ Obligation to Protect Employee Mental Health 

Employers’ Obligation to Protect Employee Mental Health 

What Obligations do Employers have for Employee Mental Health?

We’ve all taken a ‘doona day’ off work because we just can’t face it on that day. Or we know someone who has. It doesn’t matter whether the stress is arising from work or not, some days, you just want the world to stop, so you can get off.

But what about your obligations as a small business employer?

Employers have a duty to provide a safe system of work, which includes a duty to take reasonable care to avoid psychiatric injury to employees.

In the 2022 decision of Kozarov v Victoria, the High Court has stated that “the circumstances of a particular type of employment may be such that the work to be performed by the employee is inherently and obviously dangerous to the psychiatric health of the employee (just as other kinds of work are inherently and obviously dangerous to the physical health of the employee). In any such case, the employer is duty-bound to be proactive in the provision of measures to enable the work to be performed safely by the employee.

So, it is clear that if you have a business where the work is known to create a risk of PTSD (such as
emergency services), then you have an obligation to take steps to protect your workers. In the Kozarov case, the Court found that as a result of the type of work done (by a solicitor working constantly with young victims of sexual assault), the duty of care arose at the time the employee started work, and that no later event was required to raise a duty of care.

But what if you run a business which has no obvious inherent risk, like retail? There may not be an
immediately obvious duty of care, beyond the general duty to provide a safe work environment.

There is an earlier 2005 case (Koehler v Cerebos) in which the High Court states that an employer “is entitled to assume, in the absence of evident signs warning of the possibility of psychiatric injury, that the employee considers that he or she is able to do the job.”

What is an evident sign? 

As a small business employer your employment contracts may include a request that employees disclose any pre-existing condition or injury which might affect their ability to fulfil their role. Increasingly, and with less stigma being attached to mental health conditions, employees are disclosing existing conditions such as anxiety and depression in those declarations.

If you haven’t closely reviewed your employee acceptances of employment, perhaps now is a good time to do so.

There are also instances where employers engage people from employment agencies known to support individuals who have been out of the workforce for an extended period, or who experience a form of disability which impacts their ability to gain work. Some of those services are proud to state that they support people with mental health conditions. For example, EPIC shares that “Among EPIC’s cohort of job seekers, 38% have a diagnosed mental health condition.”

If you are engaging people you know have a mental health condition, or whom you should reasonably suspect may have a mental health condition, then a finding that there were “evident signs” of risk of psychiatric injury may well be made out. In those instances, as a small business employer, you should have in place a policy or process to ensure that someone in the workplace has the ability to identify and assist people with a mental health condition in order to provide a safe work environment.

As someone who has a lived experience of a suicidal crisis, MHFA Instructor, Donna Thistlethwaite, is passionate about creating safer workplaces.

“Often people spend more time with colleagues than they do with family and friends which may result in others miss the signs of poor mental health. 

 

Having the support of a MHFA trained colleague can facilitate someone accessing treatment and can speed up their recovery, allowing them to return to strong performance and reducing the impacts of poor mental health which can include absence, conflict and poor performance. The skills a MHFAider learns improves their communication skills in other areas of business.

 

Mental Health First Aid helps to break down stigma and educates participants to recognise the signs that they, or someone else, is experiencing a mental health problem. Early intervention results in faster recovery which is great for both the individual and the business.”

Donna Thistlethwaite Mentally Wealthy

You have a First Aid officer. Why don’t you have a Mental Health First Aid officer?

You might be in a position where you suspect there are people in the workplace with mental health issues, but don’t have the first clue about how to identify who they are and, in another instance, you might know you have people with mental health problems, but not how to get the best out of them.

So where do you start?

Take responsibility for the mental health of your workforce at work. If you sometimes wonder why it’s your problem and why employees can’t just ‘leave those issues at home’ and get on with their work, then someone with mental health first aid training could be a real asset in your workplace.

Once you realise you have the ability to make an impact, you empower yourself and your workforce and gain the potential to decrease the impact of mental health problems in the workplace.

Consider that almost 45% of people of working age are likely to experience mental health problems at some stage in their lifetime (ABS 2007), whether at home or at work, and if they are affected, their productivity will be too.

There are a large variety of support programs available for free to employees and small business employers, including the following:

Mental Health Resources for You and Your Workforce

 

Heads Up – https://www.headsup.org.au/ 
Mental wellbeing support for small businesses and individuals, including resources for employers, employees, managers and small business owners.

New Access – https://www.beyondblue.org.au/get-support/newaccess/about-newaccess 

A free coaching program, designed to provide accessible, quality services for anyone finding it hard to manage life stress using Low-intensity Cognitive Behavioural Therapy practices aimed to help people break the cycle of negative or unhelpful thoughts. 

Ahead for Business – https://aheadforbusiness.org.au/ 

Personalised resources and tools tailored to the specific needs of you as a small business owner.

[NSW] Mental Health at Work – https://www.nsw.gov.au/mental-health-at-work

– Free training and coaching for your workplaces, and other resources.

[QLD] Your Mental Wellbeing – https://mentalwellbeing.initiatives.qld.gov.au/ 

– Improving mental wellbeing resources for individuals.

[TAS] Mental Health and Wellness –
https://www.business.tas.gov.au/manage_a_business/mental_health_and_wellness

[VIC] Wellbeing and Mental Health Support for Victorian Small Business –
https://business.vic.gov.au/grants-and-programs/wellbeing-and-mental-health-support-for-victorian-small-businesses 

Mental health support for the challenges of running a small business.

[WA] Managing Stress and Anxiety – https://www.smallbusiness.wa.gov.au/people/managing-stress-anxiety

Some businesses and professional industry organisations also offer Employee Assistance Programs (EAP), which have been around for a long time and are relatively easy to implement. Unfortunately, some issues with EAPs have been the small amount of use due to lack of knowledge of their existence, the cost to the employer, and employees who may be concerned that their problems will be reported to the employer if they use the service (even though that usually does not occur).

Just as you train First Aid officers in the workplace, you can now also have trained Mental Health First Aid officers. The training is usually offered in mixed mode or face to face and provides valuable insight into recognising mental health conditions and how to support people with those conditions in the workplace.

Case Study

We were recently approached by a client who was concerned about the behaviour of a casual employee who failed to turn up for their shift after a discussion with their supervisor where the supervisor asked them to ‘go home and think about what you have done’.

Over the following weekend some text messages were exchanged between the supervisor and the employee attempting to clarify whether or not the employee was required for work on the Monday. One of the supervisor’s messages included words along the lines of ‘as long as there is no drama’.

These exchanges occurred in a context where the employer had engaged the employee from a disability support employment agency and knew that the employee suffered a mental health condition. In fact, the employee had stated “you told the agency you had experience working with people like me”. In the context of the employee’s condition (anxiety and depression), the condescending language expressed by the supervisor was more than unhelpful – it probably increased the employee’s anxiety and precipitated the employee’s failure to show for work on the Monday.

The employer consulted us about dismissing the employee for abandonment of employment.

Leaving aside that in a casual employment relationship an employee is entitled to refuse a shift without penalty (although here there was no clear communication to that effect), it is important that employers start considering the training of supervisors in the workplace to recognise and more appropriately respond to mental health conditions than was evidenced in the case study above.

Any employer that has more than 15 employees (so not a small business) should consider Mental Health First Aid training and having a Mental Health First Aid Officer (similar to a First Aid officer) in their workforce to better manage situations like that described here.

Clear, specific communication without the frustrated condescension may have completely changed the results of our client’s interaction with their employee.

Providing a safe work environment

As a small business owner, you don’t need another job to do that detracts from your revenue generating activities. However, you still need to provide a safe workplace.

Safety at work is making sure that workers and visitors are not exposed to avoidable risks and hazards. This is usually done by assessing the risks in your workplace and putting in place safeguards to reduce or avoid those risks. People in workplace health and safety can help you with this, otherwise there are a large variety of resources online to help identify and manage usual risks in, say, an office. You then have a policy or procedure or both in place to help employees manage that risk.

Not every single risk needs to be identified and managed. Every person is expected to have a reasonable measure of common sense; like, don’t stand on a chair with wheels to reach something on a high shelf!

Assessing risks and managing them has to be reasonable in the context of the workplace and the people working there. If you know you have people in your workplace with mental health conditions, then having something in place to support them is reasonable.

“Many workplaces are recognising the importance of having Mental Health First Aid, the training can provide participants with the skills to recognise signs of mental health, assist during a mental health crisis, offer initial help, and connect individuals to the appropriate professional, peer, or social services. It is important to recognise that a MHFA is not to provide counselling, their role is to assist and support, but with ongoing professional development training, a Mental Health First Aid Officer can play a vital role in the workplace by implementing wellbeing tools to create a mentally healthy working environment.”

Jo Stevens from The Zen Zone is an advocate for Mental Health and provides Professional Development Training for Mental Health First Aid Officers.

Mental Health First Aid training

Mental Health First Aid Australia offers a variety of training and courses to train mental health first aid officers for your workplace. A first aid officer is not a medical officer and doesn’t provide diagnosis or treatment. It’s about learning the skills necessary to recognise symptoms of mental health conditions and support someone with a mental health condition to identify that support is available and where to find it.

Mental Health First Aid training with The Thrive Movement

You will learn. How to assist an adult who may be experiencing a mental health problem or mental health crisis until appropriate professional help is received or the crisis resolves, using a practical, evidence-based action plan. Including Depression and Anxiety, Psychosis, Substance Use Problems, Suicidal Thoughts and Behaviours, Deliberate Self Harm, Severe affects of Drug and Alcohol Abuse.

This course is based on guidelines developed through the expert consensus of people with lived experience of mental health problems and professionals.

Why Attend. Evaluations consistently show that MHFA training is associated with improved knowledge of mental illnesses, their treatments and appropriate first aid strategies, and confidence in providing first aid to individuals with mental illness. It is also associated with decreased stigma and an increase in help provided. An added benefit you will know how to look after your mental health better.

What’s the Format?
The 12-hour course can be delivered in 1 of 3 ways:

  • Face-to-face: a 2-day course led by an accredited MHFA Instructor.
  • Blended face-to-face: a self-paced e-learning component, followed by a 4-hour face-to-face session led by an accredited MHFA Instructor.
  • Online: a self-paced e-learning component, followed by 2 x 2.5-hour video conferencing sessions led by an accredited MHFA Instructor.

Course and Instructor. For further information and enquiries for attending this course or a bespoke training for yourself or your team contact- ‘Derek Rogers of The Thrive Movement Australia’

How can Onyx Legal help you?

If you need help reviewing a risk assessment, an employment agreement, or preparing employee policies or procedures to support better mental health in your workplace, or simply concerned about managing one of your employees, make an appointment to talk with one of our team.

Selling Your Business? 6 Common Mistakes to Avoid

Selling Your Business? 6 Common Mistakes to Avoid

Selling Your Business? 6 Common Mistakes to Avoid

Before you make the decision to sell your business, you need to know how to avoid making the most common mistakes. 

Before you make the decision to sell your business, you need to know how to avoid making the most common mistakes. A little thoughtful preparation can save you time and money and help you avoid making decisions you might regret later.

For some people, going through the process of really thinking about what they are selling has led them to reconsider and make other adjustments in their business instead.

1. Not knowing what you want to sell

It sounds like common sense, doesn’t it? “I know what I want, I want to sell my business!”

But what does that look like?

We have worked with a few clients lately at different ends of the spectrum of preparation for sale. Some people know exactly what they are selling, have identified the assets to be sold and those not transferring with the sale, and know how much they want for it. They know whether the premises are part of it and what it looks like to transfer the premises.

Surprisingly, other people come to us to prepare contracts for sale, and we spend weeks trying to get clarity on what is included, what is not included, and what is actually necessary to ensure that the sale is made as a going concern and will therefore not attract GST.

And yes, if you didn’t get around to documenting a business sale when it occurred and would like it documented after the fact, that is still possible. Although it has its own peculiarities. 

The Australian Taxation Office (ATO) guidelines for sale of a going concern are straightforward:

  • everything necessary to continue to operate the business, including staff, equipment and premises
  • continue to operate the business up until the sale date
  • buyer must be registered for GST
  • there is a written agreement showing that ‘going concern’ has been agreed between the parties, dated before the sale is finalised
  • both parties are to be a single purchasing entity and a single selling entity to claim the GST exemption – there can be multiple enterprises but these have to operate as separate sales (ie. land and business)

To be a sale of a going concern you need to transfer everything that is necessary to the ongoing operations of the business. This still occurs in context. You might use certain software in your business (like Xero or MYOB) and consider that essential, but the buyer might have different software and no intent of changing. What is essential for the business is the customer and sales data, not necessarily the software.

Prudent buyers will complete searches and due diligence before offering to purchase your business. Ideally, you will have anticipated and prepared all the information the buyer might want to see before promoting your business for sale; this makes the due diligence process much smoother and quicker.

Apart from knowing what it is you want to sell and what you want for it, it is also important to consider whether it is important to you, or the continuation of the business, to sell the company or the assets.

Obviously, if you are operating through a trust, it is an asset sale, but if you are operating through a company, there may be an option to sell the shares in that company. Lots of advisers will caution against purchasing shares because more due diligence is involved, and you may not be able to discover any skeletons in the company closet until after the transfer is complete. Yes, we can write in indemnities etc., but it is considered a higher risk position that purchasing assets. 

However, there are regulated businesses where it may be much easier to transfer the company than attempt to transfer assets. For example, selling a business with government contracts, selling a business which has licenses or permissions that require an involved process, such as an RTO (Registered Training Organisation) if you are looking for potential buyers who do not already have that compliance set up.

2. Not getting advice early, whether legal, financial or from a business broker

Working with a business broker can help you identify what you are selling and the value of what you have to sell, before you go to market. Some business brokers are great, will work closely with you to achieve what you want and really look after your interests. Some aren’t.

We’ve worked with business brokers in the past who are so focused on getting their commission that they write the sales contract in favour of the buyer, and insist on controlling the contract contrary to any legal advice to the parties. This is where it helps if you understand what you are selling and what you want to achieve. You’re not likely to be persuaded to just take any sale.

Sellers don’t always consider planning for life after the sale of business (apart from much needed holidays) and may struggle to ensure they have adequately provided for their next venture, or even retirement. You want to be better off financially at the completion of the sale, instead of regretting your decision.

Achieving the best possible price means that careful planning needs to be in place; a quick sale due to financial pressure or personal reasons is can potentially impact your ability to achieve the best price for your business.

You can put processes in place to limit your risk and protect your interests. You can put boundaries around what you are prepared to commit as part of the sale in terms of your assistance to the buyer after settlement.

If you get appropriate advice before you sign anything, you have the opportunity to walk away from a transaction that is only going to cause you grief in the future.

I would add addressing PPSR’s, as they tend to get overlooked and can cause a big problem with completion. The main issue I have found is that most sellers do not have a comprehensive exit plan that details every step, especially the preparation stages that will make the process more seamless. 

Another process which is becoming more popular is to engage a registered business valuer, or other expert to complete a pre-sale audit report that that will highlight the true strengths, weaknesses, opportunities and threats confronting the business. 

Hugo Martin, Business Broker and Registered Business Valuer 

Getting appropriate tax advice

It is essential to consult with a tax professional to make sure you understand that tax implications of your sale and the amount of tax liability you will have to pay. GST, CGT and income tax may all need consideration depending on what you are selling, when and in what structure.

We are not tax lawyers, and you will need to consult your tax adviser for advice appropriate to your circumstances.

Ideally you will have your financial reporting for the past 2-3 years available for inspection by the buyer (after they have signed an NDA) and a business structure that is attractive to a potential purchaser. As part of the business purchase, the buyer will want to review the financial records of the business, because this supports the price you are asking the buyer to pay.

Another consideration will be the way the selling price is determined and if the future performance of the business will generate a percentage to be paid to you as the seller.

Stamp duty

Depending on which state or territory you are located, and where the buyer is, there may be transfer duty or stamp duty on the sale of the business.

Duty is usually calculated on the arm’s length value of the business sale. So, if you transfer the business to a friend or relative at a discount, you may need to submit an independent valuation with the application for assessment.

Depending on the value, nature and place of business, an item like goodwill can still attract transfer duty. The sale of goodwill alone does not always attract stamp duty, but that type of sale is also not likely to be a sale of a going concern. Lots of different things need to be taken into consideration.

Case Study

An example of where goodwill was found not to be included in a sale was a case involving the sale of two McDonald’s restaurants in NSW. The Chief Commissioner for Taxation assessed stamp duty on the sale price and included an element for goodwill. The restaurant owner argued that the goodwill was not sold and instead remained the property of McDonald’s due to their licence agreement. The Court held that any goodwill the restaurant owner enjoyed would be terminated at the end of the licence agreement. In those circumstances it was determined that no goodwill was transferred, and no duty was payable by the restaurant owner in respect of goodwill.

3. Not understanding the ownership of the assets in the business sale

A little careful pre-planning for sale will ensure that the correct assets are in the correct business entity name and will attach to the sale.

We’ve had interesting situations in the past where clients have, at the last minute and only after we’ve reviewed a contract from the potential buyer (it’s not always the seller who prepares the contract, although that is a good idea) that it was discovered some of the assets sat in a forgotten entity that was about to be deregistered by ASIC. The company was quickly reinstated and added to the sale contract as one of the sellers.

In that instance it was a trade mark registration, but it could just as easily have been a motor vehicle, manufacturing machinery or office equipment.

To help you think about your business, the assets of the business are defined in the Real Estate Institute of Queensland (REIQ) Business Sale Contract, under Clause 3.1 to include the following:

  • Goodwill
  • Fixtures
  • Fittings
  • Furniture
  • Chattels
  • Plant and equipment
  • Industrial and intellectual property
  • Work-in-progress
  • Stock in trade
  • Permits
  • Licenses
  • Any other assets listed by the parties

There are usually warranties in the contract for sale of business that you as a seller give, promising that the assets are ‘unencumbered’ or not subject to the interests of another party, like a financier.

It will be a necessary part of the sale to provide clear title for the assets, including paying out any lenders who hold the existing loans and securities registered under the Personal Property Securities Register (PPSR). If this does not happen before or at settlement, then if the buyer defaults on the payments, the financier can repossess the asset.

4. Not understanding what is going to happen with your employees

Do you tell them, or don’t you? And when?

If you are about to list your business with a broker, then it’s a good idea to have a discussion with your staff beforehand. You don’t want to embarrass your employees by having them find out from someone else that their job might be at risk.

Some buyers will be interested in all your staff. Some buyers may be interested in some of your staff and some buyers just want the assets and don’t want any people. The size of your business, and the size of the purchaser, are likely to make a difference.

If you are listing with a broker, you can let the broker know what your expectations are around your staff – that they buyer will take them, or the majority of them.

It is the option of the purchaser to make your employees an offer, or not. You can’t force a new owner to take all your employees. You also can’t force your employees to work for a new owner. Some careful negotiation may be needed.

As a seller, you will be under an obligation to give all the employee details for transferring employees, their entitlements, any accrued leave and the pay rates and any Awards they might be employed under.

If the purchaser does not take your employees, then you will need to pay out their entitlements, which may include accrued bonuses, annual leave, long service leave, notice or redundancy. If you are thinking ahead and have a year or so before you expect to put your business up for sale, you might consider reviewing what entitlements have been accrued and suggesting some people use their leave.

Once offers and agreements with the employees have been made by the buyer, there is likely to be an adjustment to the purchase price for some entitlements, such as personal leave, annual leave, long service leave and accrued bonuses.  

If you need advice on understanding what is going to happen and what your responsibilities will be, and even answering your employee’s questions, then let us know and we are happy to help.

5. Not thinking about what you will do with the premises if not part of the sale

Not every business requires an office and with the changes in working habits brought about by COVID, a buyer may not be interested in taking over any premises you have for your business. So where does that leave you?

If the buyer does want your premises:

  • If you lease the premises, then you will need the landlord’s consent to a novation or assignment of the lease. A novation gets you out of any liability associated with the lease and an assignment means you are still on the hook (financially liable) until the lease ends, which may include option periods.
  • If you own the premises, you may be able to negotiate a sale in conjunction with the sale of business.
  • If you own the premises, you may be able to negotiate a lease with the new business owner, and yes, the lease still needs to be documented separately from the sale of business.

Most landlords are prepared to agree to an assignment but not a novation. Why not have two people responsible for covering the lease when you have no obligation to let the first tenant out?

If the buyer doesn’t want your premises:

  • Think about how much time you have left on the lease.
  • Think about alternate uses for the premises.
  • Consider whether you still have a use for the premises, or if you need to break the lease.
  • Instead of breaking the lease, you may be able to find someone else to take over the lease – again by novation or assignment, or you may be able to find someone to sublet some of the space from you to reduce your costs.

It is not uncommon for a business to ‘hold over’ after the end of a lease on a month-by-month tenancy pending a sale of business to limit the risk of having to maintain a lease without a business to fund it. We’re happy to talk through your options with you.

6. Forgetting to transfer licenses, permists and social media accounts

Some businesses need specific licences and permits to trade.

Think about:

  • food business licences
  • liquor licences
  • building trade licences
  • transport licences
  • commercial parking permits
  • and so on

The buyer’s expectation will be that the business sale contract includes at least reference to necessary llicences and permits, and possibly your cooperation in transfer, if that is available. Some permits require a new application from the buyer and that takes time. The buyer might ask you to stay in the business as the licence holder pending their application. If so, you will need to think about your risks if their application is unsuccessful. It is possible that the sale will fall over if the purchaser cannot get the necessary permits or licenses.

Online assets

Business brokers don’t always consider your online assets when helping you prepare for sale. In our online world where people increasingly search online to find what they are looking for, online assets can have a significant impact on the continued operation of the business.

Whatever you use to promote your business online is your intellectual property and needs to be part of the sale.

Your domain name, business website (a domain name and website are different things) and social media accounts will also need to be transferred across to the new owner. Different platforms have different requirements and its important you understand what you have to do when settlement comes around.

How can Onyx Legal help you?

If you are thinking of selling, have a chat with us before the deal is done. If you’ve found a buyer and want to move forward, we can prepare your contract for sale and if you’ve somehow sold without any written agreement and would just like to clarify any remaining liability before anyone forgets what the agreement was.

12 Common Issues with Privacy Policies

12 Common Issues with Privacy Policies

12 Common Issues with Privacy Policies

1. Thinking a simple privacy policy template will do the job

For many small business owners, protecting the privacy of personal information just isn’t a priority. There are lots of reasons for that.

  • Not placing any value in a privacy policy or the protection of personal information
  • Not knowing what makes up personal information
  • Not realising when the business is collecting personal information
  • Not understanding what the business is doing with personal data after its collected
  • Thinking that publicly accessible data, like through Facebook or a website, means its ok to collect it
  • Not understanding the difference between privacy and confidentiality, or the importance of privacy
  • Having competing priorities – like the need to make money – that mean privacy always sits on the back burner

A template might work. It might not. If you never read it or attempt to understand it, it probably won’t help your business meet its legal obligations.

I have heard of a company that copied and pasted their privacy policy from a crematorium, without having read it. One of their customers pointed out to them that it was a little weird to read about burial when that wasn’t their business.

Are you prepared to put your credibility at risk?

If you don’t know what your obligations are, how do you know a simple template will protect your business?

2. Copying and pasting a policy from somewhere else

It is easy to check out a friend’s website or a competitor’s website and decide to simply copy and paste what they have done. A friend might even offer it. The problem with getting help from friends like that is that they probably don’t understand their own privacy policy or the legal impact it can have on your business.

I’ve even come across a business spruiking a service of theirs offering advertising through Facebook that simply linked the privacy policy of a random website they did not have any control over, not having read it, understood it or worried about the promises they were making by using that privacy policy and simply seeing it as a ‘hurdle’ to overcome to get their adds showing in as many feeds as possible.  That is potentially misleading and deceptive conduct offending both privacy law and consumer law.

If you haven’t read it or don’t understand it or are looking at a website from outside your country, don’t put your business at risk by copying and pasting a privacy policy from someone else’s website.

3. Thinking a cookie policy covers privacy obligations

Having a cookie policy or a cookie choice pop up on your website doesn’t meet your obligations to protect the privacy of personal information.

Cookies may not be classified as personal information. Cookies can be functional (you won’t get full use of the website without them), performance focused (like analytics), focused on personalisation (like advertising based on your search history), or marketing focused.

Cookies are little data packets that store enough information to identify you when you return to a site for the purpose of say, pre-filling your username or password, or adjusting the display of a website, or advertising to better reflect your preferences. Cookies have to be matched with other data before they can be used to identify you and the information stored is not generally available for inspection. Cookie data may be collated to create a picture of who you are.

There was a ‘horror’ story that went around some years ago about a pregnant teenager being discovered by her family because her search history meant her parents got served advertising for pregnancy help.  The cookies didn’t identify her, but enable her parents to put two and two together.

Personal information is information about an individual which by itself identifies that individual, or with other information can be used to identify an individual. Types of personal information can include:

  • photo
  • name or alias
  • postal, street or electronic address
  • enrolment in a course
  • testimonial
  • biological samples
  • genetic data

So, a cookie pop up by itself just won’t cut it.

4. Never reading your own privacy policy

If you don’t know what your privacy policy says, how can you possibly be implementing the protections necessary to protect the personal information you are collecting?

How many businesses do you know have a blank page when you click on the privacy policy link in the footer of their website? Clearly they missed checking what was supposed to be written on that page. Your web developer or tech person is not responsible for you meeting your privacy obligations. They probably know marginally more than you do about your privacy obligations, are not lawyers and shouldn’t be uploading just anything for you.

5. Not understanding your own privacy policy

Privacy obligations only apply to information about real people – whether in their personal or business capacity – but do not apply to companies or other entities. Depending on where you are in the world, privacy obligation may also be limited to people who are still alive, and not the deceased.

So, what do you do with the personal information you collect? Unless you use integrated technology, you probably have data about your clients and supplies in a variety of places:

  • your CRM
  • your finance software
  • your email marketing software
  • your email management system
  • a project management tool
  • other software used in your business

Whilst the problem of keeping information consistent across databases is widely acknowledged, the type of protections each of those systems offer, and how you use them, probably isn’t.

For many types of businesses, your privacy obligations mean that you can’t send data overseas without the consent of the person providing it. This is particularly so for financial or health data. Personal trainers, life coaches, psycho-therapy providers all collect health data and probably don’t realise that every email they send pushes personal information overseas.  

I’ve also gone to privacy policy links on websites that don’t cover privacy at all, and in fact display the e-commerce terms of that business instead, which perhaps a throwaway line saying “we respect your privacy and will never sell your personal information.” That is not a privacy policy.

6. Not considering any procedures to support your policy

When you run a small business, the people who work with you, employees or contractors, need to understand your priorities around personal information and what can and cannot be done with it.

Do you allow contractors to keep contact details on their mobile devices outside your systems?

What controls or oversight do you have over what they are doing with their mobile device each day?

How many times have you seen parents hand a mobile device to their child to keep them quiet or entertained? Do you know the personal data of others isn’t being accessed?

For businesses in Australia which are obliged to comply with the Privacy Act 1988, there are now also mandatory data reporting obligations so that if any data is lost or accessed, it needs to be reported. Leaving a device on public transport can be a reportable event if that device cannot be remotely locked and contains any personal information that is supposed to be controlled by your business.

7. Not knowing where you are collecting data or what you are doing it

We’ve spoken with many small business owners who simply don’t realise how often or in what way they are collecting data.

  • a form filled through a website
  • an email received
  • a video conference recorded
  • a note made of a telephone conversation
  • a voicemail received
  • video feedback recorded and sent by a client
  • patient notes written and yet to be filed

All these examples involve the collection of personal information. Does your business have protocols in place for the destruction of information that is no longer required for the purpose of your business? Privacy law generally requires that you only collect what is necessary, and destroy it after it is no longer required. Interestingly, many large organisations, like banks, appear to keep your information indefinitely.

The GDPR (regarding information about EU residents) now requires that you monitor what you collect, how you collect it, and how long you keep it.

We can help you put together policies to assist people in your workplace to manage how information is collected, stored, used and destroyed.

8. Not updated to match data practices

Laws are changing all the time. If you haven’t looked at your privacy policy for more than two years, it is probably time you did.

Not only that, but if you’ve changed the software or technology you are using recently, that should also prompt a review of not only your privacy policy, but also the privacy policy of your new software or technology provider.

You might be offering a new product or service that means you collect additional information from your clients, more than you did previously.

You might have started working with another business in a joint venture, which means they now have access to some of your personal information, and vice versa.

Take time to review your practices and procedures for managing personal information and privacy, as well as checking that you are legally compliant with your obligations.

9. Doesn’t address all the different people affected – customers, partners, developers, general users

You may or may not treat personal information from different relationships in the same way. By relationships, consider the different people you interact with in your business – your clients and customers, your suppliers, your employees and contractors, volunteers, etc.

Consider: if you still have a business that uses paper forms, you might have collected similar or only slightly different data on different forms. You might scan that information and store it electronically, but then what happens to the paper copy? Is it securely destroyed? Is it stuck in a filing cabinet somewhere? Is that filing cabinet locked? Is any member of staff able to access that filing cabinet?

Do you have forms to be filed sitting on someone’s desk without any security or privacy around that information?

Do you have phone numbers written on a white board that can be seen from outside your office? This happened on a morning TV cross to a bank financial data room.

You might have a list of supplier details stuck on a wall, or a piece of paper near the computer.

If you treat the personal information you collect about different groups of people differently, all those scenarios need to be covered.

10. Hiding the terms

If your business has privacy obligations, you should share how you meet those obligations with the people whose data you collect. So, if you have employees, you should have an employment policy around how you manage their personal information.

If you have customers, you should have a policy about how you manage their personal information and what you do with it.

The easiest way to share a privacy policy with customers and suppliers is through your website and the convention is to have a link to that policy in your website footer.

A link to a blank page is not helpful.

11. Wrong laws or no laws

A contract came across my desk the other day between two Queensland, Australia based small businesses. Goodness knows where they got it. The agreement was four years old and mentioned the laws of Ontario, Canada as the governing law. No, no, no, no. Not helpful at all!

If you copy and past a privacy policy from someone else there is a risk that you have inadvertently referred to laws that don’t even apply to your business. Like COPPA, the Children’s Online Privacy Protection Act which is law in the United States. Reference to that law in another country is likely to be inaccurate and potentially misleading, or create obligations in your business that never actually existed until you voluntarily assumed them.

If you’ve copied something from overseas, it is also possible that you’ve not complied with the laws that do apply to your business, putting your business at risk.

Although there are certainly some similarities in obligations in different countries, law is not universal and there are often inconsistencies within countries, particularly federated countries, as well as between countries.

Make sure you are undertaking to comply with the laws that apply to your business.

12. Hard to read – legalese or no whitespace

Lastly, don’t make your privacy policy so hard to understand that people don’t or won’t read it. If you write for the comprehension level of a child of around 12, then most people who read your privacy policy, whether customers, suppliers or staff, will understand it.

You shouldn’t need a post-graduate degree to make sense of what has been written. It doesn’t help your business or anyone else you deal with. Back in 2019 The New York Times did an article about readability and found that Facebook’s then privacy policy was more difficult to read than Stephen Hawking’s ‘A Brief History of Time’. Don’t be that business.

Simply headings like:

  • How we collect your personal information
  • What we do with your personal information
  • Where we store your personal information
  • Your rights regarding the personal information we have collected about you

All make it easier for someone reading your privacy policy to make sense of what it is you do to help protect them. Short sentences, simple words, easy to follow headings, pleading of white space, all aid understanding.

If you are not sure, get a child you know to read your privacy policy out loud and ask questions about anything they don’t understand. If they stumble over a sentence, or have loads of questions, go back to the drawing board.

How can Onyx Legal help you?

If you’d like help reviewing or updating your privacy policy, or perhaps having one tailored to fit your business and your business processes, sent an email to advice@onyx.legal with a link to your policy (if you have one) and let us know what you’d like to achieve.

Your Quick Legal and Cyber Check on Your Website

Your Quick Legal and Cyber Check on Your Website

Your Quick Legal and Cyber Check on Your Website

Start by completing our quick audit questionnaire to work out what are some legal issues when creating a website. Then read below…

Domain Name Legal Issues

Your domain name is like a post office box. You lease it, you don’t own it. Your registrar is like the post office. They will only talk the person who is authorised as the registrant of the domain name. That might not be you!

If you don’t know where your website is registered – GoDaddy is a commonly known registrant – this could be a problem if you want to sell your online business and cannot transfer the domain name. If you don’t ensure your registration fees are paid regularly, then you could lose your domain name and it is not easy to get them back.

When agencies first started building websites for businesses, a lot of companies registered the domain names to their agency rather than you, their client. This became a problem for people when their small web designer gave up their business, or their web designer held them to ransom, requiring a payment equivalent to purchase before releasing the domain name.

We’ve had a prospective client come to us running a business using a specific domain name, and no part of that domain name was protected by trade mark or copyright. For whatever reason, they let their registration lapse. Of course, the domain name was sold to someone else. That someone else happened to be a local competitor to them. They came to use 2 years after the domain name had lapsed and their competitor was using it and asked us to help them get it back. We told them we couldn’t help. There was no basis for them to claim exclusive ownership, it took them two years to take any action and the time, money and effort required to even attempt to get it back was more than they were willing to invest.

Trade marks are almost the only thing that can give you superior rights to anyone else for registration of a domain name, and even that won’t stop someone using the same domain name in a different industry from using your name. Just try searching ‘Onyx Australia’. We might be the only legal firm with that name, but we are not the only business with that name in the country.

ACTIONS:

  • Identify your registrar and make sure you have login details
  • Confirm the registrant name (hopefully not a company you since closed – it has happened)
  • Make sure you have auto-renewal and up-to-date payment details in place

Our team at Onyx Legal can help you find out who the registrant is and make sure you have control over your domain name.

Hosting & Backup Legal Issues

All of the information that people can watch and read on your website is stored and then accessed via the internet. You pay a hosting provider to store that content and make sure it is available when people look for it online. If you don’t know who your hosting provider is, who can you talk to if your website is ‘down’ and not visible? You might be working through an agency and contact them.

There is a lot of factors that can impact your website hosting including whether your website is on a shared server or an individual server. On a shared server, one website with malware can have every website on the server temporarily shut down. If you site is impacted by malware and taken down, it can impact your results in advertising or search results when clients are looking for you. The responsibility for those things may sit with you, or your agency, or your hosting provider. Check your terms and conditions of hosting.

The type and local of your hosting provider can also impact the speed of data upload to or download from your website. If you don’t have automatic payments set up on your hosting, you might find your website is down and if you don’t know where your website is hosted, any information you collect through your website, like personal data, may be going around the world before it comes to you – which could be an issue in managing your privacy obligations.

Backups are important in reducing your cyber risks.

There are lots of products that enable you to backup your website to the server where it is hosted. This might not be effective if you get hit with ransomware. If you have a separate backup on a system that you know works and can be reinstated quickly, then you have a better chance of a quick recovery from a ransomware attack. Always check that your backups work and your site can be quickly reinstated. Backup regularly.

Like backups, password protection and sensible username application can also make a huge difference in managing the cyber risks to your website and your business.

The team at Onyx Legal can help you find out who your hosting provider is and how to protect your content.

Website relationships and the terms and conditions to manage them

In a high street shop front, everyone is trained in the rules of what is considered appropriate behaviour in stores from a young age, so much so that we take it for granted. Things like – if you break something, you pay for it, if the shop is closed then you can’t come in, you have to pay for what you buy before you leave the store and so on. The common courtesies like don’t disturb other shoppers, if you are asked to leave then leave, and don’t steal are also taken for granted.

Online, you sometimes need to remind people of the rules. You can also set some rules to control your own online space.  Think about the big sites like eBay, Craigslist, Facebook, and Google. If you don’t follow their rules, they can stop you from using their services and there is almost nothing you can do about it.

You have the same ability to control how other people access and use your website and the information you provide. Every different interaction available on your website creates a different relationship that you may need to manage through terms and conditions.

You will normally find a link to terms of use in a website footer. Following that, convention is sensible if you want to argue that your terms and conditions are binding on your website visitors or users.

We’ve had a client who neglected to have terms and conditions on their website and had to pay a $125,000 claim for defective products because they failed to disclose that they were just the importing agent for the manufacturer and set any contractual terms around their supply.

If you are working in any sort of industry that is regulated, either by government or a professional organisation, a disclaimer may help limit the risks to your business. Disclaimers can also provide a great opportunity to remind your clients of their responsibilities

Onyx Legal can help you tailor terms and conditions that fit your business, your industry, and make sense to your customers.

Legal Issues with Website Content

What you publish on your website, whether you put it there or someone else did, is your responsibility. If you have been creative with the truth, copied something from someone else, used a form of software that allows you to ‘snip and spin’ other people’s content and publish it as your own (We were horrified! It was so obviously copyright infringement, and the client thought it was perfectly fine because they paid for the software and assumed the developer was doing the right thing around copyright. Wrong! It slowed their website development down a bit) then that’s on your head – no one elses.

You need to be aware of any regulations applicable to your industry (for example – health services in Australia can’t use testimonials about the health service), stay within the bounds of consumer protection legislation, not infringe the intellectual rights (trademark, copyright etc) of others and protect the privacy of visitors to your website.

Onyx Legal can help assess your level of compliance, where you might have risks and make some recommendations around improving your website from a legal perspective.

How can Onyx Legal help you?

If you scored badly on the website legal and cyber self-audit and would like us to carry out a more comprehensive audit and make some recommendations, make an appointment with the Onyx Legal team now..