display:none
Your Quick Legal and Cyber Check on Your Website

Your Quick Legal and Cyber Check on Your Website

Your Quick Legal and Cyber Check on Your Website

Start by completing our quick audit questionnaire to work out what are some legal issues when creating a website. Then read below…

Domain Name Legal Issues

Your domain name is like a post office box. You lease it, you don’t own it. Your registrar is like the post office. They will only talk the person who is authorised as the registrant of the domain name. That might not be you!

If you don’t know where your website is registered – GoDaddy is a commonly known registrant – this could be a problem if you want to sell your online business and cannot transfer the domain name. If you don’t ensure your registration fees are paid regularly, then you could lose your domain name and it is not easy to get them back.

When agencies first started building websites for businesses, a lot of companies registered the domain names to their agency rather than you, their client. This became a problem for people when their small web designer gave up their business, or their web designer held them to ransom, requiring a payment equivalent to purchase before releasing the domain name.

We’ve had a prospective client come to us running a business using a specific domain name, and no part of that domain name was protected by trade mark or copyright. For whatever reason, they let their registration lapse. Of course, the domain name was sold to someone else. That someone else happened to be a local competitor to them. They came to use 2 years after the domain name had lapsed and their competitor was using it and asked us to help them get it back. We told them we couldn’t help. There was no basis for them to claim exclusive ownership, it took them two years to take any action and the time, money and effort required to even attempt to get it back was more than they were willing to invest.

Trade marks are almost the only thing that can give you superior rights to anyone else for registration of a domain name, and even that won’t stop someone using the same domain name in a different industry from using your name. Just try searching ‘Onyx Australia’. We might be the only legal firm with that name, but we are not the only business with that name in the country.

ACTIONS:

  • Identify your registrar and make sure you have login details
  • Confirm the registrant name (hopefully not a company you since closed – it has happened)
  • Make sure you have auto-renewal and up-to-date payment details in place

Our team at Onyx Legal can help you find out who the registrant is and make sure you have control over your domain name.

Hosting & Backup Legal Issues

All of the information that people can watch and read on your website is stored and then accessed via the internet. You pay a hosting provider to store that content and make sure it is available when people look for it online. If you don’t know who your hosting provider is, who can you talk to if your website is ‘down’ and not visible? You might be working through an agency and contact them.

There is a lot of factors that can impact your website hosting including whether your website is on a shared server or an individual server. On a shared server, one website with malware can have every website on the server temporarily shut down. If you site is impacted by malware and taken down, it can impact your results in advertising or search results when clients are looking for you. The responsibility for those things may sit with you, or your agency, or your hosting provider. Check your terms and conditions of hosting.

The type and local of your hosting provider can also impact the speed of data upload to or download from your website. If you don’t have automatic payments set up on your hosting, you might find your website is down and if you don’t know where your website is hosted, any information you collect through your website, like personal data, may be going around the world before it comes to you – which could be an issue in managing your privacy obligations.

Backups are important in reducing your cyber risks.

There are lots of products that enable you to backup your website to the server where it is hosted. This might not be effective if you get hit with ransomware. If you have a separate backup on a system that you know works and can be reinstated quickly, then you have a better chance of a quick recovery from a ransomware attack. Always check that your backups work and your site can be quickly reinstated. Backup regularly.

Like backups, password protection and sensible username application can also make a huge difference in managing the cyber risks to your website and your business.

The team at Onyx Legal can help you find out who your hosting provider is and how to protect your content.

Website relationships and the terms and conditions to manage them

In a high street shop front, everyone is trained in the rules of what is considered appropriate behaviour in stores from a young age, so much so that we take it for granted. Things like – if you break something, you pay for it, if the shop is closed then you can’t come in, you have to pay for what you buy before you leave the store and so on. The common courtesies like don’t disturb other shoppers, if you are asked to leave then leave, and don’t steal are also taken for granted.

Online, you sometimes need to remind people of the rules. You can also set some rules to control your own online space.  Think about the big sites like eBay, Craigslist, Facebook, and Google. If you don’t follow their rules, they can stop you from using their services and there is almost nothing you can do about it.

You have the same ability to control how other people access and use your website and the information you provide. Every different interaction available on your website creates a different relationship that you may need to manage through terms and conditions.

You will normally find a link to terms of use in a website footer. Following that, convention is sensible if you want to argue that your terms and conditions are binding on your website visitors or users.

We’ve had a client who neglected to have terms and conditions on their website and had to pay a $125,000 claim for defective products because they failed to disclose that they were just the importing agent for the manufacturer and set any contractual terms around their supply.

If you are working in any sort of industry that is regulated, either by government or a professional organisation, a disclaimer may help limit the risks to your business. Disclaimers can also provide a great opportunity to remind your clients of their responsibilities

Onyx Legal can help you tailor terms and conditions that fit your business, your industry, and make sense to your customers.

Legal Issues with Website Content

What you publish on your website, whether you put it there or someone else did, is your responsibility. If you have been creative with the truth, copied something from someone else, used a form of software that allows you to ‘snip and spin’ other people’s content and publish it as your own (We were horrified! It was so obviously copyright infringement, and the client thought it was perfectly fine because they paid for the software and assumed the developer was doing the right thing around copyright. Wrong! It slowed their website development down a bit) then that’s on your head – no one elses.

You need to be aware of any regulations applicable to your industry (for example – health services in Australia can’t use testimonials about the health service), stay within the bounds of consumer protection legislation, not infringe the intellectual rights (trademark, copyright etc) of others and protect the privacy of visitors to your website.

Onyx Legal can help assess your level of compliance, where you might have risks and make some recommendations around improving your website from a legal perspective.

How can Onyx Legal help you?

If you scored badly on the website legal and cyber self-audit and would like us to carry out a more comprehensive audit and make some recommendations, make an appointment with the Onyx Legal team now..

How to Complete a Quick Legal Audit of Your Business

How to Complete a Quick Legal Audit of Your Business

How to Complete a Quick Legal Audit of Your Business

Running your own business can be a juggle. So how do you know if you are putting yourself at risk? Consider doing a quick legal audit of your business to find out whether there are any potential cracks that you may need to fix.

We’re going to focus on structure, relationships and risk management.

Start with your Business Structure

When was the last time you thought about what business structure you have and if it still works for you?

Many people start small businesses as sole traders and continue that way until something bad happens, like a threat of court action or an unexpectedly large tax bill. Other people set up multiple companies or trusts and then lose track of them. Some people change the style of delivery of their business and then need to review how everything is done.

Some recent examples for our clients have been:

  • A client selling a business discovered that the business trade mark was registered to a company they had forgotten about. They had moved and hadn’t updated their contact details with the company register. The company had ‘strike- off action in progress’ recorded against it in the register. The quick fix there was to pay outstanding invoices to the register and update contact details.
  • Another client set up a second company in the US and separated its business delivery by area, some under its Australian company and some under the US company. Customers are now able to choose their area before checkout. Taxes had to be accounted for in each different country and in Australia that meant the invoicing had to identify the Australian company and the GST paid, which initially it didn’t. A few technical tweaks in the delivery software fixed the problem.
  • A couple started a business as a hobby as a sole trader under the name of one of them. Twelve months later they came to us asking about asset protection. Initially, it appeared that the structure didn’t need to change because they hadn’t really started generating any income. A little further in the conversation disclosed that one of the partners held shares, an investment property and crypto-currency in their own name and it became clear that a different structure was needed to isolate those assets from any potential risks in the business.

Audit questions for you

  1. What legal structure do I use for my business? Can I find the documentation?
  2. When was the last time I reviewed that structure?
  3. Are my business contact details up to date with all regulators?
  4. Do I know my business identification number (in Australia it is an ABN)?
  5. Are my invoices correctly set out for compliance purposes?

Then Think About All Your Business Relationships

Mind mapping might help you identify all the different types of business relationships you have. Think about your business from the inside out, starting with you and ending with the general public.

You might have relationships with some or all of the following groups:

  • Business partners
  • Investors
  • Employees
  • Contractors
  • Suppliers
  • Affiliates
  • Sponsors
  • Advertisers
  • Joint venture partners
  • Clients
  • Customers
  • Subscribers
  • General public

Each different relationship potentially has different risks, obligations and responsibilities, and those things are much easier to keep track of if they are documented.

Lots of people who come to us have operated their businesses on verbal agreements or exchanges of emails successfully for years. There is nothing wrong with that, but if something goes wrong, your options are likely to be more limited than if you had a written agreement to refer back to when resolving the problem.

Most people can’t remember what they did a week ago. Don’t expect to be able to remember exactly what was agreed with someone months or years ago.

Some recent examples for our clients have been:

  • A business break-up. The parties had not documented their relationship or what would happen if the business came to an end. They had a meeting with their accountant to agree on how to close the business, but then one party decided not to follow that plan, and it hadn’t been documented and agreed in writing on the day, so became a dispute. The simple fix would have been to have a shareholder agreement in place within a short time before or after starting their business, whilst relationships were still good, and the parties were able to speak sensibly and logically to each other.
  • Another client had been operating their business without any hassles for years. The nature of their business meant that there was always a sponsor between them and their end customer. For the first time, a sponsor acted as gatekeeper and stopped the supply of products from our client to the end customer based on their assessment of the quality of the product. Each product was developed by our client’s labour, unique to the client, and our client could not be paid if the products were never put in front of their clients. Difficult situation. We prepare terms and conditions of service between our client and their sponsors to ensure that sponsors who behaved in that way would have to pay our client and amount equivalent to their lost income.

Consider whether you have anything in writing to help you manage all of the relationships in your business. Some examples are as follows:

Business Partners

A business partnership works well when both parties are on the ‘same page’. A clear and transparent agreement will help you quickly resolve any potential issues in the future, regardless of the structure you are using to operate.

Business relationships will be covered to a limited extent in founding documents, like constitutions or trust deeds, but those documents are designed more for setting out the rules of governance of an entity, than managing the relationships of the people involved. For older businesses, governing documents might be completely outdated and no longer compliant with changes in law.

Types of documents you may already have in place or like to have in place could include a partnership agreement, or a shareholder’s agreement, or a unitholders agreement. If you’re working with someone on a side gig, you might need a contractor’s agreement or a joint venture agreement.

Employees

Whenever you employ someone, you will have certain information you need to collect and compliance obligations you need to meet, before even considering whether you want to create company policies to help guide your workers.

Consider the following:

  • notices required under regulation (in Australia we are required to give a Fair Work Information Statement to employees before they start work)
  • information that needs to be securely collected and protected, like tax information
  • an employment agreement
  • a position description
  • health and safety information
  • company policies – social media policies and work from home have been important recently

Also think about any insurances you are legally required to have in place for your employees, in Australia that will be Workcover insurance.

Contractors

Engaging a contractor without a written agreement is not an ideal position to be in if something goes wrong. Even if you have a written agreement, sometimes it isn’t sufficiently clear.

The biggest issue we’ve managed for clients when contractor agreements have gone wrong is clearly identifying the required deliverables and whether they were met or not.

If you engage a contractor on their terms and cannot measure what was to be delivered by the end of the month before you pay them, then don’t be surprised if you don’t get what you expected. Be clear before you engage a contractor what you want them to deliver, and if you can’t, at least have the ability to set measurable results you expect on a weekly or monthly basis. If you don’t, make sure you can end the agreement at any time without penalty.

In some industries there are minimum legal requirements for contractor agreements which can include terms of payment including frequency.

Clients

Your clients are an integral part of your business, and it is essential that you have agreements in place with them appropriate to the type of business you operate.

There is an increasing level of awareness of what happens when you hand over personal information and an expectation that it should be protected. Platforms like Facebook and Google require advertisers to have a privacy policy before they can publish any adds. Most importantly, a privacy policy gives you the opportunity to show you clients how you care for their information. Do you have one? Is it on your website or otherwise easily available to your clients?

For online businesses, your agreements are usually contained in the terms and conditions you have published on your website or shopping cart.

If you’re delivering consulting, coaching, mentoring or similar services, you want something documented to ensure you get paid. We usually encourage an element of upfront payment for coaching or consulting services to ensure you don’t deliver services then have to chase to get paid.

Suppliers

If you have credit arrangements with any of your suppliers, you will be purchasing their goods or services under their contract terms. Often people don’t review those terms until they want to end the services and then check the terms to find out how to make that happen.

When was the last time you reviewed your supply agreements? Are you happy with your suppliers, and if not, have you told them? It is possible to change the terms of an agreement in writing between the parties, so that your business relationship can continue, but in a way you are satisfied with, rather than being an unhappy customer.

 

Audit questions for you

  1. Do we know where our founding/ governing documents the establish our business are kept? When did we last look at them?
  2. How many different business relationships do we have?
  3. Are those relationships documented in agreements?
  4. Do we know where our agreements and contracts are?
  5. Do we have written employment agreements or policies?
  6. Do we have a privacy policy on our website?
  7. Do we have a contract register so we know what agreements we have, with who, who on our team is responsible, when the agreements end and where they are?

Now Think About Your Risk Management

Have you thought about what the biggest risks might be for your business? COVID certainly surprised most people. Whilst some businesses were impacted by SARS and thought about adding in ‘pandemic’ as a risk factor in their risk management and business continuity, that was a very limited number of businesses. If you don’t stop occasionally and work out where the risks are to your business, you don’t give yourself the opportunity to lessen the potential impact on your business before they occur.

Even if you have a written business plan, and a written business continuity plan (a set of actions to be taken when events or circumstances have an adverse impact on the business), if you haven’t reviewed them for some time then they might not be relevant.

The key to risk management is thinking about what matters most in your business, how that might be threatened, and what you can put in place to reduce the impact of that potential threat happening.

A great example is considering cyber risk to your business and then having all staff complete training as a result. The training is a way of raising awareness of the potential problems and helping people understand what they can do to reduce the risk. 

If you have a business plan, that may help you identify the main areas of potential risk to your business. Consider –

  • Financials – processing payments; invoicing; paying employees, contractors, suppliers; tax changes; loss through theft or other means etc
  • People – what would happen if anyone in your team was gone for any reason?
  • Key Resources – physical, intellectual, human, network
  • Offering – competitors, changing environment, legal compliance
  • Key activities – what would impact your ability to deliver your product or service to your clients?

Once you’ve identified your risks, then consider the likely chance of it happening, and the likely impact, to calculate a risk score. Typically, businesses identify 4-5 levels of risk for likelihood and impact. So, the likelihood might be from ‘rare’ to ‘almost certain’ and the impact might be from ‘minor’ to ‘catastrophic’. For a large proportion of business, if they’d had the chance to do this exercise with knowledge that COVID was coming, would probably have assessed a pandemic as ‘rare’ and ‘catastrophic’. That may have given it a risk rating in the HIGH range and ensured that measures were in place (like the ability to work remotely) before COVID happened.

Hindsight is a wonderful thing.

 

Audit questions for you

  1. Have we ever considered risks to our business?
  2. Do we know whether we have compliance obligations in our industry?
  3. Do we understand risk management?
  4. Do we have a risk register?
  5. Do we have risk mitigation in place for identified risks?
  6. What insurances do we have in place?
  7. Have we scheduled staff training to help identify and manage risks?

Is it time for a refresh?

If you’ve read through the audit questions and think it sounds all to hard, consider the future of your business. If at any time you want to apply for finance, look for an investor or sell your business, all these things will need to be sorted out to get the best value.

If it seems overwhelming, consider working with us to help prioritise what is most important to support your future objectives, and then to work through the process with someone in your team to help you get organised and on top of everything.

Onyx Legal offers cost effective day rate services to help you get on top of big projects that support the future value of your business. Let us know if you’d like a hand with identifying and understanding your structure, contracts or risk management. Make an appointment now

How can Onyx Legal help you?

Book an appointment to talk with one of our team about your business structure and whether it is still the most appropriate structure for what you are doing and what you’d like to achieve.

Business & COVID Queensland

Business & COVID Queensland

Business & COVID Queensland

Business and COVID – 17 December 2021

This article offers a resource for business coming out of the RDA Moreton Bay presentation for business at the North Lakes Sports Club on 24 November 2021. Thank you to RDA Moreton Bay for the opportunity to be involved. 

Businesses to be affected

Hospitality, vulnerable settings (aged care, health, prisons etc), indoor entertainment, outdoor entertainment, festivals, weddings, government galleries, museums and libraries, etc.

Retail, public transport, places of worship etc are referred to as not subject to vaccination restrictions.  

Where to start?

  1. Official government websites – there are links to all Federal, State and Territory official sites here – https://www.australia.gov.au/
  2. Understand that State and Territory requirements and directions are all different. You will need advice relevant to each. The following information is for QUEENSLAND

Check out the FAQs in response to questions from business.

Regarding the Qld Health Direction expected on 17 December 2021

Public Health and Social Measures linked to vaccination status – A Plan for 80% and Beyond

This is currently a plan without legal effect, it will become a binding Public Health Direction as soon as it is published online.

EmployeesCustomers/ Suppliers

register for the Qld Check-in App and clearly display the QR Code at each entrance

display the COVID Safe Checklist at your premises

maintain social distancing – 1 person per 2 square metres (capacity) and 1.5m (proximity)

display the vaccination rules at your business premises (download)

promote the requirement on your website and social media channels

  • ask employees to link their vaccination certificates to their Qld Check-in App
  • remind customers when they make a booking
  • notify suppliers of requirements
  • consult with staff
  • ask staff to provide proof of vaccination status consult with staff about impact
  • consider the circumstances of each employee
  • consider alternatives such as social distancing, mask wearing, working from home etc
  • seek legal advice for ability to mandate vaccinations
  • seek legal advice before dismissing an employee on the basis of vaccination status
  • Check the FWO website for detail guidance on vaccinations in the workplace
  • If the Health Direction reflects the current direction for health services, employers may be liable to be fined up to around $13,700.00
  • ask for proof of vaccination from your customers/ suppliers at the time of check-in
    • the Check-in App should show a white tick on a green background if a valid vaccination certificate is linked, or a red question mark if not
    • a customer can show you a copy of their immunisation history statement or COVID-19 digital certificate
  • request customers/ suppliers not enter the premises if unable to provide proof of vaccination
  • provide training to staff on how to manage objectors effectively and without violence
  • if a person refuses to provide evidence of vaccination, you may call police who have the ability to issue a fine of $1,378.50
  • A person affected by administration of a COVID vaccine who is hospitalised for at least one night may make a claim under the no fault COVID-19 Vaccine Claims Scheme
    • get legal advice if you are concerned about your legal obligations
    • you may also require HR and workplace health and safety advice

     

    Where do the laws come from?

    FREE RESOURCE DOWNLOAD

    Download our PDF of this article including active links for your use.

    ONYX LEGAL Business and COVID information sheet for business effective 17 December 2021

    How can Onyx Legal help you?

    Book a short advice session and send us details about your business. We can provide a brief email confirmation of our advice for your records, or a full written advice if required for Board or management consideration.