The Tobacco Products Control Act provides for the protection of non-smokers - it does not provide any benefit or protection for smokers.

In addition, smoking in the workplace is not regulated by Labour Law but only by the above-mentioned Act. In terms of this Act, the employer is obliged to take steps to protect his non-smoking staff from the cigarette smoke of the smokers. There is no obligation whatsoever on the employer to provide smoke breaks, and indeed if he does provide smoke breaks he is entitled to insist that those employees must work in the time taken for' smoke breaks'  after hours, without additional remuneration, or he can total up the 'smoke breaks time' and deduct it from wages at month end.


The employer is entitled to ban smoking completely on his building or in the workplace if he wishes to, and he can designate any area of his choice to be the smoking area. This could be the roof of the building, or the car park, and the employer is under no obligation to provide an alternative smoking area in the event of inclement weather. In short, the employer is under no obligation to facilitate the addiction of the smoker to the drug nicotine, just as he is under no obligation to facilitate the addiction of any employee who may be addicted to alcohol, narcotics and so on. When you consider that these no obligation on the employer to provide an alcoholic employee with ' drink breaks', why should there be an obligation on him to provide' smoke breaks' to an Employee who is addicted to nicotine ?


The employer is obligated to comply with the following regulations in the Act if he wishes to provide a smoking area:

Section 3 :  Tobacco Products Control Act :


Note : A "workplace" falls within the definition of and is regarded as a  "public place."

1) An employer, owner, licensee, lessee or person in control of a public place may designate a portion of a public place as a smoking area, provided that-

a) the designated smoking area does not exceed 25% of the total floor area of the public place;

b) the designated smoking area is separated from the rest of the public place by a solid partition and an entrance door on which the sign "SMOKING AREA" is displayed, written in black letters, at least 2 cm in height and 1,5 cm in breadth, on a white background;

c) the ventilation of the designated smoking area is such that air from the smoking area is directly exhausted to the outside and is not re-circulated to any other area within the public place;

d) the message: "SMOKING OF TOBACCO PRODUCTS IS HARMFUL TO YOUR HEALTH AND TO THE HEALTH OF CHILDREN, PREGNANT OR BREASTFEEDING WOMEN AND NONSMOKERS. FOR HELP TO QUIT PHONE (011) 720 3145" is displayed at the entrance to the designated smoking area, written in black letters, at least 2 cm in height and 1,5 cm in breadth, on a white background; and

e) notices and signs indicating areas where smoking is permitted and where it is not permitted must be permanently displayed and signs indicating that smoking is not permitted must carry the warning: "ANY PERSON WHO FAILS TO COMPLY WITH THIS NOTICE SHALL BE PROSECUTED AND MAY BE LIABLE TO A FINE".


Section 6 , 7 , 8 , 9 : Tobacco Products Control Act.

6)  An employer, owner, licensee, lessee or person in control of a public place must ensure that no person smokes anywhere other than in the designated smoking area in that public place.


7) An employer must ensure that-

a) employees who do not want to be exposed to tobacco smoke in the workplace are protected from tobacco smoke in that workplace; and

b) employees may object to tobacco smoke in the workplace without retaliation of any kind. 


8) Employers must have a written policy on smoking in the workplace, and the policy must be applied within three months from the date of coming into operation of the Tobacco Products Control Amendment Act, 1999 (Act No. 12 of 1999). 

9) Any employer, owner, licensee, lessee or person in control of any public place or part of a public place may totally prohibit smoking in that place.


For more information contact [email protected]  


What does POPI compliance mean?

By Jan du Toit


Latest developments – Registration of Information Officers:


On 17 May 2021 the Information Regulator’s long awaited online portal went live for the registration of Information and Deputy Information Officers.


The Information Officer of a Responsible Party is the person at the head of your company (CEO or MD) or any person acting in such capacity, or specifically appointed by the MD or CEO to be the Information Officer. Registration must be completed before the end for June 2021.


The address for the portal is  https://justice.gov.za/inforeg/portal.html   


The following information is required to successfully register: 

  • Company name.

  • Company registration number.

  • Company type.

  • Company physical and postal addresses.

  • Company telephone and fax numbers.

  • Information Officer gender, nationality, full name and surname, ID or passport number.

  • Deputy Information Officers same details as per above.


POPIA Compliance – what must be done?

With a little more than a month left before POPI becomes fully effective, many employers may find themselves out of time to become fully compliant to amongst other considerations, the 8 processing conditions prescribed in the Protection of Personal Information Act.


To be considered compliant the following must be considered and applied in the business of a Responsible Party before 1 July 2021. 

  1. POPI training / awareness sessions for the CEO / MD, managers and others tasked with the company’s POPI compliance project. Have a look on our website for the next POPIA training dates.

  2. Compliance audit to be conducted company-wide per department / division to determine the current processing practices within the organization and to establish what needs to be done to be compliant.

  3. Correction of contraventions as identified, and to introduce reasonable technical and organizational measures to prevent the loss or unauthorized access of Personal Information.

  4. Introduction of Data Subject rights and consent in the business through policies and consent clauses / paragraphs / contracts.

  5. The introduction of a PAIA manual (Promotion of Access to Information Act) that incorporates data subject rights and participation in terms of POPIA. This manual must be published on one of the company’s websites. It is also important to note that the current exemption granted by the Minister of Justice for some business to not have such a manual in place currently, expires at the end of June 2021.

  6. General staff POPI policy and legislation awareness training.

  7. Registration of the company’s Information Officer (the CEO, MD or any person acting in such position).

  8. Follow-up assessment on compliance measures and adherence thereto.


It is important to note that no institution, not even the Information Regulator, can “accredit” any Responsible Party in South Africa to be compliant in terms of legislation. Compliance (or otherwise) will only be determined should an investigation be launched by the Information Regulator following a complaint. Should such an investigation confirm a lack of compliance, consequences such an administrative fine not exceeding R10m may follow (which one may luckily pay off in instalments). Further to this those whose rights are infringed upon by a Responsible Party not adhering to the requirements of POPIA, may also institute civil proceedings. Such  proceedings may result in compensation being awarded for loss, as well as aggravated damages determined at the discretion of the court.


In terms of section 19 of the Act, the Responsible Party (business owner / employer) is required to introduce reasonable organizational and technical measures to secure the integrity and confidentiality of Personal Information. The organizational measures referred  to above includes inter alia both internal and external policies to introduce the principle of protection of personal information in the workplace, as well as the rights of data subjects.


To allow you more time to focus on your business, the author of this article compiled a bundle of detailed policies for your business, ready to use. This includes all relevant forms to be used and a template document with draft consent clauses / paragraphs / rules  to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages, and Independent Contractor agreements.


Also included is an Operator Agreement as required in terms of section 21 of the Act and a consent letter for existing clients / service providers, to agree to the continued processing of their Personal Information beyond June 2021.


The policies bundle includes: 

  • Privacy notice template to be published on your website.

  • Personal information protection policy.

  • Personal information retention policy.

  • Data breach policy.

  • Data breach register - form.

  • Data breach report - form.

  • Data security policy.

  • Data subject access request policy and procedures.

  • Data subject access request forms.

  • Processing agreement with third parties as Operators - contract.

  • Data subject participation - draft consent paragraphs / clauses to be incorporated into service and employment contracts, job applications, credit and other applications forms, WhatsApp and Facebook groups / pages and Independent Contractor agreements

  • Guidelines on the appointment of deputy information officers, inclusive of appointment letter.


For only R3750 you can now order you set of POPI policies, ready to use. Contact Jan du Toit for further assistance at [email protected]









Courses and Workshops



Managing Poor Performance/ Incapacity

10 February 2022 (09:00 - 12:00)

Interactive Online Course

POPIA: Protection of Personal Information Act

11 February 2022 (09:00 - 12:00)

Interactive Online Course

Workplace Discipline and Dismissal

18 February 2022 (09:00 - 16:00)

Interactive Online Course

Employment Equity Committee Training

18 February 2022 (09:00 - 16:00)

Interactive Online Course

Management and Leadership Skills

23, 24 & 25 February 2022 (08:30 - 16:00)

Interactive Online Course

The OHS Act and the Responsibilities of Management

24 February 2022 (08:30 – 16:00)

Interactive Online Course

Basic Labour Relations

25 February 2022 (09:00 - 16:00)

Interactive Online Course

Strategic Human Resources Management (HRM) and - Business Partnering

02, 03 & 04 March 2022 (08:30 - 16:00)

Interactive Online Course

Health and Safety Representative and Committee Training Course

03 March 2022 (08:30 - 16:00)

Interactive Online Course

Workshop Chairing Disciplinary Hearings

10 & 11 March 2022 (09:00 - 16:00)

Interactive Online Course


 Our Clients 


Android App On Google Play

Android App On Google Play