Acceptable Use Policy
Template — South Africa

Establishes the legitimate, authorised uses of the platform — what the service is designed for and how users may properly use it. Sets the baseline expectations for normal, authorised activity and provides the context against which prohibited uses are assessed. Includes the requirement that users comply with all applicable South African laws and regulations in their use of the platform.

Comprehensive list of content that users may not upload, share, store, or distribute through the platform. Categories include: content that violates South African criminal law (including the Cybercrimes Act and the Films and Publications Act 65 of 1996), hate speech as defined in Section 10 of the Promotion of Equality and Prevention of Unfair Discrimination Act 4 of 2000, defamatory material, content that infringes intellectual property rights (copyright, trademarks, patents), child sexual abuse material, non-consensual intimate images, content promoting violence or terrorism, and personal information shared without the data subject's consent in violation of POPIA.

Activities that constitute platform misuse and may also constitute criminal offences under the Cybercrimes Act 19 of 2020. Includes: unauthorised access to computer systems or accounts (Section 2), unlawful interception of communications (Section 3), data scraping beyond authorised API limits, spam and unsolicited bulk communications, phishing and social engineering, distribution of malware, ransomware, or viruses, denial-of-service attacks or attempts to degrade service performance (Section 6), circumvention of security measures, impersonation of other users, and automated access (bots, crawlers, scrapers) without prior written authorisation.

Technical restrictions to prevent activities that degrade service quality for other users. Covers API call limits and rate limiting, bandwidth consumption caps, storage quota enforcement, excessive CPU or memory usage, automated access patterns that resemble denial-of-service behaviour, and the use of the platform's infrastructure for cryptocurrency mining, torrenting, or other resource-intensive activities not related to the platform's intended purpose.

The graduated enforcement process that the platform will follow for violations. Tier 1: Warning — for first-time minor violations, the user receives a written warning identifying the violation and the applicable AUP provision. Tier 2: Content removal — offending content is removed with notification to the user. Tier 3: Temporary suspension — the user's account is suspended for a defined period (typically 7-30 days). Tier 4: Permanent termination — the user's account is permanently terminated and they are prohibited from creating new accounts. Severe violations (criminal activity, distribution of CSAM, imminent threats of violence) result in immediate termination without prior warning.

The platform's content moderation approach — whether automated (AI-based content filtering), manual (human content reviewers), or hybrid. Specifies the response timeframes for reported content (typically 24-48 hours for initial review), the criteria for prioritising reports (severity of potential harm), the qualifications and training of content moderators, and the documentation maintained for moderation decisions. Addresses the limitations of automated moderation and the right to human review.

How users can report AUP violations — including the reporting mechanism (in-platform button, email, webform), the information required in a report, the review process for reports, timeframes for enforcement decisions, and confirmation of action taken. Also establishes the user's right to appeal content removal or account suspension — including the appeal mechanism, the review process (conducted by a different reviewer than the original decision-maker), the timeframe for appeal decisions, and the reinstatement procedure for successful appeals. Fair appeals processes are important for CPA Section 48 compliance.

Implements the notice-and-takedown procedure required by ECTA Chapter XI for platforms hosting user-generated content. Identifies the designated agent for receiving takedown notices (with name, email, physical address, and phone number), specifies the information required in a compliant takedown notice, the timeframe for removing reported content (typically 24-48 hours from receipt of a compliant notice), the counter-notice procedure for users who believe their content was wrongly removed, and the put-back process if the original complainant does not pursue legal action within the prescribed period.

The platform's obligations under Section 54 of the Cybercrimes Act 19 of 2020. Electronic communications service providers must report certain offences to the SAPS within 72 hours of becoming aware of them. The AUP informs users that: illegal activities conducted through the platform will be reported to law enforcement, user data may be disclosed to the SAPS or other authorities pursuant to lawful investigation requests (search warrants, subpoenas, Section 27 preservation orders), the platform will preserve evidence as directed by law enforcement under Section 29 of the Cybercrimes Act, and cooperation with law enforcement is a legal obligation, not a discretionary decision.

Provisions protecting the intellectual property rights of both the platform and third parties. Prohibits users from uploading content that infringes copyright (under the Copyright Act 98 of 1978), trademarks (under the Trade Marks Act 194 of 1993), or other IP rights. Establishes a repeat infringer policy — users who receive multiple valid takedown notices will have their accounts terminated. Addresses the ECTA safe harbour protections and the platform's responsibilities as an intermediary.

How the AUP may be updated — the platform's right to modify the policy with reasonable notice (typically 30 days for material changes), the notification mechanism (email and in-platform notice), and how continued use after the effective date constitutes acceptance of the modified terms. Subject to CPA Section 14 requirements that material changes to terms be fair, just, and reasonable. Includes a version history with effective dates for transparency and audit purposes.