Who ECTA Chapter VII applies to
Chapter VII of the Electronic Communications and Transactions Act — the consumer-protection chapter — applies to anyone selling to consumers over the internet: online stores, subscription and SaaS sites, app businesses, and marketplace sellers. Section 42(1) sets the boundary plainly.
“This Chapter applies only to electronic transactions.”
A “consumer” for this purpose is a natural person who is the end user of the goods or services. The duties below are separate from, and additional to, the Consumer Protection Act: an online retailer typically has to satisfy both. They are also separate from data-protection law — if your site collects personal information, see POPIA.
The section 43 information list
The heart of the chapter is section 43(1): a checklist of information you must make available on the website where the goods or services are offered. It is more than a “contact us” page — it includes your legal identity, the full price, the delivery time, your return policy, and your security and privacy policies.
“A supplier offering goods or services for sale, for hire or for exchange by way of an electronic transaction must make the following information available to consumers on the web site where such goods or services are offered— (a) Its full name and legal status; (b) its physical address and telephone number; (c) its web site address and e-mail address; (d) membership of any self-regulatory or accreditation bodies to which that supplier belongs or subscribes and the contact details of that body; (e) any code of conduct to which that supplier subscribes and how that code of conduct may be accessed electronically by the consumer; (f) in the case of a legal person, its registration number, the names of its office bearers and its place of registration; (g) the physical address where that supplier will receive legal service of documents; (h) a sufficient description of the main characteristics of the goods or services offered by that supplier to enable a consumer to make an informed decision on the proposed electronic transaction; (i) the full price of the goods or services, including transport costs, taxes and any other fees or costs; (j) the manner of payment; (k) any terms of agreement, including any guarantees, that will apply to the transaction and how those terms may be accessed, stored and reproduced electronically by consumers; (l) the time within which the goods will be dispatched or delivered or within which the services will be rendered; (m) the manner and period within which consumers can access and maintain a full record of the transaction; (n) the return, exchange and refund policy of that supplier; (o) any alternative dispute resolution code to which that supplier subscribes and how the wording of that code may be accessed electronically by the consumer; (p) the security procedures and privacy policy of that supplier in respect of payment, payment information and personal information; (q) where appropriate, the minimum duration of the agreement in the case of agreements for the supply of products or services to be performed on an ongoing basis or recurrently; and (r) the rights of consumers in terms of section 44, where applicable.”
In practice most of this lives across a few standard pages — an “about / legal” page, a clear price and delivery statement on each product, a returns & refunds policy, and a privacy policy — but the list is mandatory, not best practice.
Review, correct — and the 14-day right if you skip it
Section 43(2) requires the checkout flow to let the customer review the whole transaction, correct mistakes, and withdraw before finally placing the order — the reason well-built checkouts have an order-review step. The sanction for getting section 43(1) or (2) wrong is in section 43(3), and it is significant:
“If a supplier fails to comply with the provisions of subsection (1) or (2), the consumer may cancel the transaction within 14 days of receiving the goods or services under the transaction.”
On cancellation under section 43(3), the consumer returns the supplier’s performance (or stops using the service) and the supplier refunds all payments made, minus the direct cost of returning the goods. Note this 14-day window is a separate remedy from the seven-day cooling-off below: it is the penalty for non-disclosure, not a general change-of-mind right.
The seven-day cooling-off right
Distance selling carries a no-questions-asked cooling-off right. Section 44(1) lets the consumer walk away from most online purchases within seven days, without giving a reason and without penalty.
“A consumer is entitled to cancel without reason and without penalty any transaction and any related credit agreement for the supply— (a) of goods within seven days after the date of the receipt of the goods; or (b) of services within seven days after the date of the conclusion of the agreement.”
The only charge you may levy is the direct cost of returning the goods (section 44(2)), and any payment already made must be refunded within 30 days of cancellation (section 44(3)). This ECTA cooling-off right is distinct from the five-business-day cooling-off after direct marketing under the CPA — in fact the CPA expressly stands down where this ECTA right applies, so the two never overlap on the same sale.
When the seven-day right does not apply
The cooling-off right is not universal. Section 42(2) lists the transactions it does not reach — broadly, things that cannot sensibly be returned or that are priced to the market:
“Section 44 does not apply to an electronic transaction— (a) for financial services…; (b) by way of an auction; (c) for the supply of foodstuffs, beverages or other goods intended for everyday consumption supplied to the home, residence or workplace of the consumer; (d) for services which began with the consumer’s consent before the end of the seven-day period…; (e) where the price… is dependent on fluctuations in the financial markets…; (f) where the goods— (i) are made to the consumer’s specifications; (ii) are clearly personalised; (iii) by reason of their nature cannot be returned; or (iv) are likely to deteriorate or expire rapidly; (g) where audio or video recordings or computer software were unsealed by the consumer; (h) for the sale of newspapers, periodicals, magazines and books; (i) for the provision of gaming and lottery services; or (j) for the provision of accommodation, transport, catering or leisure services… on a specific date or within a specific period.”
These are exclusions from section 44 only — the rest of Chapter VII, including the section 43 disclosure list, still applies even to the goods and services listed here.
Are online contracts actually binding?
Yes. The Act puts electronic dealings on the same footing as paper. Section 11 says information is not without legal force merely because it is in a data message, and section 22 confirms agreements concluded by data messages are valid and are formed when and where the acceptance is received.
“(1) An agreement is not without legal force and effect merely because it was concluded partly or in whole by means of data messages. (2) An agreement concluded between parties by means of data messages is concluded at the time when and place where the acceptance of the offer was received by the offeror.”
The Supreme Court of Appeal applied this in Spring Forest Trading 599 CC v Wilberry (Pty) Ltd [2014] ZASCA 178, holding that an exchange of emails satisfied a contract’s requirement that cancellation be “in writing and signed” — an ordinary typed name in an email was a valid electronic signature for that purpose. The lesson for an online business: your click-to-accept terms and your email confirmations are real, enforceable agreements. For the rules on advanced and ordinary electronic signatures and contract formation in depth, see our Software & Technology Law hub.
Spam: the rules moved out of ECTA
A common and costly mistake is to cite ECTA section 45 for marketing emails. Section 45 — the old “unsolicited communications” provision, which used an opt-out model — was repealed by the Protection of Personal Information Act with effect from 30 June 2021. Electronic direct marketing is now governed by section 69 of POPIA, which flips the rule to opt-in: you generally need the recipient’s consent (with a narrow exception for your own existing customers). If your e-commerce site runs email or SMS campaigns, that is the regime to follow — not ECTA.
Complaints, enforcement and how this fits the CPA
Chapter VII is enforced first through the consumer’s own cancellation rights (the 14-day and seven-day rights above). Beyond that, section 49 — as substituted by the Consumer Protection Act — lets a consumer lodge a complaint about non-compliance with the chapter with the National Consumer Commission, the same regulator that administers the CPA. In short: an online seller in South Africa has to satisfy both ECTA Chapter VII (the e-commerce-specific duties) and the broader Consumer Protection Act (plain-language terms, fair terms, quality and product-liability rules), and keep its marketing within POPIA. A short legal review of your store’s terms, checkout flow and policies usually closes all three at once.