Ecommerce Laws And Legal Requirements For Online Businesses | Quick Guide

by | Jul 14, 2022

Over the past two years, eCommerce has shot up in popularity worldwide. It is now a crucial part of how many businesses run and survive in the current climate and shows no signs of slowing down.

Businesses selling online must be fully compliant with all the legalities involved to avoid getting penalised later down the line. Measures should be taken to comply and also put customer safety at the forefront, meaning users will form higher levels of trust with you and stay loyal.

We’ve put together this article breaking everything you need to know down into easily digestible chunks. Whether you’re in the planning stages of launching or already in the throes of running a successful eCommerce site, read on to make sure you’re following the rules.

Rules & Regs

Electronic commerce regulations. That’s what we’re talking about here.

This phrase describes all of the information you should clearly display on your website if you are selling online. You’ll often find it all neatly presented in the footer of a website.

According to the regulations, information necessary to feature includes:

  • Business name
  • Company registration number
  • Contact details and address
  • VAT number (if you’re VAT registered).

Web Policies

As well as your Terms and Conditions, there are other important sections of information that should be easy to find on your website.

Let’s look over the three main policies you need to have a handle on before selling online.

1 – Privacy Policy

It doesn’t matter what a website is selling, it needs to have a privacy policy. Without one, a business leaves itself wide open to breaching UK GDPR and could end up in receipt of fines and legal action.

This is because a privacy policy states how private customer data is collected, processed and stored.

A privacy policy should:

  • Make clear to anyone reading it how a business protects the data that it processes.
  • State customers’ and visitors’ rights and give them the option to opt-out.
  • Explain why data is collected, what it is and how long it is kept.

Many businesses place a URL to their privacy policy in the footer of their site or in a banner or pop-up to make sure it’s front of house.

This method of display is also frequently seen in businesses’ cookie policies, where a consent banner can often be noticed as soon as you open a website, not allowing entry until action is taken. This brings us on nicely to…

2 – Cookie Policy

Cookies are small pieces of information sent from a website to your chosen internet browser.

Their role is to make a website easier to visit next time because the website will remember details. An example of this is when a website saves a username and password to improve user experience.

They can also be used for targeted advertising. You know when you visit a website and then get followed everywhere by their ads? That’s cookies at work.

A company’s cookie policy should form part of the overarching privacy policy, and so failure to feature one can land you in the same pot of hot water mentioned already.

Before beginning to sell online, check your cookie policy includes why you’re using them, the types of cookies you’re using and any related information regarding third parties using the stored cookie data.

3 – Refund And Return Policy

It might not surprise you to learn that this policy covers returns and refunds that consumers wish to make. It’s therefore pretty plain to see how this policy is a big player in the eCommerce arena.

There will always be the odd customer who isn’t satisfied with their purchase. Whether it’s a request for a refund due to a faulty item or a return, this policy helps to manage a customer’s objections and expectations by clearly stating the return window, how refunds are processed and any other relevant information.

The UK has strict ‘distance selling’ laws that provide guidelines on return policies.

Online Payment Safety

Protecting people’s data during online card payments is not required by law. However, failure to take up security measures like PCI (Payment Card Industry Data Security Standard) invites risks. Data breaches that happen due to a lack of security could lead to fines from the bank provider or legal action being taken.

Another way businesses ensure the security of their online account holders is by using Two-Factor Authentication, or 2FA.

Further than just the usual email-password combination, in which the password is considered the first factor, 2FA adds a second step of verification to eradicate the chances of unauthorised entry to user accounts and add weight to online security.

The second factor of 2FA, a type of multi-factor authentication, can take many forms. A user might be asked for something they know, like a ‘What was your mother’s maiden name?’ type question, or even something they are, like a fingerprint or face scan. Or an authenticator app or text message can be used on a mobile device to keep those pesky hackers out.

Beyond preventing unauthorised access to user data, preventing revenue loss and reducing fraud, 2FA also increases shoppers’ confidence in using your website.

Thinking of starting an online business? Already running one?

How sure are you that your website, and business alike, is adequately protected? What about the safety of your customer data?

Does your current eCommerce website tick all the compliance boxes? Check out our Ecommerce Compliance Checklist for further information.

If you’re not sure, let us help. Visit LegalDrop to find legal support that works with you to achieve your needs – and keep your business safe from making these costly mistakes.

It's time to meet your new
Employment Commercial Contract Disputes Property  Lawyer