Online businesses have become the new norm in recent decades, providing a perfect platform for commercial success. The UK has one of Europe’s most advanced e-commerce markets, with around 60 million e-commerce users in 2022. While online businesses have considerable advantages over traditional “bricks and mortar” versions, there are several unique legal obligations of which to be aware. Complying with your legal requirements is paramount to safeguarding your business, protecting your customers and ensuring your long-term success. In this article we will outline some of the legal obligations of online companies and what you can do to ensure legal compliance.
Privacy and Data Protection
The UK General Data Protection Regulation (GDPR) applies to the processing of personal data (i.e. information related to an identified or identifiable individual). The UK GDPR requires that all businesses, including online companies, adhere to seven core principles – as follows:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality (security), and
To ensure the GDPR compliance of your business, you must put in place measures to secure the data that you hold about your customers. You must also gain consent for data collection and processing and provide transparent privacy policies. Failure to comply with the principles of the GDPR can lead to large financial penalties. Article 83(5)(a) of the UK GDPR states that any infringement of the rules about processing personal data may lead to a substantial fine. Depending upon the scale of the breach, this may be up to £17.5 million, or 4% of the total worldwide annual turnover of your business, whichever is the higher.
The exact GDPR requirements that you must meet will depend upon a number of factors, including the type of data that you hold, how you use the data and your role in handling the data.
Terms and conditions
We recommend drafting comprehensive Terms and Conditions (T&Cs) that reflect your business and making these easily accessible on your website is essential. Doing so will protect your business, prevent potential disputes and ensure that you comply with your legal obligations. Publishing T&Cs on your website will allow you to define clearly your:
- Expectations with customers – T&Cs provide clear information to users on what they can and cannot do on your website, your obligations and the products and services that you provide.
- Rights – Your T&Cs should set out your legal rights (e.g. intellectual property rights) to protect your website from potential harm and misuse.
- Limited legal liability – You can limit your legal liability if something goes wrong concerning your business, services, products, website or the actions of a third party.
- Governing law and jurisdiction – You can specify within your T&Cs the applicable legal jurisdiction and governing law. This is particularly beneficial if you operate in more than one country.
- Right to terminate – You can specify the terms of service under which access to your website and/or services will be terminated (e.g. if a customer routinely misuses your services).
- Data Protection Compliance – This may include your terms of privacy and cookie policies to ensure compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, and:
- Approach to dispute resolution – Your T&Cs can set out how to resolve disputes with customers, suppliers, or other parties. Making this clear from the outset can save time and money should a dispute arise in the future.
It is important to consult with a legal professional when drafting your T&Cs to ensure that they are suitable, comprehensive, and meet your specific business needs.
Online businesses in the UK must adhere to several acts and regulations, including the following:
Electronic Commerce (EC Directive) Regulations 2002
The Electronic Commerce (EC Directive) Regulations 2002 sets out the legal requirements for online businesses. Online companies make their terms and conditions easy to understand and readily available to customers. These regulations also set out the requirements on providing information in a clear and unambiguous manner, including commercial communications (e.g. marketing), online contracts, liability of Intermediary Service Providers and codes of conduct.
Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013
The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 replaced the previous Distance Selling Regulations. The regulations provide certain rights and protections to consumers entering into contracts at a distance (e.g. online) and place obligations on businesses selling to consumers online. For example, it states that certain pre-contractual information must be provided to consumers clearly and comprehensibly. It sets out also the requirements for a 14-day “cooling-off” period for customers, allowing the cancellation of contracts without providing a reason. If a customer is not provided with information on their right to cancel then the cooling-off period can be extended by up to 12 months.
Consumer Rights Act 2015
The Consumer Rights Act 2015 provides consumers with a number of statutory rights. For example, products must be of satisfactory quality, fit for purpose and match any description given. In the event of a dispute with a customer it is important to have a clear and easily accessible complaints resolution procedure on your website. The act sets out:
- The right to clear and transparent information
- The right to cancel (for goods and services)
- Digital content rights
- Pre-contract information requirements (this is considered to be part of any contract entered-into)
- Delivery of goods, and
- Unfair terms
Privacy and Electronic Communications Regulations 2003 (PECR)
PECR regulates electronic marketing in the UK and requires businesses to obtain consent before sending unsolicited direct marketing communications. Communications may be in the form of e-mail, text, fax or automated calling systems. Understanding the specific e-Commerce regulations that apply to your business is essential. Again, if you are uncertain then it is important to seek the advice of a specialist in commercial law who can ensure that you comply with your e-commerce legal obligations.
Providing clear information about your company, products and services
As an online business you must provide clear information about your company, products, and services on your website.
Firstly, your potential customers must know with whom they are dealing. This means that you must display your registered company name at your registered office, at any inspection place and at any place of business, where applicable. You must provide also your company name, registered office address, contact phone number, company registration number and VAT number on your website and invoices.
Secondly, under the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013, you are required to provide customers with certain information before they enter into a contract with you. This includes your identity, address, and telephone number. Adhering to the rules on information transparency is not just about legal compliance. It also enables customers and potential customers to get hold of you easily should they have any problems or questions regarding your products or services. In turn, this transparency promotes trust in your online business.
The law requires also complete transparency when it comes to providing information on your products and services. Precise details and descriptions of your products and services, including and what is not included, must be provided on your website. The aim is to help consumers understand exactly what they can expect to receive by purchasing your goods or services.
The pricing of your products and services should also be made clear on your website, including whether VAT, delivery and other fees are chargeable. Payment terms should also be set out, making it clear when (e.g. immediately or within 30 days) and how payment for your products and services may be made.
Accessibility and disability compliance
Another – sometimes overlooked – legal consideration is website accessibility. The Equality Act 2010 governs web accessibility in the UK and aims to protect people from discrimination. Under this act it is unlawful to discriminate against people because of their disabilities. Your website should be accessible to all users, including those with visual impairments, hearing impairments, cognitive impairments or learning disabilities and/or limited movement.
Understanding and fulfilling your legal obligations as an online business is crucial for long-term success. This article covers just some of the key legislative areas that you may need to consider for your online business. Depending upon the type of business, where your customers are located and the products and services that you offer, you may need to consider other and/or further legal requirements. It is advisable to prioritise your legal compliance from the outset and to ensure that you update your approach over time as your business grows. We recommend seeking specialist legal advice to make sure that all legal requirements for your business have been considered. This will ensure that your business is protected from potential legal action and cost in the future. It will also help to promote trust with your customers, suppliers, partners, and investors.
Uniwide Formations specialises in UK company formation. We offer a range of company formation packages to suit the needs of your new business venture. Our friendly expert company formation team will provide you with support, advice, resources and tools to make your business journey as smooth as possible.