Most companies or organisations have a website but not all website owners are compliant with the laws governing website activity. This can result in legal risks that are completely unnecessary with some planning.
Commercial websites provide a ‘shop window’ for businesses to promote, market and sell their goods and/ or services. The law expects website owners to provide the same protections to online consumers as are expected with bricks and mortar consumers. In addition, online-specific legislation places extra special obligations upon website owners when it comes to online trade. Common pitfalls include failing to ensure customer personal data is protected, non-compliance with the standard basis of forming a contract online, and breaching consumer protection regulations.
In this article, we consider the main policies that businesses need to put in place when trading online.
- Privacy Statement
A business must comply with the principles of good practice set out in the Data Protection Legislation which means (as applicable)
- the General Data Protection Regulation 27 April 2016;
- the Data Protection Act 2018;
- the Privacy and Electronic Communications (EC Directive) Regulations 2003;
- any other applicable law relating to the Processing, privacy and/or use of Personal Data, as applicable to either Party;
- any laws which implement any such laws; and,
- any laws that replace, extend, re-enact, consolidate or amend any of the foregoing.
and be ‘open and transparent’ to all Data Subjects. The key principles are around processing only specific personal data in a fair, accurate and lawful manner. The processing must not be excessive and must be accurate. Personal data should only be kept for as long as necessary. A business must also protect the data from accidental loss and destruction. Your privacy statement is an important compliancy document and should address:
- What information you collect (personal and/ or financial);
- How and why you collect and handle the information and keep it secure;
- If there will be any direct marketing activities (if yes, an easy and accessible method of opting out should be provided);
- What one needs to do to request information or send a ‘subject access request’.
Our templates can help you get started:
This document defines your relationship with the user and protects your business. It needs to be comprehensive and correct. It is especially important where the site is an interactive one and/ or uses connect platforms via an API of another website. You will need to set out what is acceptable use and attain consents by way of an intellectual property licence grant to use and display user content that may be uploaded to the site. This policy exists to protect your interests by covering areas including:
- Acceptance of collection and use of information;
- Changes and content;
- Links to third party websites;
- Copyright protection of your content and user-generated-content (licences);
- Disclaimers and limitation of liability.
Here is a link to our legal template that will help you get started:
- Main Terms & Conditions (goods or services)
If you intend to sell goods or services online, you need legal terms and conditions that are appropriate to the online environment. For example, the technical steps for formation of the contract and the ordering process as a whole need to take account of the nature of online procedures. Your Ts & Cs should include the following points and be part of your purchasing procedure:
- Conditions of acceptance of order;
- Order process;
- Product or Services information;
- Price and terms of payment;
- Rights of the seller (and Buyer) (Service Provider and Company or Individual);
- Age of consent (where applicable);
- Data Protection;
- Intellectual Property;
- Parties’ respective warranties and indemnities to deal with risk, liability and limitation of the same;
- Cancellation, exchanges, returns and refunds;
- Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 (where applicable). As a business you are required to provide certain information to website users under certain regulations. For goods purchased under a B2C contract, there are consumer cancellation rights to expressly provide for;
- Term and termination
Here are links to our templates that will help you get started:
Don’t assume that your Ts & Cs bind all users of your website and that you can rely on them! They need to be:
(1) incorporated; and,
(2) accepted by the user.
Best practice is to have a tick box that the user has to tick to accept the Ts & Cs prior to the purchase being made. The tick box should be server-side validated so that the user cannot proceed without ticking!
When you engage a company to build and develop your website, there are numerous things that need to be addressed from the outset, otherwise, things may go pear-shaped at the first hurdle resulting in delays at the very least, if not, complete project abandonment and extra costs. Be clear on who will own the intellectual property in the deliverables i.e. know your licences from your assignments!
Let us know if we can help you!
Author: Yvonne Morris
CloudLegal is a tech-enabled legal support consultancy which promises practical commercial and jargon-free advice. We support all company matters, commercial contracts/ Ts & Cs (including software and IT), employment & HR as well as data protection matters. We have various services including:
- our LawChat service which is a convenient way to speak to a legal expert;
- our suite of key Legal Templates available for pre-order purchase;
- our comprehensive Document CheckUp service for our templates;
- a free Request-a-Quote service for custom services from our in-house legal experts (and partner lawyers/ law firms);
- Last but not least, we offer a LawChat Legal Support Packages for business customers who need affordable, convenient and regular legal support. Areas include company setup, commercial contracts/ terms and conditions, intellectual property, data protection services and more. We also offer GDPR Support Packages in addition to Employment Support Packages.