Starting up a business is a dream that many people have. But the saying 'be your own boss' comes with responsibilities. As the owner of an online store, you have to make sure that your business and its products or services are legal and that your website meets all legal requirements. Legal certainty isn’t just obtained by choosing and implementing the correct legal status. Your website must also meet important conditions, especially when it comes to legal information such as disclaimers and data protection. Here is what you should bear in mind when creating your online store.
A disclaimer is a legal notice covering the basic issues that could arise when operating a website. Many websites can use a simple disclaimer, although other business may find they need something more specialised depending on what products or services they offer.
The terms of use (or terms & conditions) are the rules for using your website (they are not the same as terms and conditions for a business). It is necessary for all businesses with a website or online presence to include certain items in their terms of use, in order to comply with the Electronic Commerce Regulations 2002, even if the website does not sell goods or services. Having a terms and conditions page helps protect intellectual property rights on your site and can reduce liability if the worst comes to worst and you’re taken to court.
It is important to ensure that your website is as accessible to Internet users as possible. Best practices for ensuring that websites are user-friendly to people with disabilities are created and monitored by the Word Wide Web Consortium (W3C). Their best practice guidelines are categorised according to priority 1-3 and the UK Government, as well as the Royal National Institute of Blind People state that websites must satisfy priority 1 checks, and should satisfy priority 2. An example of this is that all images must include an ALT attribute, which allows the visually impaired to hear a read description, or provides a braille description of the image.
A privacy policy tells website visitors what type of personal information you are collecting from them, how you plan to use it, and how you are protecting it. Data privacy and the protection of personal data are a legal requirements, according to the UK Data Protection Act 1998, as well as being considered fundamental human rights in the Charter of Fundamental Human Rights of the European Union (CFR) 2009, and is protected within the EU by the Data Protection Directive. Companies and shops are required to alert the Office of the Information Commissioners if they are collecting users’ data. It is also advisable to specify if you don’t intend to collect any information (such as e-mail addresses and names), so visitors feel at ease and may be more likely to stay on your site. If you have a contact form on your website (e.g. for customers to subscribe to your newsletter), you should let visitors know how any information they enter will be used.
The Consumer Contracts Regulation is the UK legislative implementation of the European Consumer Rights Directive. This provides rules for distance selling, as well as traditional in-store sales. To trade in accordance with their regulations, shop owners (both online and physical) must provide customers with key information:
The following paragraphs will address more information that vendors are required to furnish to their customers.
This kind of policy is required so that customers know when to expect their products and how they will be delivered. It’s important that customers know the expected delivery periods and costs, otherwise they may look elsewhere if they can’t find the information. Including a discount or promotion can encourage customers to buy more, for example, 'free shipping on orders over £50'.
Refunds are a normal part of online business and customers will want to return or exchange their goods from time to time. They are more likely to make a purchase if they know they can send the product back if it’s not to their satisfaction. UK online customers can request a cancel refund within 14 days of receiving their goods. They then have another 14 days to send the goods back to you. If you do not make the customer aware of their right to cancel, they may cancel their order any time within the next 12 months, with 14 days to return the goods from the date they informed you (Online and Distance Selling).
A good idea is to include the refunds policy with the terms and conditions, so that buyers know their rights and what to expect. You could embed a check box onto your site so that users have to agree to the terms and conditions, so you know they have read them and you are protected should any problems arise.
The EU Privacy and Electronic Communications Directive (E-Privacy Directive, 2002/58/EC) forbids the sending of unsolicited marketing e-mails within the EU. This means that if you wish to provide a company newsletters for your customers, informing them of new products or sales for example, you must give users the option to opt in and opt out of receiving these e-mails. As previously stated, it is also a legal requirement that customers have given their consent for you to send their e-mail addresses on to third parties. This is not necessarily a negative thing, as the relentless arrival of unsolicited e-mails from companies and shops in your inbox is considered spam, and can be very annoying to the recipient.
It’s important for online business owners to offer a range of payment methods so that every visitor is catered for. You could lose a potential customer if they don’t see their preferred method being offered. Take a look at your target audience to see how they normally pay. Avoid making customers create an account before they buy, as this could scare them away. As well as being another password and username to remember, and prolonging the payment process, customers worry they will then be spammed by the company after entering more details, according to a study.
With all the scams and hackers around today, it’s normal to be wary of how secure a page is and be hesitant about entering sensitive information. A study found that 58% of people have abandoned their purchases at the checkout page due to payment security concerns. Obtain a Secure Sockets Layer (SSL) certificate for your website so you can provide a secure connection and encrypt card details, putting customers at ease and meaning they’re more likely to return.
If you are setting up an online store, be sure that your payment options comply with the Payment Card Industry Data Security Standard (PCI DSS), which help prevent fraud by creating increased controls around data, particularly companies or shops which store or process card information.
One last important point when professionally designing a website are photos, especially the product photos. It’s important to comply with all trademark and copyrights, and only use photos that are freely available or if you have been granted permission to use them. If you don’t abide by the rules regarding online image rights, you could be hit with fines and warnings. The same rules apply to multimedia content as well.
As a shop owner, it’s your responsibility to provide your customers with relevant content in a professional and transparent way. Besides this valuable content, it is also important that pages are clearly marked and always available. The topic of data protection is not only relevant for legal reasons, but is also very important for online businesses from a marketing perspective.
This article does not constitute legal advice and does not replace the advice of a competent lawyer.
In today’s globalised world, strong bull markets on the home front simply aren’t enough if you wish to turn your company into a true Unicorn. Branching out into the world is a task that requires understanding and respect for different cultures and their laws. Failing to take such nuances into account may not only turn potential clients and customers off, it can also be the source of other, more...
An important part of a website that many operators underestimate is the privacy policy. This notifies the site visitors which information they are disclosing about themselves and what this data will be used for. But what kind of information should this declaration contain and what has changed since the new General Data Protection Regulation law and the Data Protection Act 2018?
