Your website is usually the first point of contact between you and your customers and suppliers. As such, it is vital that you design it in the correct way and ensure that it is legally compliant. This is why we have created a quick checklist so that you can ensure that your site has everything it needs, including terms of use, to demonstrate that it is legit and you can therefore avoid any nasty legal ramifications.

1. Terms of Use

While it is not a legal requirement, it is in your best interests to display your terms of use for the website. Here, you can include a disclaimer and copyright information. This will inform web users what they can and cannot do on your site, such as copy text and images. It will also serve as evidence should a dispute arise.

2. Company Information

Your website should clearly set out some vital information about your company; for instance, limited companies and limited liability partnerships must display their company’s registered name, place of registration, registration number and registered office address. Having a contact form is not enough so you should also include an email address where people can contact you.

Under the Electronic Commerce (EC Directive) Regulations 2002, there are also specific rules that you must follow if you are one of the following:

  • Sole trader

If your business name is different from your actual name, you must provide your name on your ‘About’ or ‘Contact Us’ pages.

  • VAT registered

You must provide your VAT registration number on your website if your business is VAT registered.

  • Member of a trade or professional body

If you offer a service that has a supervisory authority or if you are a member of a regulated profession, this must be stipulated on your website.

3. Privacy Policy

You must have a privacy policy if you process your customers’ personal data. Indeed, it is recommended that you also inform users about how you use their data. This is to ensure compliance with the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act 2018.

Furthermore, you need a privacy policy if your website has a contact form whereby users can send you questions or sign up to your mailing list. This is also a requirement if you have an online store or if your site has cookies and you collect analytics about your web traffic.

Ideally, users should be able to easily access your privacy policy. This is why you should consider placing a link in the footer of every web page, together with your terms and conditions and ‘Contact Us’ links.

4. Cookie Laws

The Electronic Communications (EC Directive) Regulations 2003 and the GDPR require you to let users know about how you use cookies. You must also clearly explain what your cookies do. Fortunately, you can easily fulfil these obligations in your privacy policy.

In addition, it is essential that you seek users’ consent before you store cookies on their devices. Users must give their consent through a clear positive action. An excellent example of this is clicking on an ‘Accept Cookies’ button. You should also make it easy for users to withdraw consent and disable cookies.

5. No Pre-Ticked Boxes

The law stipulates that you must rely on a lawful basis before you can send them any marketing emails. One of those lawful basis is consent. If enquiries have joined your mailing list or checked a box indicating their willingness to receive newsletters from you, then that’s great. This means they have given you their consent. However, the GDPR made it clear that the above mentioned box should not be pre-ticked.

After receiving permission to include people on your email marketing list, you must provide a link or instructions on how they can unsubscribe from your newsletters. The GDPR specifies that you should do this in every such email you send.

6. Consumer Terms and Conditions

If you sell products online, the Electronic Commerce (EC Directive) Regulations 2002 require you to provide information about the different steps buyers should take to complete a transaction. You must also outline what shoppers can do if an error occurs and indicate whether your website can be translated into another language.

Meanwhile, the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 require you as an online store owner to display a link to your terms of purchase, delivery options, cancellation forms and returns/refunds/exchange policy. Compliance is essential as it protects both you and your customers.

7. Website Security

You must ensure that you have sufficient cyber security measures in place, particularly if your website collects or stores users’ personal data and/or processes payments. This is to ensure that you comply with the GDPR and the Payment Card Industry Data Security Standard (PCI DSS). In order to meet the GDPR and PCI DSS security requirements, you should take the following steps:

  • Install a firewall and antivirus software.
  • Regularly update all software and passwords.
  • Only allow access to data and website administrative functions to staff members who require them.
  • Implement HTTPS security encryption on your website, including purchasing and installing an SSL certificate.

What Could Happen If Your Site Is Not Legal

Non-compliance with the above mentioned legal requirements, including having terms and conditions for website can result in fines. In fact, the Information Commissioner’s Office and the local Trading Standards could pursue legal action against you. Similarly, an individual could sue you provided that they can prove that your non-compliance caused them to suffer a loss.

Final Reminders

Do not copy privacy policies and similar documents from other websites. Not only is it considered to be copyright infringement, but it could also cause you to use content that is neither correct nor legally compliant. Furthermore, you would not be able to rely on copied content should you find yourself involved in a legal dispute.

At BEB, we can help ensure that your website complies with UK law. We can also assist you in drafting your website’s terms and conditions and privacy policies. Contact us today so we can answer any questions you may have.