top of page

What You Need to Know About Doing Business Online: The Legal Requirements ( A Quick Guide)

E-commerce has drastically reduced the costs and logistical difficulties associated with starting a business, removing the need for bricks and mortar shops.

You’ve decided to start an e-commerce business, you have your domain name and are now finally taking the “online” leap with your innovative business idea. Great news!

But wait a moment! Being functional online is not just about having an agile mind-set, embracing change, setting up a website, using key words and writing blogs. As increasing numbers of consumers and business customers turn to the internet to purchase a wide range of goods, services and digital content, it’s important for YOU as an online entrepreneur to understand the relevant legal requirements associated with setting up an e-commerce business.

Whilst the Internet may have broken down the borders between foreign markets, THE LEGAL BORDERS REMAIN.

Businesses that sell goods to UK consumers online must comply with several legal requirements that protect consumers’ rights. As a seller you need to be familiar with the law surrounding online selling and ensure that you are aware of what you need to do to sell legally on the internet.

There are many rules, regulations and laws that govern how websites should work. Most of the legal requirements that apply fall under the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 (the CCRs), the Electronic Commerce (EC Directive) Regulations 2002 and the Companies Act 2006. These rules set out the information that companies must provide on their website and in email footers to comply with the law. Failure to comply with these rules may result in a fine.

There are other legal requirements that apply to specific sectors and professions. What you need to know depends mainly on the kind of seller that you want to be. Will you just be selling some unwanted Xmas or birthday gifts on eBay or Amazon or do you want to become a fully-fledged business seller?

The information in this Article is but a brief guide. If you would like to talk to us about your legal obligations regarding your website, please contact Eve Jarrett (Legal Director) on Tel no 01234 938057/938058 or at email

The Essentials: Things you need to know

Law of Contract

First, Remember: the basic laws of contract formation namely offer, consideration, intention and acceptance apply to online sales as for shop sales.


Second, you need to know if you should be paying tax on the items that you sell. You will have to pay tax if your income is more than your tax-free allowances and any reliefs for which you may be eligible. HM Revenue and Customs (HMRC) have a guide on the government website ( under the heading (“Income from selling services online”) to help online sellers.

You can also contact HMRC’S Income Tax Helpline if you are not sure whether you should be paying Income Tax on any of your earnings.

Consumer Protection Law (Individuals)

Online sales to individuals are covered by the Consumer Contracts (Information Cancellation and Additional Charges) Regulations 2013. These regulations cover any form of distance selling for instance telephone sales and require you to give your customer full details of the offer and certain specified information before they place an order. You also need to send written confirmation of any order to the customer by post or email. Broadly speaking the required information includes your details, a description of the goods or services, delivery and payment arrangements and information about their right to cancel. ("cooling-off period"). These Regulations do not cover sales to other businesses.

Under the Consumer Rights Directive, you also need to include information on the duration of any contract, the total cost including any deposits that may be payable and the customer’s responsibility for the cost of any returns.

E-Commerce Regulations (Businesses)

If you are selling items online the E-Commerce Regulations govern business to business sales. These regulations came into effect in 2002 and apply to every business website. Whether you have your own website, use eBay or Amazon or even sell through a mobile phone or on digital television the regulations will apply to you.

So, what are the E-Commerce regulations? These regulations require you to provide the same information as under the Consumer Contracts (Information Cancellation and Additional Charges) Regulations 2013 but do not include an automatic right for business customers to cancel any contracts. As a matter of good practice, a lot of businesses do include cancellation rights for business customers.

As a bare minimum, you must give the trading name of your company, an address from which you operate and an email address. If you are selling under a company name or as a limited liability partnership your website must show:

  • The full name of your company or LLP

  • Your company’s or LLP’s registered office address

  • The registered number of your company or LLP

  • Your company or LLP’s place of registration

  • If your company is being wound up

  • Your company’s VAT number if VAT registered

  • Membership details of any trade or professional association to which you belong

You must also show your prices and ensure that your customer knows the final price too including tax and delivery charges.

Before a customer makes an order, your website should inform the customer of all the steps needed to complete the order, state whether the order will be completed by you or outsourced to another seller and inform the seller of how to amend errors before placing an order. You should ensure that your terms and conditions are downloadable so that customers can view the terms and conditions before putting in their order and store their own copy of their order too.

Receipts of an order must be acknowledged expeditiously but a seller is allowed to say that an order is being processed rather than accepted if there is a provision to that effect in their terms and conditions.

The E-Commerce regulations also cover sellers' marketing techniques so if you send a customer a text message or an email to advertise any product you should inform them clearly that it is a form of commercial communication and outline any conditions applicable to the communication.

The Data Protection Act 2018

The Data Protection Act 2018 regulates the processing of personal data by companies, specifying, for example, that data must be kept accurate and secure. The Act requires all businesses who process personal information in an automated form to notify and (if applicable) register with the Information Commissioner’s Officer (ICO) unless they are exempt from registration.

Failure to notify the ICO is a criminal offence. Register entries must be renewed annually on payment of a fee and failure to renew a registration if required to do so is a criminal offence. The Act also requires businesses to provide certain information to their customers and users. This includes details of how the information will be used, whether it will be transferred outside the EEA and or sold to third parties.

All businesses no matter how big or small must comply with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR}. GDPR is a law by the European Union (EU) to protect the rights of individual’s personal information by controlling how businesses handle their customers personal information e.g. age, name, date of birth, payments and bank account information etc. It applies worldwide and applies to any business around the world with whom an EU resident has business dealings.

Consumers share confidential information with businesses online and they expect the businesses to keep this information confidential. Leakage of valuable information of a customer may result in the loss of a customer, the tarnishing of your reputation and or your company’s reputation and image and the imposition of a sanction by the information Commissioner (UK).

Post-Brexit: Even after we leave the EU following Brexit, the GDPR will still form part of UK law. Whilst there may be some changes post-Brexit it is very likely that the GDPR will still exist.

Complying with the Data Protection Act and the GDPR

Complying with the Data Protection Act and the GDPR is quite simple and cheap. Often all that is needed is a good understanding of the law, registration with the ICO, a cookie policy and a well-drafted privacy policy.

In order to comply with the Act and GDPR your website needs to have:

  1. A compliant Cookie Policy. This means that if you are collecting user data when people come onto your website you need to make sure you have legal grounds for collecting the data. You must also inform your website users of the legal grounds. So, if you are building your website from scratch you must make sure that your website’s use of cookies and online tracking complies with the GDPR.

  2. A Privacy Policy. The easiest way to do this is to set up a Privacy Policy on your website and require your customers or website users to agree to it when you collect information from them. Your privacy policy should set out details of the data that you collect, the legal basis for your collection of the data and the steps that you take to ensure that the data is protected through all of the processes it goes through.

To ensure that you customer or user’s agreement stands up legally you may wish to use what is known as the "clickwrap" method. The "clickwrap" method is where you put in a tab so that your website user or customer has to click “I agree” or “I accept” to your Privacy Policy .This could be when they make a purchase on your website or sign up to receive your marketing messages.

The Privacy and Electronic Communications Regulations set out a variety of marketing rules which apply to the use of email marketing campaigns, such as providing an ability for recipients to opt out. They also govern the rules surrounding the use of cookies.

Please contact us if you need professional legal guidance about data protection compliance.

Other Points to note

  1. Selling Digital Services

There are extra rules for selling digital services which customers download or stream online including:

  • books,

  • computer games

  • mobile phone apps

  • computer programs.

  • TV and film

If you supply streaming or downloading services, the law states that you must:

  • Inform the customer and get them to confirm before they stream content that they are aware that they will lose their 14-day cancellation rights

  • Get the customer to agree to an instant download before they start downloading

  • Include this information in your confirmation of the contract together with the other pre-contract information.

If you do not follow these rules the customer will retain their 14 day right to cancel.

2. Selling and doing business abroad

  • Check if you need a licence or to follow special rules to export restricted goods from the UK. Restricted goods include diamonds, art works, antiques, culturally significant goods, food and agricultural products, drugs and medicines, military goods, services and technology, some high-tech goods and services e.g. software that could be used for information security systems i.e. cryptographic technology. A list of restricted goods can be found on the website under “Exporting and doing business abroad.” There is currently no charge for a licence.

  • If you do not get a licence for items that need one your goods will be delayed at customs, could be confiscated and you could be fined.

  • You are also not allowed to do business with someone who is on the Government’s financial sanctions list. The consolidated list of financial sanctions targets is a list of people, businesses, organisations and financial institutions that you are generally not allowed to deal with by law.

Additional Sources of information

The government’s website provides a lot of advice to sellers in relation to setting up a business, tax, registering for VAT, trading online, sending goods abroad, and refunds to customers.

Ignoring the pitfalls can lead to serious problems for your business. And it’s not just a disgruntled customer who could be knocking on your office door. It could be trading standards or the taxman! However, with the right knowledge and the right legal support in place there’s no reason why your business can’t keep on the right side of the law.

Need help in drafting shareholder agreements or other contracts, protecting your trademark, drafting your website terms and conditions and privacy notice? Need advice in an employment case, recovering a debt, removing a director, the grant of a business lease, mediation, adjudication or court proceedings? Are you a seller on Amazon or eBay? Do you need advice on your marketplace platform?

Pure Business Law is here to help!

Call us on 01234 938057 or email us on

Pure Business Law – GIVING YOU THE EDGE.

23 views0 comments


bottom of page