Keeping your Website Legal

By Kate Baucherel | November 30, 2012

Anyone in business – as a limited company, a partnership or a sole trader – knows that there are certain details that by law you have to print on your letterhead, invoices and brochures. But what about the online space? Now that it’s so easy to set up a simple template website with a few clicks of a mouse, how many businesses are breaking the law without realising it?

Here’s a handy checklist of what you need to have on your website under UK law, who says you have to, and why it matters.

The Basics

Let’s start with the Companies Act 2006 , The Companies (Trading Disclosures) Regulations 2008 and The Electronic Commerce (EC Directive) Regulations 2002

Your actual geographic trading address – no PO Box numbers! This is very important for local search engine results as well.
Limited Companies and Partnerships need to quote their registered address, their registration number, and (if a partnership) the names of the partners.
Your contact details including an email address or a contact form which allows people to contact you ‘rapidly and in a direct and effective manner’.
If you are part of a trade register, you need to quote your registration number and details of which register you are in. This is in any case sensible marketing to build trust with prospective customers.
Your VAT registration number – don’t forget the GB prefix.

Once you have these basics – and remember these should be on any emails you send as well as on your website – there are other pieces of legislation to consider:

Cookies

The Privacy and Electronic Communications (EC Directive) Regulations 2003 – the ‘Cookie Law’ – requires an ‘opt-out’ button for Cookies. This is the common term for data capture software which sits behind most sites for analytics or signup purposes. You will see them popping up on websites when you visit them for the first time. For a more detailed overview of Cookies and why they matter, check out our earlier blog.

Privacy Policy

If you have a contact form on your site (as opposed to just an email address), or any type of analytics or tracking software, you are capturing data. To comply with the Data Protection Act 1998 you need to state in your site’s Privacy Policy how you will use that data. If your business needs to be registered with the Information Controller – mainly professional services such as accountants, HR and so on who hold detailed personal and business data – you also need to quote your registration number.

Payment Data Security

As soon as you take any payment card details yourself from a customer – over the telephone or online – you need to comply with the “Payment Card Industry Data Security Standards” – PCI DSS regulations. If you are selling online we recommend starting out with a third-party system such as Paypal, SagePay , GooglePay or similar, or check with your web designer that your ecommerce system is using PCI DSS validated payment software (there’s a comprehensive list here).

Terms and Conditions

Although not legally required, you can save yourself a lot of potential problems by including terms and conditions on your website. We recommend two sets: one can be used to give all of the details about your business as required by law, and point out to users how far your liability extends for claims you make on your site. The other is vital for ecommerce sites – make sure that your customers have the chance to read your terms and conditions of sale before they actually make a purchase, or your T&Cs will not be legally binding for that sale.

Protecting your own privacy

Home-based traders are sometimes nervous of ‘personal’ information getting out onto the World Wide Web. However, once you set up in business you will find a lot of your information is available freely through Companies House, HMRC and directories – and as your Digital Footprint grows, Google’s automatically generated Place Page may already show a picture of your house! To learn how to manage your Digital Footprint, contact Galia Digital now.

Posted in Older Posts and tagged Companies Act, Digital Footprint, ecommerce, EU Cookie Law, online strategy, PCI DSS, Privacy Policy, tracking, Trading Disclosures

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.