Make Sure Your eCommerce Site Complies with the Law

by Jason / Posted

E-commerce law requirements


If you own an ecommerce site, there are a number of rules and regulations that affect you. As well as normal consumer rights legislation, there are laws that specifically relate to distance selling and online retail. It’s important that you understand your obligations, as failure to comply could result in legal action.

Distance Selling Regulations

The Distance Selling Regulations (DSRs) are the rules that apply to businesses that sell goods or services to consumers online, over the phone, on TV, via mail order or through text messages.


  • Here are some of your key responsibilities as an online retailer:
  • Making the identity of your business clear to site visitors.
  • Providing a description of the goods or services being offered.
  • Providing the price of any goods or services listed (including any taxes).
  • Providing information on delivery charges and timescales.
  • Providing a full postal address if payment is required in advance.
  • Informing customers about their rights regarding cancellations / refunds, and how to exercise these rights.


The Office of Fair Trading (OFT) recently looked at the top 100 UK online retail sites plus the top online clothing stores to assess levels of compliance with key DSR rules, and found that more than a third could be breaking the law.


One of the most common issues was retailers wrongly stating that goods must be returned in their original packaging or condition in order to get a refund. More than half of the sites checked by the OFT also failed to provide visitors with an email address, instead opting only for a contact form, whilst around a quarter of sites were guilty of adding additional fees at the checkout stage without any prior warning.


You can view the OFT’s short guide for businesses on distance selling here.


Electronic Commerce Regulations

Many of the responsibilities outlined in the Electronic Commerce Regulations (ECRs) overlap with those in the Distance Selling Regulations (DSRs).

Some of the other requirements include:


  • Clearly branding any email marketing.
  • Making pricing and promotions clear, easy to access and unambiguous.
  • Acknowledging receipt of orders electronically, and without undue delay.
  • Displaying VAT and company registration numbers


You can view the Department of Business, Innovation and Skills’ Beginners Guide to The E-Commerce Regulations 2002 here.


Privacy and Electronic Communications Regulations

The Privacy and Electronic Communications Regulations include rules on things like marketing and use of cookies and website data.


If you’re planning to do some email marketing, bear in mind that:


  • You can’t send marketing emails to people who haven’t opted in.
  • You must provide recipients of marketing emails with a means of opting out.


EU Cookie Law

In 2011, the Privacy and Electronic Communications Regulations were updated to incorporate the new EU law on the use of cookies (files that are used to store anonymous information about site visitors). Before the new law came into effect in May 2012, websites simply had to provide clear information about the use of cookies. Now they must obtain consent from users to store a cookie on their device.


The Information Commissioners Office (ICO) has advised that ‘implied consent’ is sufficient, however, and the data shows that consent-rates are far higher on sites that simply notify users about cookies rather than asking them to opt in. Sites like Amazon and John Lewis have simply made their cookie policies more prominent instead of requiring customers to actively opt-in; this is a good example to follow.


You can read the ICO’s full guide on the cookie rules here.

Shopify makes it easy to run an online store

Get a free 2 week trial