Digital Business: Website Legal Checklist

9th October 2019

Digital Business: Website Legal Checklist

9th October 2019

Contract Formation
Delivery of terms before they submit their order  
Delivery of terms again within any written confirmation (acceptance of the contract)  
The E-Commerce Regulations 2002 (E-Commerce Regulations)
The technical steps involved in placing an order  
The terms and conditions under which a contract is made  
Facility to acknowledge receipt of order without undue delay  
The technical means for identifying and correcting input errors prior to the placing of the order.  
The languages offered for the conclusion of the contract.  
Nature and detail of any promotion including conditions to qualify for promotion  
Professional title, registration number and links to codes of conduct that apply.  
The Consumer Rights Act 2015 (CRA), The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 (Consumer Contract Regulations) and The Consumer Protection From Unfair Trading Regulations 2008 (CPRs)
Information on the trader  
Payment, delivery and performance arrangements, including deposit requirements  
Any delivery restrictions at the beginning of the order process  
Consumer’s obligation to pay for return of goods. Where applicable, that the consumer will have to bear the cost of returning the goods in case of cancellation  
Reminder of legal duty re: quality of goods and other consumer rights.  
Which means of payment are accepted at the beginning of the order process  
Description of the main characteristics of the goods, services or digital content directly before order process begins  
Total price or how it will be calculated before consumer places the order.  
Additional delivery charges and other costs or how they will be calculated before consumer places order  
Duration of contract  
Conditions for terminating  
Right to cancel communication and communication of waiver of this right is consumer requests immediate provision of services.  
Acknowledgement that the order implies an obligation to pay and purchase – language such as ‘”buy now” or “pay now” rather than “accept” or “register”  
Complaint handling and any applicable redress scheme  
Payment Services Regulations 2017
Professional liability insurance cover details (regulation 8(1)(n), PSRs).  
VAT Number  
Company, Limited Liability Partnership and Business (Names and Trading Disclosures) Regulations 2015 (SI 2015/17)           
Company name Applicable if you are a Limited Company or LLP

 

 

 

Company registered number
Place of registration, such as England and Wales
Registered office address
Your company name, postal address and company email address
How to contact your business via non-electronic means
Your VAT number, even if the website is not being used for ecommerce transactions
The name of any trade bodies or professional associations that the business is part of, including membership or registration details.
The Provision of Services Regulations 2009 (POS Regulations)
This is important if you are in the service sector and operate in two or more states within the EEA but not covered by this note.  
The General Data Protection Regulation (GDPR), Data Protection Act 2018 (DPA) and The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PEC Regulations)
Privacy policy link made available on footer of each page and at each point when data is being collected from a subject – for example, when they sign up to a newsletter.  
Does the privacy policy include:

  • Identity and contact details, and if applicable, its EU representative’s identity and contact details.
  • Contact details for the data protection officer, if applicable.
  • The purposes of the processing.
  • The legal basis for the processing.
  • Legitimate interests when they serve as the legal basis for data processing.
  • The recipients or categories of recipients of personal data, if any.
  • Whether you intend to transfer personal data outside of the jurisdiction and the data transfer mechanism
  •  How long you store the personal data or the criteria you use to determine retention periods.
  • Whether you use automated decision-making, including profiling, the auto-decision logic used, and the consequences of this processing for the data subject.
  • Whether the data subject must provide the personal data by law, contract, or for another reason, and the consequences of not providing the personal data, unless you collect the personal data from a source other than the data subject.
  • The categories of personal data you collect from sources other than the data subject.
  • The sources of the personal data.
  • A summary of the  data subjects’ rights
  • Any changes necessary to ensure compliance with any country-specific differences found under national legislation implementing the GDPR.
 
Provide internet users with clear and comprehensive information about the purposes for which cookies are stored and accessed.

Examples for when consent is needed :

·         analytics purposes

·         First and third-party advertising cookies

·         Cookies used to recognise a user when they return to a website