The legal documentation that you need to trade online

Monday 2nd May 2011

E-commerce is booming. Most businesses want a piece of the action. But few have a grasp of the legal documentation required to ensure that they are compliant with sector specific legislation and to minimise their legal exposure. Without proper attention there is a risk that you could lose valuable rights, put yourself at a commercial and legal disadvantage and/ or face criminal sanctions. This article describes the legal documentation that businesses should put in place before they trade online.

Website design and development agreement

In our experience the majority of website build projects are governed by the supplier’s standard terms and conditions. These are often heavily biased towards the supplier. For important projects you should draw up a project specific website design and development agreement which clearly sets out:

  • your expectations;
  • the supplier’s related obligations;
  • the payment structure;
  • an acceptance testing procedure; and
  • appropriate remedies should the supplier fail to meet any of its obligations.

A website design and development agreement should also establish who owns the intellectual property in the website. Disputes as to ownership are common because businesses naturally assume that they own the intellectual property in their website, when in fact most supplier terms and conditions provide that the supplier retains such intellectual property and is free to use it elsewhere.

Website hosting agreement

This is often a bolt-on to the website design and development agreement, but no less important. As is the case for website build projects, the majority of website hosting arrangements are governed by the supplier’s standard terms and conditions. We recommend that you review these and to ensure that:

  • they set out your expectations;
  • they contain adequate remedies in the event that downtime exceeds your expectations;
  • the supplier’s potential liability is not unreasonably restricted; and
  • they provide that you own any data which is submitted to the site by your customers and that the supplier will treat such data as confidential information and protect it appropriately.

A website hosting agreement should also oblige the supplier to co-operate with you on termination to ensure the smooth handover of the site to a new supplier.

Online terms and conditions of sale

If you are selling goods or services online you need to ensure that sales are made on standard online terms and conditions of sale. These will generally be similar to your normal terms of sale and address key issues such as supply, delivery, payment, liability, force majeure etc. In addition, online terms and conditions of sale must set out:

  • how the online contract is formed;
  • consumer customers’ cancellation rights; and
  • where relevant limitations on who may order online.

For your online terms and conditions of sale to apply to your contracts with your customers, you must ensure that they have been brought to your customers’ attention prior to the point a contract is made. You can do this by requiring the customer to scroll through the online terms and then click to accept them before placing an order.

Terms of website use

Terms of website use contain provisions dealing with access to and use of a website. They can help you to:

  • limit your liability for users’ reliance on information posted on your website;
  • prevent undesirable user behaviour such as unauthorised access, hacking, linking, the introduction of viruses and uploading of illegal or defamatory content;
  • protect your intellectual property rights by asserting your ownership of the content of the website and your trade marks and restricting their unauthorised reproduction;

Unless you need to address a specific risk you need not require users to expressly accept terms of website use before they can gain access to your site- their consent is implied by their continued use.

Privacy Policy

In the course of trading from a website, it is inevitable that you will process customer data. Regardless of whether your customers are businesses or consumers a proportion of such data will be “personal data” i.e. data that indentifies an individual. Your collection and processing of such personal data must comply with the Data Protection Act 1998 (the “DPA”) and the Electronic Communications (EC Directive) Regulations 2003 (“Privacy Regs”). Failure to comply could lead to criminal sanctions (with the potential for personal liability for directors and other company officers) and the possibility of damages resulting from civil claims from disgruntled customers.

The DPA provides that you may only collect, store and use personal data for specified purposes, which the customer is made aware of at the time it is submitted. A well drafted privacy policy can help to ensure compliance with these requirements by disclosing such specifics to the customer.

A privacy policy can also serve a useful marketing function by reassuring customers that you will use their personal data responsibly and keep it secure. By contrast criminal proceedings against you for breach of your obligations under the DPA and the Privacy Regs will inevitably result in negative publicity for your business.

How we can help

If you wish to discuss the points raised in this article, or any issues around e-commerce and/or retail contracts, please contact Alistair Maiden, commercial specialist on 0113 227 0309 or email: