• Contact
  • Accountants: +44 (0) 1753 551111
  • Solicitors: +44 (0) 20 7067 4300

Businesses often invest time in thinking about how their website ought to look, but can often overlook the fact that their website must comply with legal regulations about the information they provide to website visitors and the information collected about those users.  This guide covers some of the issues to consider in order to ensure that your business’ website is operating legally in the UK.

Information Requirements

Under the Under the E-Commerce Regulations 2002 (“E-Commerce Regulations”), website owners must provide their name, geographical address and contact details, including an email address through which visitors can contact the owner.

If the website is being operated for a company, charity or other organisation it should give details of: any relevant registration numbers (e.g. a company number) and the location in which the organisation is registered (e.g. England and Wales); any supervisory or regulatory authority it is linked to; any professional bodies, professional titles and professional rules that apply to the organisation; and the VAT number where the business is VAT registered.

Distance Selling

If the website is used for selling goods or services to consumers, then the E-Commerce Regulations 2002 and the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013require website operators to inform visitorsprior to the order process of:

  • name and address of the service provider;
  • a description of what is for sale;
  • a description of the different technical steps the customer must follow to conclude the contract;
  • a description of the technical means by which the customer can identify and correct input errors before placing an order;
  • the price including delivery, tax and the arrangements for payment;and
  • the customer’s right to cancel - for the sale of most products, the customer should be given a cooling-off period of at least 14 days.

Data Protection

Under the Data Protection Act 1998, websites must inform users as to how personal data is processed and who has access to it. Most websites set this out in a privacy policy which should be prominently displayed and include the identity of the data controller and why the data is needed. If the data controller intends to disclose the data to third parties, it must inform users which third parties and why.

For more information about data protection obligations, please see our related Quick Guide which can be found here.


Often, websites use cookies in some format to retain data for marketing, for security or to improve the efficiency of the website. Under the Privacy and Electronic Communications Regulations 2011, when cookies are used, clear and comprehensive information about the purpose of the cookies must be given, and the user must give their consent to the use of them. 

Not all types of cookies need to comply with these requirements. If a cookie is used to remember what goods are in a basket to go to checkout or they’re for security purposes or for the efficiency of the website, then often consent is implied.

For more information about cookies and the associated issues around consent to their usage, please see our Quick Guide on the subject found here.

Intellectual Property

Any text or images that are published online or offline will be subject to copyright laws and possibly trade mark laws. In order to protect website content, it is common to include a copyright notice, stating the © symbol, the name of the owner and the date of creation; and /or a page setting out the ownership terms (e.g. in a “Terms of Use” page on the website). When using registered trademarks, the ® symbol should be inserted next to it; and if using a non-registered mark, then the ™ symbol can be used. It is an offence to use the ®symbol if the mark has not been registered.

For more information about IP protection, please see our Quick Guides on this area of the law, which can all be found here.

Disability Discrimination

This issue is often overlooked when dealing with websites, but under the Equality Act 2010, businesses should ensure that reasonable adjustments are made to their website to ensure that disabled people can use them.

What is considered reasonable will be depend upon the size and nature of the relevant business, however businesses should as a minimum aim to ensure that there are no obvious barriers to disabled users; that there is suitable formatting such that the website can be accessed by those with visual impairments; and that the website contains a business accessibility policy statement.

If you require information or assistance in connection with your organisations website then please contact Ben Robson at ben.robson@ocsolicitors.com.


Disclaimer: This note does not contain a full statement of the law and it does not constitute legal advice.  Please seek legal advice if you have any questions about the information set out above

  • Member of London Partners
  • Member of London of Chamber Commerce and Industry
  • Canada Chamber of Commerce
  • The Association for UK Interactive Entertainment
  • Offical Xero Partner

Copyright © 2013 - Oury Clark.