SlideShare a Scribd company logo

Eleven Steps To Making Your Website Legally Compliant

Download as DOCX, PDF
Brian Miller, Solicitor
Brian Miller, Solicitor

Brian Miller, solicitor and partner at Stone King LLP and Lauren Mitchum, trainee solicitor, provide a useful guide to ensuring your website is compliant with the law in all aspects, including advice on domain names, website content, disability discrimination, online terms, display of mandatory information, the impact of the Consumer Contracts Regulations, privacy policies and cookies, online advertising and the processing of payments

Law
1 of 5
Some rights reserved by ivanpw Eleven Steps to Making Your Website Legally Compliant Many businesses and organisations are unaware of the complex rules that apply to their websites. We have set out below common areas of non-compliance and explained what you can do to ensure your website is not breaking the law. Domain Name Be certain the right person is the registered owner of your domain name e.g. your company. If it is in the name of an employee, there can be problems if he or she leaves the company's employ. If your website is high profile or successful, it may become the target of attack by hackers or those seeking to gain a financial benefit from the name or goodwill of your organisation. For instance, if you receive payments through your website, there is nothing to stop someone setting up a ‘spoof‘ or fake website and diverting payments away from people who think they are dealing with your website when in fact their funds are going to the fraudster’s, which could result in large financial losses. To prevent this type of attack, your company can register a trade mark similar or identical to its website’s domain name. Third parties cannot then easily acquire and use the trademark or a similar name for a similar purpose with impunity and recovering should be straightforward. Likewise, make sure your domain name doesn't infringe a third party's registered trade mark in any part of the world where your website can be viewed. Website Content If your website is developed by one or more of your employees in the course of their employment, the copyright will normally belong to the employer. If the website is developed by a third party, make sure it assigns copyright under the development contract, otherwise you may have only a right to use it, and not to license or assign the rights or sue infringers for copying it. To assist in enforcement, make sure you put a copyright notice in a prominent place on the website (e.g. © 2015 Your Company Name). It is an infringement of copyright to put extracts of other people's copyright works on a website unless you can claim a "fair dealing" exception in the UK which, for these purposes, only covers reporting current events. "Thumbnails" of third parties' photographs will infringe their copyright. Lifting standard terms from a third party site can also infringe copyright. Apart from ensuring that your site does not infringe third party rights, such as copyright, designs or trade marks, it is important to ensure that any material you put on the site is not otherwise illegal e.g. defamatory of someone, even if the content was supplied by a third party. You will remain liable for it unless you take it down as soon as you are put on notice of its existence. Some rights reserved by Paul Stevenson Some rights reserved by Mike Seyfang
Some rights reserved by jk5854 Disability Discrimination Compliance Since the passing of the Disability Discrimination Act 1995 (now part of the Equality Act 2010), website owners, broadcasters and others who provide services to the public have been under a duty to ensure their sites and services are user-friendly for those with visual impairment and other disabilities. Although there are no clear guidelines as to what "accessible" means as far as a website is concerned, it is advisable to comply with the lowest level of conformance with the guidelines issued by the World Wide Web Consortium (W3C), which would include the following:  making a button available which increases the size of the text  ensuring that information conveyed in colour is available without colour  ensuring that the combination of background and foreground colours are sufficiently contrasted so as to be readable by someone with a visual impairment  making all elements of programming compatible with software which assists in the interpretation of websites, such as speech synthesis or Braille  for every non-text element on a site, making available a text-equivalent version  allowing the user to turn off any blinking, automatically updating, scrolling or moving objects There are various software tools available for checking how compliant your site is. Formation of Contract If you supply goods or services through your site, you should ensure that your customers agree to a standard set of terms of supply. Where customers can enter into a contract through your website, you must include clear details of:  the technical steps to follow in order to conclude a contract  the means of correcting errors in the order  the language of the contract  any applicable code of conduct The customer must be able to access the terms and conditions and store and reproduce them. The supplier must acknowledge receipt of the order without undue delay by electronic means. Terms and Conditions of Use If your site involves any degree of interactivity, you should consider including suitable terms of use. These should be in a prominent position. Much of what is contained in standard terms of use involves an attempt to limit liability and such attempts are regulated by English law, particularly where consumers are concerned, which can result in certain terms being held to be illegal by the Office of Fair Trading if a consumer makes a complaint. Terms of use should always state the applicable law to which they are subject, but note that it may not be possible to prevent consumers suing in their own countries. Some rights reserved by sfloptometry
Some rights reserved by Purple Slog Display of Mandatory Information Under the Electronic Commerce (EC Directive) Regulations 2000, you must display certain information on your company’s website including:  the full name and address of the business or other person who is the website owner (a domain name is not sufficient)  email and other contact details (a ‘contact form’ is not sufficient)  if a company, the company’s registration number  if the company is subject to an authorisation scheme, particulars of the relevant supervisory authority, e.g. the Financial Conduct Authority  if applicable, as a member of a regulated profession, your member state, professional title, details of your professional body and relevant professional rules  if applicable, your VAT number (even if the website is not being used for e-commerce transactions)  the cost of goods or services displayed on the website must be apparent and clearly state whether it is exclusive of tax and delivery costs Consumer Contracts Regulations Where the website involves the sale of goods or supply of services to consumers through the site, you must comply with the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013, which include a number of detailed requirements concerning:  the provision of information to the consumer  the statutory right of cancellation within fourteen days  the requirement to supply the goods or services within thirty days  the requirement to obtain active consent from the consumer for all payments (no pre-ticking of boxes)  the requirement to inform the consumer, pre-contract, of all costs  the restriction on enforcing cancellation charges on the consumer  the requirement to provide a telephone line for consumers at no more than basic rate (no premium rate telephone lines) For further information on these Regulations, please see our Guidance Note. Privacy Policy If the website collects personal information from individuals, you should include a privacy policy in order to comply with the Data Protection Act 1998. In general terms, you must indicate the use you will make of any personal data and obtain consent for its use, particularly if you wish to use the details for direct marketing. The privacy policy should contain details of:  who controls of the data  how the data will be used  to whom the information will be transmitted  whether the information is likely to leave the European Economic Area (or EEA) Some rights reserved by Sebastien Wiertz
 the means of gathering information, including use of cookies (see also ‘Use of Cookies’, below) "Sensitive Data" (e.g. about a person's health or sexual orientation) must only be collected if explicit consent to its use has been obtained from the data subject. There must be a statement making clear that all subjects have a right to see the information held and there should be an opt-out box providing an opportunity to decline consent for the collection of information. Cookies As a result of the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, a website operator must not store information or gain access to information stored in the computer (or other web-enabled device) of a user unless the user “is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information” and “has given his or her consent”. How you go about obtaining the consent of users is ultimately your choice. Many organisations now use so-called ‘pop-ups’ or bars to obtain such consent (see, for example, the Information Commissioner (or ICO’s) website at www.ico.gov.uk), so that it is sufficiently clear that consent has been given by encouraging the user to click ‘Yes’ or ‘No’, rather than simply referring the user to terms relating to cookies in a privacy policy, which may be hard for the user to find. Failure to obtain sufficient consent could create problems with the ICO if a complaint were made. This area is technically complex and we suggest you read the ICO’s guidance note in detail in order to ensure compliance. Online Advertising There is no one source to go to for all rules relating to online advertising. The British Code of Advertising, Sales Promotion and Direct Marketing (otherwise known as the ‘CAP Code’) is enforced and administered by an independent body called the Advertising Standards Authority (ASA). When preparing an online advertisement, you should refer to the rules set out in the CAP Code. The key principles that online marketers should always bear in mind is that all marketing communications on the web or elsewhere should:  be "legal, decent, honest and truthful" and not include anything that is likely to cause offence, for instance, on the grounds of race, religion, sex, sexual orientation or disability  not be misleading. You need to ensure that all claims in adverts are accurate, unambiguous and can be substantiated  be prepared with a sense of responsibility to consumers and society  respect the principles of fair competition generally accepted by business  not bring advertising into disrepute The CAP Code is not a statutory code, but anyone can complain to the ASA about non-compliance, from which the ASA can adjudicate a decision. The biggest incentive for organisations to comply with the CAP Code is that the publication of its decisions may lead to adverse publicity. The ASA can also require that all of an organisation’s adverts must be vetted in the future before publication. Some rights reserved by Creative Tools Some rights reserved by ePublicist
Processing Payments Where online payments or donations are being taken, the payment processor must be ‘PCI compliant’ if taking card payments (a set of standards created by the Payment Card Industry, a conglomeration of several credit card companies). Failure to do so can result in large fines and removal of merchant status, meaning that you will no longer be able to take card payments from customers until the processor (whether it is your organisation or a third party) meets the PCI standards of compliance. Brian Miller is a solicitor and partner and Lauren Mitchum a trainee solicitor at Stone King LLP, providing specialist advice in the fields of intellectual property, IT, data protection and commercial law. If you would like further information about the Regulations or if you have any concerns or queries in relation to them, please contact Brian. Disclaimer: This article may not be reproduced without the prior written permission of the author. This article reflects the current law and practice. It is general in nature, and does not purport in any way to be comprehensive or a substitute for specialist legal advice in individual circumstances. Some rights reserved by Sean MacEntee

Recommended

Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...
Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...
Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...Dr. Prashant Vats
 
Data Scrapping On the Internet (Web Scraping)
Data Scrapping On the Internet (Web Scraping)Data Scrapping On the Internet (Web Scraping)
Data Scrapping On the Internet (Web Scraping)BenjaminShalevSalovi
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)WBDC of Florida
 
Cookies
CookiesCookies
CookiesMarc Southern
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1feitwincities
 
ILC Cyber Report - June 2018
ILC Cyber Report - June 2018ILC Cyber Report - June 2018
ILC Cyber Report - June 2018Internet Law Center
 
EC2017 United Kingdom
EC2017 United KingdomEC2017 United Kingdom
EC2017 United KingdomRobert Bond
 
Data Protection and Comnpliance with the GDPR Event 22 september 2016
Data Protection and Comnpliance with the GDPR Event 22 september 2016 Data Protection and Comnpliance with the GDPR Event 22 september 2016
Data Protection and Comnpliance with the GDPR Event 22 september 2016 Dr. Donald Macfarlane
 

Recommended

Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...
Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...
Trademark Cases Arise from Meta-Tags, Frames: Disputes Involve Search-Engine ...Dr. Prashant Vats
 
Data Scrapping On the Internet (Web Scraping)
Data Scrapping On the Internet (Web Scraping)Data Scrapping On the Internet (Web Scraping)
Data Scrapping On the Internet (Web Scraping)BenjaminShalevSalovi
 
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)
Treasure Data Marketers Guide to GDPR (Global Data Protection Regulation)WBDC of Florida
 
Cookies
CookiesCookies
CookiesMarc Southern
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1feitwincities
 
ILC Cyber Report - June 2018
ILC Cyber Report - June 2018ILC Cyber Report - June 2018
ILC Cyber Report - June 2018Internet Law Center
 
EC2017 United Kingdom
EC2017 United KingdomEC2017 United Kingdom
EC2017 United KingdomRobert Bond
 
Data Protection and Comnpliance with the GDPR Event 22 september 2016
Data Protection and Comnpliance with the GDPR Event 22 september 2016 Data Protection and Comnpliance with the GDPR Event 22 september 2016
Data Protection and Comnpliance with the GDPR Event 22 september 2016 Dr. Donald Macfarlane
 
New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16Patton Boggs LLP
 
Ntia 0900
Ntia 0900Ntia 0900
Ntia 0900gsgiles
 
Ten Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part ITen Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part IRyan K. Hew
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleMickey Mellen
 
Letter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken CommunicationsLetter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken CommunicationsRoger Seawright
 
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...WiTH Collective
 
Bmf Ecommerce And Law
Bmf Ecommerce And LawBmf Ecommerce And Law
Bmf Ecommerce And Lawsimonwakeman
 
Criteo CCPA project
Criteo CCPA project Criteo CCPA project
Criteo CCPA project Gerry L. H.
 
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009affilicon
 
Website Compliance 2009
Website Compliance 2009Website Compliance 2009
Website Compliance 2009scottsicle
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The InternetMessrs G Owen & Co
 
An Introduction to Web Accessibility
An Introduction to Web AccessibilityAn Introduction to Web Accessibility
An Introduction to Web AccessibilityAdrian Westlake
 
General Privacy policy for scorewiki
General Privacy policy for scorewikiGeneral Privacy policy for scorewiki
General Privacy policy for scorewikiSaurav Roy
 
Protecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social MediaProtecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social MediaBrian Miller, Solicitor
 
Selling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter MasonSelling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter MasonCareers and Employability
 
Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2Virtu Institute
 
Selling via a website
Selling via a websiteSelling via a website
Selling via a websiteNational Consumer Agency
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy PolicyParallel Wireless, Inc.
 
Top 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfallsTop 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfallsMani Soft International
 
Bootlaw Cookies
Bootlaw CookiesBootlaw Cookies
Bootlaw Cookiesdbaillieu
 
Gdpr compliance critical changes
Gdpr compliance critical changesGdpr compliance critical changes
Gdpr compliance critical changesAngela Nubbert
 
Business law
Business lawBusiness law
Business lawZelessay contents Ltd, Zelessaywritings.com
 

More Related Content

What's hot

New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16Patton Boggs LLP
 
Ntia 0900
Ntia 0900Ntia 0900
Ntia 0900gsgiles
 
Ten Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part ITen Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part IRyan K. Hew
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleMickey Mellen
 
Letter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken CommunicationsLetter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken CommunicationsRoger Seawright
 
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...WiTH Collective
 

What's hot (6)

New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16New TCPA Requirements for "Prior Express Written Consent" Effective October 16
New TCPA Requirements for "Prior Express Written Consent" Effective October 16
 
Ntia 0900
Ntia 0900Ntia 0900
Ntia 0900
 
Ten Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part ITen Laws Internet Businesses Should Consider Part I
Ten Laws Internet Businesses Should Consider Part I
 
GDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal TroubleGDPR: Keep Your Website Out of Legal Trouble
GDPR: Keep Your Website Out of Legal Trouble
 
Letter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken CommunicationsLetter to Roger Seawright from M. Shanken Communications
Letter to Roger Seawright from M. Shanken Communications
 
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
Australian Privacy Principles - Updates presented by WiTH Collective & Marque...
 

Similar to Eleven Steps To Making Your Website Legally Compliant

Bmf Ecommerce And Law
Bmf Ecommerce And LawBmf Ecommerce And Law
Bmf Ecommerce And Lawsimonwakeman
 
Criteo CCPA project
Criteo CCPA project Criteo CCPA project
Criteo CCPA project Gerry L. H.
 
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009affilicon
 
Website Compliance 2009
Website Compliance 2009Website Compliance 2009
Website Compliance 2009scottsicle
 
An Introduction to Web Accessibility
An Introduction to Web AccessibilityAn Introduction to Web Accessibility
An Introduction to Web AccessibilityAdrian Westlake
 
General Privacy policy for scorewiki
General Privacy policy for scorewikiGeneral Privacy policy for scorewiki
General Privacy policy for scorewikiSaurav Roy
 
Protecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social MediaProtecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social MediaBrian Miller, Solicitor
 
Selling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter MasonSelling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter MasonCareers and Employability
 
Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2Virtu Institute
 
Top 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfallsTop 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfallsMani Soft International
 
Bootlaw Cookies
Bootlaw CookiesBootlaw Cookies
Bootlaw Cookiesdbaillieu
 
Gdpr compliance critical changes
Gdpr compliance critical changesGdpr compliance critical changes
Gdpr compliance critical changesAngela Nubbert
 
Steve Gray Digital Update presentation
Steve Gray Digital Update presentationSteve Gray Digital Update presentation
Steve Gray Digital Update presentationPM Society
 

Similar to Eleven Steps To Making Your Website Legally Compliant (20)

Bmf Ecommerce And Law
Bmf Ecommerce And LawBmf Ecommerce And Law
Bmf Ecommerce And Law
 
Criteo CCPA project
Criteo CCPA project Criteo CCPA project
Criteo CCPA project
 
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
My Lawyer Made Me Do It Daniel Green Affilicon Israel June 2009
 
Website Compliance 2009
Website Compliance 2009Website Compliance 2009
Website Compliance 2009
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The Internet
 
An Introduction to Web Accessibility
An Introduction to Web AccessibilityAn Introduction to Web Accessibility
An Introduction to Web Accessibility
 
General Privacy policy for scorewiki
General Privacy policy for scorewikiGeneral Privacy policy for scorewiki
General Privacy policy for scorewiki
 
Protecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social MediaProtecting Your Name and Brand from Abuse on Social Media
Protecting Your Name and Brand from Abuse on Social Media
 
Selling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter MasonSelling online - knowing the rules - Peter Mason
Selling online - knowing the rules - Peter Mason
 
Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2Managing Design and eBusiness - Lecture 2
Managing Design and eBusiness - Lecture 2
 
Selling via a website
Selling via a websiteSelling via a website
Selling via a website
 
Privacy Policy
Privacy PolicyPrivacy Policy
Privacy Policy
 
Top 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfallsTop 6 provisions you should know to prevent outsourcing pitfalls
Top 6 provisions you should know to prevent outsourcing pitfalls
 
Bootlaw Cookies
Bootlaw CookiesBootlaw Cookies
Bootlaw Cookies
 
Gdpr compliance critical changes
Gdpr compliance critical changesGdpr compliance critical changes
Gdpr compliance critical changes
 
Business law
Business lawBusiness law
Business law
 
Website terms of use sample
Website terms of use sampleWebsite terms of use sample
Website terms of use sample
 
Protecting your business
Protecting your businessProtecting your business
Protecting your business
 
Steve Gray Digital Update presentation
Steve Gray Digital Update presentationSteve Gray Digital Update presentation
Steve Gray Digital Update presentation
 
Terms of use white paper
Terms of use white paperTerms of use white paper
Terms of use white paper
 

More from Brian Miller, Solicitor

Replacement standard contractual clauses
Replacement standard contractual clausesReplacement standard contractual clauses
Replacement standard contractual clausesBrian Miller, Solicitor
 
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...Brian Miller, Solicitor
 
Ten Questions You Should Ask Your Cloud Provider
Ten Questions You Should Ask Your Cloud ProviderTen Questions You Should Ask Your Cloud Provider
Ten Questions You Should Ask Your Cloud ProviderBrian Miller, Solicitor
 
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Brian Miller, Solicitor
 
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)Brian Miller, Solicitor
 
What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...Brian Miller, Solicitor
 
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLP
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLPLinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLP
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLPBrian Miller, Solicitor
 
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller Solicitor
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller SolicitorConsumer Contracts Regulations 2013 - a Guidance Note by Brian Miller Solicitor
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller SolicitorBrian Miller, Solicitor
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...Brian Miller, Solicitor
 
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...Brian Miller, Solicitor
 
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...Brian Miller, Solicitor
 

More from Brian Miller, Solicitor (16)

Replacement standard contractual clauses
Replacement standard contractual clausesReplacement standard contractual clauses
Replacement standard contractual clauses
 
Legal Implications of a Cyber Attack
Legal Implications of a Cyber AttackLegal Implications of a Cyber Attack
Legal Implications of a Cyber Attack
 
GDPR: why your contracts need updating
GDPR: why your contracts need updatingGDPR: why your contracts need updating
GDPR: why your contracts need updating
 
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...
Social Media and Your Staff by Brian Miller and Jean Boyle, solicitors at Sto...
 
A Guide to the Consumer Rights Act 2015
A Guide to the Consumer Rights Act 2015A Guide to the Consumer Rights Act 2015
A Guide to the Consumer Rights Act 2015
 
Ten Questions You Should Ask Your Cloud Provider
Ten Questions You Should Ask Your Cloud ProviderTen Questions You Should Ask Your Cloud Provider
Ten Questions You Should Ask Your Cloud Provider
 
Key Points on The Law Relating To CCTV
Key Points on The Law Relating To CCTVKey Points on The Law Relating To CCTV
Key Points on The Law Relating To CCTV
 
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...
 
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)
Data Protection in the Age of BYOD and Social Media by Vicki Bowles (Barrister)
 
What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...What All Organisations Need to Know About Data Protection and Cloud Computing...
What All Organisations Need to Know About Data Protection and Cloud Computing...
 
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLP
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLPLinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLP
LinkedIn for Luddites by Brian Miller, Solicitor, Stone King LLP
 
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller Solicitor
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller SolicitorConsumer Contracts Regulations 2013 - a Guidance Note by Brian Miller Solicitor
Consumer Contracts Regulations 2013 - a Guidance Note by Brian Miller Solicitor
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
 
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...
An Introduction to Intellectual Property by Brian Miller, Trademark Lawyer an...
 
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...
Protecting your IP and Data Trustee Responsibilities by Brian Miller (Solici...
 
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solic...
 

Recently uploaded

Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaNafiaNazim
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书Fs Las
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionNilamPadekar1
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书SD DS
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书Fir L
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfMilind Agarwal
 
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝soniya singh
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书SD DS
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxsrikarna235
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...shubhuc963
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书SD DS
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxKUHANARASARATNAM1
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书1k98h0e1
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书Fir sss
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesritwikv20
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书Fir L
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书SD DS
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一st Las
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书SD DS
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书FS LS
 

Recently uploaded (20)

Arbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in IndiaArbitration, mediation and conciliation in India
Arbitration, mediation and conciliation in India
 
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
 
Trial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 seditionTrial Tilak t 1897,1909, and 1916 sedition
Trial Tilak t 1897,1909, and 1916 sedition
 
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
如何办理(ISU毕业证书)爱荷华州立大学毕业证学位证书
 
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
 
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdfWhy Every Business Should Invest in a Social Media Fraud Analyst.pdf
Why Every Business Should Invest in a Social Media Fraud Analyst.pdf
 
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Haqiqat Nagar Delhi reach out to us at 🔝8264348440🔝
 
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
如何办理(CQU毕业证书)中央昆士兰大学毕业证学位证书
 
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptxTest Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
 
Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...Good Governance Practices for protection of Human Rights (Discuss Transparen...
Good Governance Practices for protection of Human Rights (Discuss Transparen...
 
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书如何办理(Rice毕业证书)莱斯大学毕业证学位证书
如何办理(Rice毕业证书)莱斯大学毕业证学位证书
 
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptxAn Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
An Introduction guidance of the European Union Law 2020_EU Seminar 4.pptx
 
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
昆士兰科技大学毕业证学位证成绩单-补办步骤澳洲毕业证书
 
如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书 如何办理威斯康星大学密尔沃基分校毕业证学位证书
如何办理威斯康星大学密尔沃基分校毕业证学位证书
 
Comparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use casesComparison of GenAI benchmarking models for legal use cases
Comparison of GenAI benchmarking models for legal use cases
 
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
如何办理美国加州大学欧文分校毕业证(本硕)UCI学位证书
 
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
如何办理(GWU毕业证书)乔治华盛顿大学毕业证学位证书
 
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
 
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
如何办理(Curtin毕业证书)科廷科技大学毕业证学位证书
 
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
如何办理密德萨斯大学毕业证(本硕)Middlesex学位证书
 

Eleven Steps To Making Your Website Legally Compliant

  • 1. Some rights reserved by ivanpw Eleven Steps to Making Your Website Legally Compliant Many businesses and organisations are unaware of the complex rules that apply to their websites. We have set out below common areas of non-compliance and explained what you can do to ensure your website is not breaking the law. Domain Name Be certain the right person is the registered owner of your domain name e.g. your company. If it is in the name of an employee, there can be problems if he or she leaves the company's employ. If your website is high profile or successful, it may become the target of attack by hackers or those seeking to gain a financial benefit from the name or goodwill of your organisation. For instance, if you receive payments through your website, there is nothing to stop someone setting up a ‘spoof‘ or fake website and diverting payments away from people who think they are dealing with your website when in fact their funds are going to the fraudster’s, which could result in large financial losses. To prevent this type of attack, your company can register a trade mark similar or identical to its website’s domain name. Third parties cannot then easily acquire and use the trademark or a similar name for a similar purpose with impunity and recovering should be straightforward. Likewise, make sure your domain name doesn't infringe a third party's registered trade mark in any part of the world where your website can be viewed. Website Content If your website is developed by one or more of your employees in the course of their employment, the copyright will normally belong to the employer. If the website is developed by a third party, make sure it assigns copyright under the development contract, otherwise you may have only a right to use it, and not to license or assign the rights or sue infringers for copying it. To assist in enforcement, make sure you put a copyright notice in a prominent place on the website (e.g. © 2015 Your Company Name). It is an infringement of copyright to put extracts of other people's copyright works on a website unless you can claim a "fair dealing" exception in the UK which, for these purposes, only covers reporting current events. "Thumbnails" of third parties' photographs will infringe their copyright. Lifting standard terms from a third party site can also infringe copyright. Apart from ensuring that your site does not infringe third party rights, such as copyright, designs or trade marks, it is important to ensure that any material you put on the site is not otherwise illegal e.g. defamatory of someone, even if the content was supplied by a third party. You will remain liable for it unless you take it down as soon as you are put on notice of its existence. Some rights reserved by Paul Stevenson Some rights reserved by Mike Seyfang
  • 2. Some rights reserved by jk5854 Disability Discrimination Compliance Since the passing of the Disability Discrimination Act 1995 (now part of the Equality Act 2010), website owners, broadcasters and others who provide services to the public have been under a duty to ensure their sites and services are user-friendly for those with visual impairment and other disabilities. Although there are no clear guidelines as to what "accessible" means as far as a website is concerned, it is advisable to comply with the lowest level of conformance with the guidelines issued by the World Wide Web Consortium (W3C), which would include the following:  making a button available which increases the size of the text  ensuring that information conveyed in colour is available without colour  ensuring that the combination of background and foreground colours are sufficiently contrasted so as to be readable by someone with a visual impairment  making all elements of programming compatible with software which assists in the interpretation of websites, such as speech synthesis or Braille  for every non-text element on a site, making available a text-equivalent version  allowing the user to turn off any blinking, automatically updating, scrolling or moving objects There are various software tools available for checking how compliant your site is. Formation of Contract If you supply goods or services through your site, you should ensure that your customers agree to a standard set of terms of supply. Where customers can enter into a contract through your website, you must include clear details of:  the technical steps to follow in order to conclude a contract  the means of correcting errors in the order  the language of the contract  any applicable code of conduct The customer must be able to access the terms and conditions and store and reproduce them. The supplier must acknowledge receipt of the order without undue delay by electronic means. Terms and Conditions of Use If your site involves any degree of interactivity, you should consider including suitable terms of use. These should be in a prominent position. Much of what is contained in standard terms of use involves an attempt to limit liability and such attempts are regulated by English law, particularly where consumers are concerned, which can result in certain terms being held to be illegal by the Office of Fair Trading if a consumer makes a complaint. Terms of use should always state the applicable law to which they are subject, but note that it may not be possible to prevent consumers suing in their own countries. Some rights reserved by sfloptometry
  • 3. Some rights reserved by Purple Slog Display of Mandatory Information Under the Electronic Commerce (EC Directive) Regulations 2000, you must display certain information on your company’s website including:  the full name and address of the business or other person who is the website owner (a domain name is not sufficient)  email and other contact details (a ‘contact form’ is not sufficient)  if a company, the company’s registration number  if the company is subject to an authorisation scheme, particulars of the relevant supervisory authority, e.g. the Financial Conduct Authority  if applicable, as a member of a regulated profession, your member state, professional title, details of your professional body and relevant professional rules  if applicable, your VAT number (even if the website is not being used for e-commerce transactions)  the cost of goods or services displayed on the website must be apparent and clearly state whether it is exclusive of tax and delivery costs Consumer Contracts Regulations Where the website involves the sale of goods or supply of services to consumers through the site, you must comply with the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013, which include a number of detailed requirements concerning:  the provision of information to the consumer  the statutory right of cancellation within fourteen days  the requirement to supply the goods or services within thirty days  the requirement to obtain active consent from the consumer for all payments (no pre-ticking of boxes)  the requirement to inform the consumer, pre-contract, of all costs  the restriction on enforcing cancellation charges on the consumer  the requirement to provide a telephone line for consumers at no more than basic rate (no premium rate telephone lines) For further information on these Regulations, please see our Guidance Note. Privacy Policy If the website collects personal information from individuals, you should include a privacy policy in order to comply with the Data Protection Act 1998. In general terms, you must indicate the use you will make of any personal data and obtain consent for its use, particularly if you wish to use the details for direct marketing. The privacy policy should contain details of:  who controls of the data  how the data will be used  to whom the information will be transmitted  whether the information is likely to leave the European Economic Area (or EEA) Some rights reserved by Sebastien Wiertz
  • 4.  the means of gathering information, including use of cookies (see also ‘Use of Cookies’, below) "Sensitive Data" (e.g. about a person's health or sexual orientation) must only be collected if explicit consent to its use has been obtained from the data subject. There must be a statement making clear that all subjects have a right to see the information held and there should be an opt-out box providing an opportunity to decline consent for the collection of information. Cookies As a result of the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, a website operator must not store information or gain access to information stored in the computer (or other web-enabled device) of a user unless the user “is provided with clear and comprehensive information about the purposes of the storage of, or access to, that information” and “has given his or her consent”. How you go about obtaining the consent of users is ultimately your choice. Many organisations now use so-called ‘pop-ups’ or bars to obtain such consent (see, for example, the Information Commissioner (or ICO’s) website at www.ico.gov.uk), so that it is sufficiently clear that consent has been given by encouraging the user to click ‘Yes’ or ‘No’, rather than simply referring the user to terms relating to cookies in a privacy policy, which may be hard for the user to find. Failure to obtain sufficient consent could create problems with the ICO if a complaint were made. This area is technically complex and we suggest you read the ICO’s guidance note in detail in order to ensure compliance. Online Advertising There is no one source to go to for all rules relating to online advertising. The British Code of Advertising, Sales Promotion and Direct Marketing (otherwise known as the ‘CAP Code’) is enforced and administered by an independent body called the Advertising Standards Authority (ASA). When preparing an online advertisement, you should refer to the rules set out in the CAP Code. The key principles that online marketers should always bear in mind is that all marketing communications on the web or elsewhere should:  be "legal, decent, honest and truthful" and not include anything that is likely to cause offence, for instance, on the grounds of race, religion, sex, sexual orientation or disability  not be misleading. You need to ensure that all claims in adverts are accurate, unambiguous and can be substantiated  be prepared with a sense of responsibility to consumers and society  respect the principles of fair competition generally accepted by business  not bring advertising into disrepute The CAP Code is not a statutory code, but anyone can complain to the ASA about non-compliance, from which the ASA can adjudicate a decision. The biggest incentive for organisations to comply with the CAP Code is that the publication of its decisions may lead to adverse publicity. The ASA can also require that all of an organisation’s adverts must be vetted in the future before publication. Some rights reserved by Creative Tools Some rights reserved by ePublicist
  • 5. Processing Payments Where online payments or donations are being taken, the payment processor must be ‘PCI compliant’ if taking card payments (a set of standards created by the Payment Card Industry, a conglomeration of several credit card companies). Failure to do so can result in large fines and removal of merchant status, meaning that you will no longer be able to take card payments from customers until the processor (whether it is your organisation or a third party) meets the PCI standards of compliance. Brian Miller is a solicitor and partner and Lauren Mitchum a trainee solicitor at Stone King LLP, providing specialist advice in the fields of intellectual property, IT, data protection and commercial law. If you would like further information about the Regulations or if you have any concerns or queries in relation to them, please contact Brian. Disclaimer: This article may not be reproduced without the prior written permission of the author. This article reflects the current law and practice. It is general in nature, and does not purport in any way to be comprehensive or a substitute for specialist legal advice in individual circumstances. Some rights reserved by Sean MacEntee