In today’s digital age, starting an e-commerce business has become an attractive and lucrative option for entrepreneurs. But how do you navigate this vast online marketplace?
Don’t worry, we’ve got you covered. This article condenses the process into digestible steps, guiding you through setting up your online venture. Plus, we’ll outline the legal must-haves to ensure your business has a firm footing for future success.
What is an ecommerce business?
An ecommerce business is a business that sells products or services via the internet.
According to trade.gov consumer ecommerce accounted for 30% of the total retail market in the UK in 2022. Unsurprisingly Amazon, eBay and Etsy are the top three most visited ecommerce sites for UK online shoppers.
According to Grand View Research’s industry report the global B2B ecommerce market is expected to grow by 18.7% from 2021 to 2028, to £9.43 trillion!
It’s safe to say that online shopping grows in popularity year-on-year; meaning demand is high but so is competition. Having a solid business plan and a strong legal framework are paramount for a successful start-up.
How do I start an ecommerce business?
1: Choose your business model
Will you be selling products or services? Do you want to sell to other businesses or to consumers?
2: Research
Who are your competitors? What will make your product/service stand out from them? Who are you aiming your product/service at? These are all questions you need to consider before moving on to the next stage.
3: Select your value delivery method
The logistics. Here you will need to think about how you are going to source, store, brand, package and deliver your products. If you offer a service, think about how you are going to deliver this service to your desired customer.
4: Write an ecommerce business plan
A business plan should include your mission and objectives; it should outline exactly what you plan to do, and how you will achieve it. Remember to set yourself realistic goals.
If you’re unsure of where to start download a free business plan template from websites like Forbes.
5: Choose a legal status for your business
You need to set up your business. Your options are:
• Sole trader (you’re responsible for all profits and all losses)
• Partnership (you’ll share management and profits with one or more people)
• Limited liability partnership (an incorporated partnership which is a separate legal entity)
• Limited company (a private company in which shareholder assets are protected, and shareholder liability to the company’s creditors is limited by the extent to which they invested)
If this legal jargon leaves you scratching your head, please feel free to pick up the phone and give us a call on 0117 435 4350; we are more than happy to advise.
6: Choose your business name
This is the fun part – choosing a business name. We suggest creating a logo so your brand can be easily identified. Think about creating brand guidelines, with colours, fonts and styles. Create a logo that embodies your business’s values and offerings.
7: Build your online shop
A very important stage. This is to where you are leading potential customers. Use an ecommerce website builder such as Wix or Shopify – it’s a quick, easy, and cost-effective way of creating your site.
Bear in mind, consumers form impressions in mere seconds. Hence, ensure your website is free from clutter, visually engaging with ample graphics, and simple to navigate.
8: Set up for payments
The next step is to set up a merchant account so your website can accept card payments. This is where funds go to be cleared and verified before they’re deposited into your business account. Either talk to your bank for advice or search for a merchant services company.
9: Market your ecommerce business
Now you’re all set up you need your audience to know who you are and what you have to offer. Think about setting up social media accounts, starting a blog, building up an email database, advertising or setting up a Google ads campaign.
11 ecommerce legal requirements for your online business
When you are ready to talk to a solicitor ensure that the areas below are taken into account.
1. Appropriate policy document
An appropriate policy document is a set of guidelines used by a business to help it manage how it handles certain activities. This can include things like how it protects personal data, follows legal rules, or interacts with customers.
It serves as a clear guide for the business’s actions and decisions on these issues and must include:
• Data processing: As the data controller you must ensure that data is processed according to the six principles in Article 5 of UK GDPR:
a. It is processed lawfully, fairly, and transparently.
b. It is collected for clear, specific, and legitimate purposes, and not processed beyond these unless necessary for public interest, scientific, or historical research.
c. It is sufficient, relevant, and not excessive for the intended purpose.
d. It is accurate and current, with prompt corrections or deletions made for any inaccuracies.
e. It is stored in a way that allows identification of data subjects only as long as necessary for the purpose of processing, unless it’s for public interest, scientific, or historical research.
f. It is processed in a way that ensures appropriate security for personal data.
• Data retention and erasure: Procedures for the retention and deletion of personal data, which include guidelines on how long data is kept.
• Access to ICO: This policy document needs to be available for the Information Commissioner’s Office (ICO) at their request, free of charge.
• Policy maintenance: This policy will be maintained from the start of data processing until six months after the processing ends.
Download your ecommerce GDPR checklist here.
2. Terms and conditions
All ecommerce websites should contain terms and conditions to reduce risk. These should be bespoke for your business. It should cover areas like payment terms, delivery, returns and refunds, intellectual property rights, and more.
Don’t worry if you are not sure what to include here; that’s the solicitor’s job.
3. Cookie policy
If your website uses cookies to track user behaviour, the following information will need to be included in your cookie policy:
• Why you’re using cookies on your website
– Strictly necessary cookies (privacy preferences, logging into accounts, filling in forms)
– Performance cookies (tracks visits and site traffic, does not store personal information, tracks site and page performance)
– Functional cookies (provides enhanced functionality and personalisation, assumedly like autofill or results you may be interested in)
– Targeting cookies (set by advertising partners of the website, used to build an interest profile and show you relevant adverts on other sites)
• The types of cookies you’re using
• Relevant information about third parties using the data from cookies
Find out more about cookies here >> Cookie Notices and Cookie Consent | Cookiepedia
4. Online selling regulations
Ensure your online business complies with the Electronic Commerce (EC Directive) Regulations 2002. This law specifies several requirements for online retailers, such as providing clear information about your business, including the VAT number if applicable.
These must provide:
• Name of service provider.
• Geographic address at which the service provider is established.
• Details of service provider, including email to ensure they can receive communication quickly and effectively.
• If registered in a trade: Details of the register in which the service provider is registered, and their registration number/method of identification within the register.
• If the provision of the service is subject to an Authorisation Scheme: Particulars of a relevant supervisory authority.
• If they exercise a regulated profession: Details of any professional body with which they are registered, their professional title and member state where the title was granted, a reference to the professional rules applicable to the service provider in the UK/member state of establishment.
• If VAT is charged on their services: the VAT number.
5. Distance selling regulations
Under the Consumer Contracts Regulations 2013, you’re required to provide detailed information about products, including the price (inclusive of taxes), payment methods, delivery costs, and information about the consumer’s righto cancel the order within a specific period.
This must provide:
• Main characteristics of the goods/services/digital content to the extent appropriate to the medium.
• Identity of the trader.
• Geographical address of where the trader is established, and trader’s contact details.
• Geographical address and contact details of other traders if acting on behalf of another trader.
• Geographical address and contact details of where complaints can be addressed.
• Total price of the goods/services/digital content.
• Any and all additional delivery charges/costs, at least stating that these will be payable and at least an estimate.
• Where it is a subscription, the total monthly costs or costs per billing period.
• The costs of using a means of distance communication to finalise the contract where it is calculated other than at a basic rate.
• The arrangements for payments, delivery, performance, and the time by which the trader undertakes to deliver the goods/services/digital content.
• The trader’s complaint handling policy.
• If there is a right to cancel, the conditions, time limit and procedure to do so.
• If the customer will have to bear the cost of returning goods, and if so, how much it will cost.
• If the right to cancel is exercised, then if the customer is liable to pay trader’s reasonable costs in relation to this.
• If the customer cannot exercise the right to cancel.
• A reminder that the trader is under a legal duty to supply the goods, if applicable.
• Conditions of after-sale services/customer assistance, if applicable.
• Existence of relevant codes of conduct.
• Duration of the contract and conditions for terminating the contract.
• Minimum duration of customer’s obligations under the contract, if applicable.
• Existence and conditions of deposits/other financial guarantees, if applicable.
• Functionality of digital content, if applicable.
• Relevant compatibility of digital content with hardware/software, if applicable.
6. Data protection
When a consumer provides any personal information, for example registering for an account, purchasing a product/service, or signing up for a newsletter; you will need to ensure that you are managing their data in compliance with data protection laws. A solicitor will be able to advise here.
7. Refund and return policy
A well-put-together refund and return policy not only protects your business, but it manages customer expectations. When drafting up your policy, remember to consider consumer rights.
The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 states:
• If the contract is a service contract or a contract for the supply of digital content, the normal cancellation period ends 14 days after the day on which the contract is entered.
• If the contract is a sales contract, the normal cancellation period is 14 days after the customer, or a person other than the carrier who has been named by the customer, comes into physical possession of the goods.
• Customers can cancel a distance/off-premises contract at any time within the cancellation period (above) without giving any reason and incurring no liability except in certain circumstances.
• Traders must collect the goods if they have offered to collect them or if it is not possible, arrange for them to be returned by post.
• The customer bears the costs of returning the goods unless the trader agrees to bear them, or the trader failed to inform the customer of them having to bear the costs of return.
8. Intellectual property rights
Intellectual Property (IP) is essential to protect and respect when running an ecommerce business. This encompasses copyright for your content, trademarks for your business name and logo, patents for unique products, and design rights for visual designs.
To avoid costly legal disputes and enhance your business value, it’s advisable to consult a legal expert for IP protection and to avoid infringement. It isn’t expensive to maintain IP rights, and well worth protecting your ideas.
9. Privacy and Electronic Communications Regulations (PECR)
In addition to UK GDPR, Privacy and Electronic Communications Regulations (PECR) give individuals privacy rights linked to electronic methods of communication, including email marketing and cookies. It’s best to be up-to-scratch with PECR to reduce any risk of breaching the policy.
PECR has been introduced to:
• Protect individuals from unsolicited marketing by any means (calls, texts, emails and faxes).
• Govern the use of cookies and similar technologies.
• Govern the security of public electronic communications services including breaches.
• Protect the privacy of customers using communications networks or services with regard to traffic and location data, itemised billing, line identification services and directory listings.
Penalties for breaching PECR can go up to £500,000 that can be issued against the organisation or its directors.
10. PCI compliance
Security measures like the Payment Card Industry Data Security Standard (PCI DSS) are not only essential for compliant online transactions but also serve to boost customer confidence when making a purchase.
Although it’s not required by law, failure to comply with PCI can result in fines from your bank provider if there is a data breach. You also risk breaching GDPR and enforcement action from the ICO.
11. Shipping and fulfilment
If your ecommerce business involves shipping physical products, you need to comply with shipping regulations, packaging requirements, and customs laws. This may include obtaining necessary permits, understanding import/export restrictions, and complying with labelling and packaging standards.
Talk to us if you need legal advice
If all this seems a bit overwhelming, fear not. As experts in the field, we’re well-equipped to guide you through the legal necessities of running an e-commerce business.
0117 435 4350 | info@rubric.law
