Is your new, shiny website ready for launch? Before you hit that ‘publish’ button, you need to check that all the legals are there (and in the right place!). This checklist walks you through all the legal bits you need to consider before you go live.
1. Do you have a set of website terms and conditions?
Under UK laws, all websites have to display certain information somewhere on their website about who they are, how people can contact them, what their VAT number is, etc. Most website owners fulfil this requirement by having a set of website terms and conditions. These sit neatly as a link at the foot of the home page. They typically also contain information about how the content on your website is owned by you, what people can and cannot do with your content, how you are not responsible for any websites that you link to, etc. These website terms and conditions will apply to all website visitors – regardless of whether they go on to become a client/customer of yours.
2. Do you have a privacy policy?
You need one of these to comply with UK data protection laws. Any business that collects personal data about its clients/customers and/or its website visitors (this can include website usage from the cookies used on your site) must have a privacy policy. The privacy policy tells people what data is being collected, for what reason, who it is shared with, what people’s data rights are, and so on. Typically, organisations deal with data protection compliance by having a privacy policy that sits (as a link) on their home page.
The UK data protection regulatory body, the Information Commissioner’s Office (“ICO”), has a wealth of free advice on data protection compliance, so make sure you check out their website.
As a side note, you need to remember that even though the UK left the EU, GDPR still applies in this country. This is because the UK adopted GDPR into UK legislation in the form of the Data Protection Act 2018.
3. Have you registered with the ICO?
All businesses in the UK that collect personal data about their clients/customers must be registered with the ICO. You have to pay an annual registration fee, which acts a bit like a data protection tax. The ICO use the money they receive to run their department, provide free advice and guidance to businesses, provide their free helpline and investigate data breaches.
4. Do you have a cookie policy and cookie pop-up notice?
If your website uses cookies then you need to tell your website visitors what cookies are being used on your website, for what purposes and for how long they last. You also need to explain to your website visitors how they can disable cookies if they so wish.
You can either satisfy all these requirements by having a separate cookie policy on your website (again as a link at the foot of your home page), or you can include a detailed cookie section within your privacy policy.
Finally, under UK laws you must get the consent of all first-time visitors to the use of cookies on your website. To do this, you must install a cookie pop-up box/notice which should link to your cookie policy and have a tick box that the website visitor must click to accept the use of cookies on your website.
5. Do you have an online shop?
If the answer is yes, then you need to do two things: (1) ensure that you have in place a set of Terms of Sale, which customers must accept before they pay for the product and complete the purchase; and (2) ensure that your purchase process complies with all the e-commerce requirements. There are specific steps that need to be implemented into your purchase process including the ability to check the details before making payment, receiving a confirmation email and be given information about refund/returns, etc.
6. Do you have a contact us page?
If you have the facility for people to contact you by submitting a contact us form with their name and email address, then you need to tell people that the information is being collected in accordance with your privacy policy and have a link to your actual policy. This needs to be stated immediately beneath the box in which the website visitor completes their information.
See my contact us page as an example:
7. Have you included a copyright legend?
Even though your website terms and conditions will state that all content on your website is owned by you, it is still worth including a copyright legend at the foot of your home page to re-enforce the message that you own the intellectual property in your website. Something like this will be sufficient:
© 2023 Aubergine Legal Limited. All rights reserved.
8. Consider whether you are a B2B or a B2C business.
If your website is targeting individuals (also known as ‘consumers’), then you also need to make sure you are complying with all the relevant consumer laws – especially those that apply to selling ‘at a distance’ (which includes online sales). See my blog ‘Terms and Conditions for Selling Online’ for more information.
Do you still need help?
I offer website audits to check that everything is in the right place, and I can provide any missing documents/T&Cs/ Privacy Policies – all drafted specially for your business.
For all the above I can offer fixed fee prices, depending on what help you need any what type of website you have.
Also, there are a number of other useful free blogs on my website that you may find useful, including this one:
Please get in touch at auberginelegal@outlook.com or via my contact us page if you need any help – I offer free 30 minute initial consultations with all new clients (either via phone or in my private virtual meeting room).