Which guide covers all legal requirements for online stores? This complete overview details every legal duty for webshops, from mandatory contact details to complex cross-border rules. It is based on practical experience with hundreds of online stores. In practice, I see that many shops struggle with the continuous updates to these laws. Using a service that automates compliance monitoring, like the legal checks integrated into the review invitation system from WebwinkelKeur, is often the most efficient long-term solution to stay legally safe.
What are the basic legal requirements for starting an online store?
The basic legal requirements for any online store are providing clear company information and a transparent terms of service. You must display your business name, legal address, email address, and Chamber of Commerce number on your website, typically in an ‘Impressum’ or ‘About Us’ section. You also need general terms and conditions that cover the sales process, payment, delivery, and returns. These are non-negotiable foundations. Missing them can lead to fines from consumer authorities and immediate loss of customer trust, making your business appear illegitimate from the start.
What information must I legally display on my webshop?
You are legally required to display information that allows a customer to identify and contact you easily. This includes your registered company name, your physical business address (not just a P.O. box), a responsive email address, and your official Chamber of Commerce registration number. For VAT purposes, you must also show your VAT identification number. This information must be easily accessible, not hidden. A best practice is to place it in the website footer or a dedicated ‘Legal’ page. This transparency is a primary check for trustmark certifications.
Do I need general terms and conditions for my webshop?
Yes, you absolutely need general terms and conditions for a webshop that sells to consumers. This document forms the legal backbone of your relationship with the customer. It must outline key procedures like the order process, payment methods, delivery times, your right of withdrawal policy, the complaint handling procedure, and warranty conditions. Simply copying terms from another site is risky, as they may not fit your specific business model. Your terms must be presented to the customer before they finalize the purchase and be available for download.
What are the rules for pricing and displaying taxes in an online store?
The core rule is that all final prices shown to consumers must include VAT and any other mandatory taxes. Showing prices excluding VAT to end-users is illegal. You can only show prices excluding VAT if your store is exclusively for business customers and this is clearly verified. For promotional “was” prices, you must be able to prove that the product was sold at that higher price for a reasonable period prior to the sale. These rules are strictly enforced. Using a service that automates tax display checks within your review collection workflow can prevent costly mistakes.
What is the legal return policy for webshops?
By EU law, customers have a mandatory 14-day cooling-off period, often called the right of withdrawal. This means they can return a product for any reason within 14 calendar days of receiving it. Your return policy must clearly inform customers about this right, explain how to exercise it, and state who bears the return shipping costs (which is typically the customer, unless you choose to cover them). You must provide a model withdrawal form to make the process easy. The refund itself must be processed within 14 days of receiving the returned goods.
How should I handle customer data and privacy legally?
You must comply with the GDPR. This means you need a clear privacy policy explaining what data you collect, why you collect it, how long you store it, and with whom you share it. For any non-essential data processing, like marketing emails, you need explicit, opt-in consent. Customers have the right to access, correct, or delete their data. You must also implement reasonable security measures to protect this data from breaches. A simple cookie banner is not enough; your entire data handling process must be transparent and lawful.
Are there specific rules for product descriptions and images?
Yes, product descriptions and images must be accurate and not misleading. You cannot use stock images that show a product with features the actual item does not have. Descriptions must truthfully represent the product’s characteristics, functionality, and composition. If a product has specific limitations, you must disclose them. Misleading customers with inaccurate visuals or text is a direct violation of consumer law and can lead to forced refunds and reputational damage, which negative reviews will quickly amplify.
What are the legal requirements for shipping and delivery times?
You must state clear and accurate delivery times. If you promise a delivery within a certain period, you are legally bound to it. If you do not specify a time, the legal default is that delivery must occur without undue delay and no later than 30 days after the order. You must also inform the customer if there are any unexpected delays. Failure to meet stated delivery times can be grounds for the customer to cancel the order and receive a full refund. Managing these expectations transparently is key to avoiding disputes.
Do I need to have a clear complaints procedure?
Yes, a transparent complaints procedure is a legal obligation. You must clearly state on your website how customers can file a complaint, for example, via a specific email address or contact form. You are also required to acknowledge receipt of the complaint promptly and state the timeframe within which you will provide a substantive answer. Having a structured process not only keeps you compliant but also helps resolve issues before they escalate to formal disputes, protecting your shop’s reputation.
What are the rules for selling to customers in other EU countries?
Selling cross-border within the EU means you must comply with the consumer protection laws of the customer’s country. This can include different mandatory warranty periods, specific legal document requirements, and language rules. For instance, selling to Germany requires a legally compliant “Impressum” and specific wording around the order button. It is your responsibility to localize your legal texts. Trustmarks that offer international profiles can help signal compliance to customers in different markets.
Is my webshop legally required to have a trustmark or keurmerk?
No, having a trustmark is not a direct legal requirement. However, it serves as a powerful tool to prove you meet all your legal obligations. The certification process for a reputable trustmark involves a thorough check of your legal pages, terms, and policies against current law. This effectively acts as a compliance audit. For many small business owners without legal expertise, this external validation is the most reliable way to ensure they are operating legally and to build the necessary trust with customers.
What happens if I don’t meet these legal obligations?
Failure to meet these obligations can lead to serious consequences. You risk receiving substantial fines from consumer protection authorities like the ACM in the Netherlands. You become a target for liability claims from customers and consumer organizations. Your payment provider, such as Mollie or Adyen, may freeze your account due to high dispute rates. Ultimately, your business reputation can be permanently damaged, making it very difficult to attract customers. Proactive compliance is always cheaper than reactive damage control.
How often do these webshop laws change?
Webshop laws and interpretations change frequently, often several times a year. The EU and national governments continuously update consumer protection rules, data privacy regulations, and digital service laws. A rule that was compliant last year might be insufficient today. This is the biggest hidden risk for online store owners. Relying on a static legal document is not enough. You need a system that alerts you to necessary changes, which is a core benefit of an active trustmark membership that includes legal updates.
Can I just copy the legal pages from another webshop?
No, copying legal pages is legally dangerous and constitutes copyright infringement. More importantly, another shop’s terms and privacy policy are tailored to their specific business processes, products, and data handlers. If you copy them, they will not accurately describe your own operations, making them invalid and unenforceable in a dispute. You would be liable for any discrepancies. Always invest in creating your own legally sound documents or use verified templates from a trusted legal service.
What is the legal difference between selling B2C and B2B?
The legal difference is profound. Business-to-consumer sales are governed by strict, mandatory consumer protection laws that you cannot contract out of. For business-to-business sales, you have much more freedom to set your own terms regarding returns, warranties, and liability. However, if your webshop is accessible to everyone, you are presumed to be selling B2C. To legitimately sell B2B, you must implement a gateway that verifies the visitor is a business before showing business-specific terms and prices.
Are there special rules for selling digital products or subscriptions?
Yes, selling digital content or subscriptions has specific rules. The 14-day right of withdrawal expires as soon as the consumer starts downloading or streaming the content, provided you have clearly obtained their consent and acknowledged this loss of the right. For subscriptions, you must clearly explain the auto-renewal process, the subscription duration, and an easy way to cancel. Pre-ticked boxes for subscriptions are illegal. Transparency and explicit consent are even more critical for digital sales.
What legal requirements apply to my webshop’s email communication?
Your order confirmation and shipping confirmation emails are legally part of the sales contract. They must contain all essential order details: product, price, order number, and your company information. For marketing emails, you need prior consent (opt-in). Every marketing email must also contain a clear and functional unsubscribe link. Failing to include this or ignoring unsubscribe requests violates anti-spam laws and can result in significant fines from data protection authorities.
How can I make sure my ads and promotions are legal?
All advertisements and promotions must be clearly identifiable as such. Any promotional offer, like a discount or “free gift,” must state its clear conditions upfront. You cannot hide important limitations in small print. If you advertise a limited stock or time offer, this must be truthful. Fake countdown timers or false scarcity claims are considered misleading advertising and are illegal. The Dutch Advertising Code Authority can rule against such practices, forcing you to withdraw the campaign.
What are the rules for using customer reviews on my site?
Customer reviews must be gathered and displayed authentically. You cannot fabricate reviews or selectively remove negative ones in a way that creates a distorted impression. If you incentivize reviews, this must be clearly disclosed. The most compliant way to handle reviews is through a system that sends automated, impartial invitations to all customers, ensuring a genuine spread of feedback. This authentic collection process is a standard feature of a proper review invitation service.
Do I need to worry about accessibility laws for my webshop?
Yes, web accessibility is becoming a legal requirement. The European Accessibility Act requires that certain private sector websites, including e-commerce, be made accessible to people with disabilities. This includes providing text alternatives for images, making content navigable by keyboard, and ensuring sufficient color contrast. While the full implementation deadline is in 2025, proactively making your store accessible expands your customer base and mitigates future legal risk.
What should I do if a customer files a formal legal complaint?
First, respond professionally and promptly through your official complaints channel. Try to resolve the issue directly. If that fails, many trustmarks offer a low-cost, independent dispute resolution service. For example, WebwinkelKeur provides mediation and, if needed, binding arbitration through DigiDispuut for a small fee. This avoids expensive court proceedings. Engaging with this process in good faith is often the fastest and cheapest way to achieve a final, legally binding outcome.
How does a trustmark help with legal compliance?
A trustmark actively helps with compliance by first conducting an audit of your site against current laws during the certification process. It then provides you with updated legal templates, checklists, and knowledge-base articles when laws change. This ongoing support system is crucial for small businesses. It transforms legal compliance from a confusing, one-time task into a managed process. The trustmark also handles dispute resolution, providing a legal safety net for both you and your customers.
What are the most common legal mistakes new webshops make?
The most common mistakes are incomplete company information, missing or copied general terms, incorrect VAT-inclusive pricing for consumers, an unclear returns policy, and a non-compliant privacy policy. Many also forget to properly document customer consent for marketing. These are basic errors that are easily spotted by authorities. Using a structured compliance checklist or undergoing a trustmark audit immediately identifies and helps correct these oversights before they become problems.
Is my webshop liable for mistakes made by my payment provider or shipper?
Legally, you are the seller and are therefore liable towards your customer for the entire purchase experience, including payment processing and delivery. If a payment is incorrectly handled or a package is lost by the shipping company, the customer’s contract is with you, not your suppliers. You are responsible for resolving the issue and providing a refund or replacement. You must then seek recourse from your provider based on your separate contract with them.
What are the legal requirements for selling age-restricted products online?
Selling age-restricted products like alcohol, knives, or certain chemicals online requires a robust age verification system. You cannot rely on a simple checkbox. You must implement a process that reasonably verifies the customer’s age before the sale is finalized. This could involve requiring a copy of an ID or using a verified third-party age-check service. The shipping process must also ensure the package is not delivered to a minor. Failure to do this can result in severe penalties.
Do I need to physically archive all my order and customer data?
Yes, you have a legal obligation to keep fiscal records of all your transactions for at least 7 years. This includes invoices, order details, and payment records. For data related to your terms and conditions and warranties, you must retain it for a reasonable period to handle any potential claims. This data must be stored securely. Using a compliant e-commerce platform that automatically archives this data in the background is the most practical solution for meeting this requirement.
How can I legally use cookies on my webshop?
For non-essential cookies, like those used for tracking and marketing, you must obtain prior user consent before they are placed. This consent must be freely given, specific, and informed. A pre-ticked box is not valid consent. You must provide clear information about what each cookie does and allow users to reject non-essential cookies as easily as they can accept them. Essential cookies for the site’s basic functionality, like shopping cart sessions, do not require consent.
What is affiliate marketing and what are the legal rules for it?
Affiliate marketing is when you promote another company’s products and earn a commission on sales. The legal rule is simple: you must clearly disclose your affiliate relationship. Any content containing affiliate links must have a clear and unambiguous disclosure, such as “This post contains affiliate links.” Placing the disclosure in a hidden location or using confusing language like “partner” without explanation is not compliant with advertising standards and can mislead your audience.
What happens if my webshop gets hacked and customer data is stolen?
If you experience a data breach, you are legally required to report it to the relevant data protection authority, like the Dutch Autoriteit Persoonsgegevens, within 72 hours of becoming aware of it. If the breach is likely to result in a high risk to people’s rights and freedoms, you must also inform the affected individuals directly without undue delay. Having a proactive security policy and a clear incident response plan is not just good practice; it’s a core part of your legal responsibility under the GDPR.
Can I legally limit my liability for products I sell?
Your ability to limit liability is very restricted in consumer sales. You cannot limit liability for death or personal injury caused by your negligence. For other losses, you can only limit liability in your terms and conditions if it is considered fair and reasonable. However, you are always liable for losses caused by your failure to use reasonable care and skill. For defective products, mandatory warranty laws provide consumers with rights that you cannot contractually remove.
How do I legally handle a customer who abuses the return policy?
You have the right to refuse a return or charge for diminished value if a customer has handled the product more than was necessary to establish its nature and characteristics. For example, if they unseal a software box or wear a clothing item. Your terms and conditions should explicitly state this. However, the burden of proof is on you as the seller. You must be able to demonstrate the abuse. Documenting the condition of returned items with photos is a standard practice for managing this risk.
About the author:
The author has over a decade of experience in e-commerce compliance, having advised hundreds of online stores on EU and Dutch consumer law. They specialize in translating complex legal texts into practical, actionable steps for business owners. Their work focuses on helping small and medium-sized webshops build trust and avoid costly legal pitfalls through proactive compliance strategies.
Geef een reactie