ShapeShapeauthorShapecrossShapeShapeShapeGrouphamburgerhomeGroupmagnifyShapeShapeShapeShape

Your website’s good … but is it legal?

by
01 June 2015, at 12:00am

ANDREW BRENNAN says there is no justification for ignorance of the regulations governing business websites and outlines what needs to be done to ensure you meet the minimum requirements

AS more people search the internet for the “right” veterinary practice, an attractive, user-friendly and engaging website is essential.

Whilst you put a lot of effort into showcasing the services you offer, have you given enough consideration to ensuring your website meets the minimum legal requirements?

It’s not a priority for most businesses and many appear unaware of the laws governing corporate websites, or believe they only refer to e-commerce sites or sites selling products to consumers.

In reality, the websites of all UK registered businesses must clearly display the name of the business, the full registered address, place of registration and registration number, with the VAT number, where appropriate. If a business undertakes any regulated activities, the details of the regulators must also be clearly displayed.

Sole traders and partnerships must display the address of the main place of business. For businesses selling products, services or digital content to consumers through their website, information about the offering and right to cancel must be provided.

How do the cookies crumble?

In 2011 the law on how cookies can be used was changed, with website users now having to consent to their use, but many websites have still not made the necessary changes.

If users are suspicious about a business’ policy, they might block cookies in their browsers and ruin their experience of the site; this could eventually require a costly re-design of the site, allowing it to work without cookies. It’s better to explain what cookies are used, what information they’re gathering and what will be done with it.

Are you treating information with respect?

The most compliance concerns are raised by the collection, storage and use of personal data, which includes the sharing or selling-on of information obtained by sites.

To improve engagement with visitors, websites often offer free information, reports or top tips in exchange for personal information, hoping to capture e-mail addresses, postal addresses and phone numbers. If visitors provide personal contact details, as far as the law is concerned they have consented to being contacted.

There is no issue with e-mailing them at a later date, but it must be in relation to their original enquiry or transaction. The means to unsubscribe from such communications and be removed from any list holding their personal contact details must also be included.

If a business wants to e-mail individuals with general marketing information, unrelated to their original enquiry, it must obtain “opt-in” consent, usually done by providing boxes to tick. These boxes must not be pre-ticked as an individual must positively affirm consent. Any business still using pre-ticked boxes risks enforcement action.

These rules currently only apply to individuals (and strangely, partnerships but not LLPs) and not corporate visitors to a website but businesses must still be cautious, as corporate visitors might provide personal contact details, which would then be covered by the regulations.

Interestingly, if a website user provides address details and phone numbers, businesses can contact them by telephone or post for marketing purposes, unless or until they are told to stop doing so.

What is your privacy policy?

Any business intending to use personal information captured through its website becomes a data controller and must appoint a designated data controller. The business must explain to those using the site, who have had information gathered, what data are being collected and why.

The privacy policy should advise if this information is for direct marketing purposes and include a method of contacting the data controller – an e-mail link will do.

The introduction of tougher new consumer data protection laws this year is expected to tighten the rules governing corporate websites. Failure to comply with the new rules could result in heavy fines or enforcement action, so businesses should ensure they have all the appropriate policies in place.

Can terms and conditions protect your business?

A set of “terms and conditions” is not a legal necessity but a good website will include them to help prevent future problems. Ideally, they should define what the business does and what intellectual property (IP) it owns on the site.

A “disclaimer of liability” is another valuable policy which advises visitors that although information on the site is accurate to the knowledge of the website owner, it should not be taken as fact.

Many businesses now allow visitors to their site to add service reviews in an attempt to build stronger customer relationships. However, the business should have an “acceptable use” policy, easily found on the site, to safeguard the business from anyone posting illegal or offensive material.

The policy allows the site owner to take action, including removing posts, banning individuals and even reporting their activity. Without this policy the business could be the one in trouble.

Every business should check its site carefully and ensure it complies. If in doubt, consult a lawyer who understands this dynamic area of law, then pay attention to any future changes to the rules governing corporate websites.