Your business website is required to comply with current legislation or pay the consequences. Here’s a checklist of 7 legal requirements for your business to act on to keep your website, and your business, on the right side of the law. As the owner of a website, you have a legal obligation to keep your website compliant with current legislation (2018).
Website legal requirements change frequently, and ignorance is certainly no excuse for ensuring your business complies with all the legal issues and statutory requirements that govern the content and functionality of your website. We are not a solicitor but want to share key areas for your businesses to focus on and possible compliance concerns.
1. The Identity Of Your Online Business
The Companies Act 2006 has the honour of being one of the UK’s longest pieces of legislation, running to more than 700 pages long. This requires you disclose certain information about the identity of your company on your business website. This information doesn’t need to be on every page, but it does need to be easily found so it will typically go on your “Contact Us” page or “About Us” page. You will also find placing some of this information on the footer section of your pages will be useful to both users and for search engine optimisation (SEO):
- Company name
- Company registered number
- Place of registration, such as England or Wales
- Registered office address
- Your company name, postal address and company email address
- How to contact your business via non-electronic means
- Your VAT number, even if the website is not being used for e-commerce transactions
- The name of any trade bodies or professional associations that the business is part of, including membership or registration details.
2. What Is GDPR And How Do I Become Compliant?
The GDPR regulations came into effect in May 2018. It is one of the most significant pieces of legislation improving the rights of individuals to understand how their personal data is being processed and a business website must adhere to them.
What Do I Need For To Be GDPR Compliant?
Preferences on your web contact forms set to default to “no” or blank and users have to actively opt-in
Making it easy for users to withdraw their consent or opt-out
Forms should collect a minimum of information and only the data required for the task at hand
Notifying users of cookies that are being used to track their behaviour
And have in place a data breach process in case the worse happens
3. Company Policy And Procedures
There are a number of standard and important pages for you to include on your business website.
4. What Is Consumer Protection?
If your company is selling online, then your business will need to comply with a range of legislation that includes the online and distance selling regulations as well as electronic commerce regulations and the consumer rights act. This is a very important area, but on your overall checklist the main issues you need to consider include:
The required information before an order is placed, including full costs, payment terms, delivery arrangements, and the consumers right to cancel
The required information after an order is placed, including a copy of the contract to purchase
That you fulfil the order in a satisfactory and timely manner
That your goods and services are of satisfactory quality, fit for purpose, and as described on your website
5. What Is Website Accessibility?
Your business website must accessible to everyone who needs it. If it isn’t, you may possibly be in breach of the Equality Act 2010. What this means for your website is:
Meet level AA of the Web Content Accessibility Guidelines (WCAG 2.1) as a minimum
Work on the most commonly used assistive technologies – including screen magnifiers, screen readers and speech recognition tools
Include people with disabilities in user research and that you include an accessibility statement on your website
6. Cyber Security And Protecting Your Data
The Information Commissioner’s Office (ICO) has published a set of technical security processes that are considered to represent appropriate measures under the GDPR. As a business, your responsibility is to take the necessary steps considered ‘appropriate’ and necessary to prevent personal data from being accidentally or deliberately compromised. In other words, it is your responsibility to prevent hacking and cybercrime.
For your website this would include:
- Implementing an SSL certificate on your website for the encryption of personal data
- Updating your website software regularly, including your website operating system and your content management system
- Testing your website for security vulnerabilities
7. What Is Online Copyright And Infringement?
You will notice most websites have a “Copyright 2018” statement in the footer. All websites and their content are inherently copyright protected provided they are original works and adding that text can act as a deterrent from others stealing your content. But businesses of all types could be a victim of copyright infringement by unknowing or unscrupulous businesses who think nothing of copying someone else’s work and passing it off as their own. Google would perceive this as duplicate or spun content and will not help your SEO.
It is very much in your businesses interest that you exert your own right to your copyright and that you respect the copyright belonging to others. With this in mind your copyright checklist should include:
- That you are only making use of licensed or copyright free images.
- That you are detecting other sites that could be infringing your copyright
- That you are protecting your own website copyright
This checklist of website legal requirements was created to help your business with ongoing web improvement. If you require any additional information, then contact us.