Getting online: Five steps to progress and protect your ecommerce business - Kuits Solicitors Manchester
  • Insights
  • Getting online: Five steps to progress and protect your ecommerce business

Getting online: Five steps to progress and protect your ecommerce business

Getting online: Five steps to progress and protect your ecommerce business

18th June 2020 - Published by Kuits commercial team

The digitalisation of business has been apparent for some years but, recently accelerated by the global COVID-19 pandemic, more and more businesses are moving online in a bid to keep pace with the increasing demand for online consumption.

For those new to the ecommerce world, increasing your customer base, widening your market, reducing overhead costs and market analysis are just a few of the many advantages and opportunities associated with making this move.

Here, we set out the five top things we think you should consider when getting your business online.

If you have operated your ecommerce site for some time, skip ahead to Step 3 to find out whether you are successfully protecting your ecommerce operations.

Step 1: Buy a domain name and create your website

Ideally, you would want this to be the same as your business name. To purchase a domain, search the name of your business through a domain buying platform such as Shopify, Wix, GoDaddy or 123-reg. These will list all of the available domains associated with your business name from which you can make a selection and purchase your domain, usually on an annual subscription.

There are a number of ways you can create a website: either by building your website yourself, using a website builder such as Wix, Squarespace or GoDaddy; or using a web developer. We would always recommend having an agreement in place between your business and the developer, governing your relationship and ensuring ownership of the website and any content they create will vest automatically in your business, or be transferred upon completion of the website.

When using websites, most (if not all) online businesses will have licensed intellectual property rights from a third party (licenses to use the software or to include certain content and/or pictures on your website). Alternatively, you may create or develop intellectual property either yourself or through a third party developer you have engaged. You should ensure that any agreement with a developer, whether in-house or a contractor, contains adequate provisions to guarantee that all intellectual property rights are owned by your business, or transferred to it to the extent that they are not. Intellectual property is an extremely valuable asset of any business and it is important you get it right to achieve the desired commercial outcome in respect of the valuable intellectual property rights.

Step 2: Consider how you will take payments

To process card payments, you will need to obtain a merchant account. This is where funds go to be cleared and verified before they are deposited into your business account. You can either get a dedicated merchant account from a bank or a third-party provider such as Worldplay, PayPal or Barclaycard. Alternatively, you could partner with a payment facilitator such as Stripe, Square, iZettle or SumUp. These companies offer aggregated payment processing which means they will process your payments in batched lots with those of other merchants.

Once signed up to, and approved for, merchant services, your payment provider will equip your website with the technology needed. This will include a payment gateway and a virtual terminal. A payment gateway is a secure piece of software that will sit on your website. Its purpose is to authorise and verify the transactions you accept online, acting as a go-between connecting your customer’s bank with your business’ merchant account. A virtual terminal is a secure, web-based portal which enables you to take payments over the phone.

There will be terms of use for your merchant account which you will have to accept before you are able to use it. Whilst these are usually non-negotiable, it is important you understand your legal rights and obligations under these terms.

In addition, you must ensure that there are adequate provisions in place between you and your payment provider, which meet the minimum data security standards for storing, processing and transmitting payment card data.

Step 3: Appoint a supplier

Research potential suppliers and collect as many quotes as you can. Decide which might be the best fit for your business model and value delivery model. If you are drop shipping, you will need to obtain information about a supplier’s packaging and delivery methods, and the exact cost for these. Depending on your size, there may be some scope for negotiation. If you have opted for a wholesaling approach, you will need to find somewhere to store your stock. Again, size dependent, you may need a warehouse to manage it from.

You will need an agreement in place which clearly defines the scope of both parties’ obligations and liability to the other in the course of their relationship. There are a number of distribution arrangements which can be agreed with your supplier. Do you seek to have exclusive, non-exclusive, sole or selective distribution rights? Are you going to be limited to a certain territory, or do you have the capabilities for worldwide distribution? It is very rare that a distribution agreement is agreed without negotiation. You will therefore need legal assistance negotiating the document to ensure it adequately reflects your desired commercial outcomes. In addition, there are complex competition law and regulations which must be considered alongside any distribution agreement.

Step 4: Know your customer’s rights and put in place the necessary protections

As an online business, there are several legal regulations you will need to comply with.

a. General Data Protection Regulation (GDPR) – Online businesses must ask for explicit consent before processing a customer’s personal data. There must also be full transparency around how you will use customer’s personal data, give your customers the right to access the data you hold about them, and comply with any requests they make for you to delete their personal data.

b. Privacy and Electronic Communications (EC Directive) Regulations 2003 – Almost all websites will use cookies and so it’s important you are aware of the EU Directive which applies in the UK. This requires websites to get consents from visitors to store or retrieve any information on a computer, smartphone or tablet (which is essentially what a cookie does – they are little data files which store information in peoples’ web browsers). Compliance with these regulations comes down to three steps:

1. Carry out a cookie audit to work out what cookies your site sets, and what they are used for;

2. Create a cookies policy detailing to your visitors the cookies you use, what they do and how they can turn your website’s cookies off; and

3. Obtain their consent for the cookie to store information about them. This is usually done through use of a pop-up when a user makes their first visit to your website. You can install a ‘Cookie Law’ plugin on your own website to make sure this is complied with. If they don’t consent, this will most likely affect the functionality of the website for them.

c. The Electronic Commerce (EC Directive) Regulations 2002 –This is a crucial piece of information for all ecommerce businesses. It regulates the way in which businesses can communicate with their customers online. Under these regulations, you must:

1. Display your business’ name and address, contact details, company registration number and VAT number on your website;

2. Have your terms and conditions easily accessible for customers to read;

3. Be very clear about price, taxes, delivery fee and the terms surrounding any special offers;

4. Confirm every order by email. You are able to set up automated email responses to ensure this happens;

5. Make it clear that all marketing emails and/or unsolicited emails that you send are purely for marketing purposes, and give your customers the option to opt out of these. This can usually be done by having link at the bottom of all emails allowing users to unsubscribe from your mailing list; and

6. Ensure that the sender of any communication from your business is identifiable.

d. The Consumer Protection (Distance Selling) Regulations 2000 – These regulations cover B2C (business to consumer) relationships, rather than B2B (business to business). Their purpose is to protect the rights of your customers and the principle underpinning these regulations is that of fair returns. It states that online businesses must give customers 14 days to cancel or return orders (excluding downloads, perishables and certain products for hygiene reasons). Any returns made by your customers within this 14-day period must be met with a full refund. These regulations also seek to ensure that you are transparent about the products or services you are selling, your VAT, and any postage or packaging costs you will charge the customer for.

Step 5: Protect your business when transacting with your customers

This is generally done through electronic terms and conditions. Customers’ acceptance of these terms creates a binding and enforceable contract with your business. How you implement this is, of course, your choice, however you must ensure that customers have had visibility and actively accept your terms and conditions prior to providing them with a service or product. One way of doing this is to have customers click a box upon signing up to the service, website or purchasing the product which confirms they have read the terms and agree to accept them ‘as is’ (in other words, they have no questions they want to raise with you).

On occasion, it may be possible to infer a user’s acceptance of terms by them simply using the service or buying the goods however, it is always much safer to have their express acknowledgement and acceptance of your terms.

Our commercial team can help you audit your website and ecommerce activities and provide you with the relevant documentation and policies you need to flourish and avoid legal recourse. Please contact James Wall at or on 0161 838 7996.

Subscribe to our mailing list