Compliance in E-Commerce by Sara Jane Black

We are very lucky to have a network of supporting businesses and individuals who know their area inside and out. One of these is Sarah Jane Black, from SB Business Support, who has written this guest blog around compliance for us. It is such and important area of selling online that often gets forgotten until it is too late. Sarah has done all of our complince and we couldn’t recomend you talk to any more urgently than Sarah.  

Starting up an e-commerce business? You need to ensure your documents are in order to mitigate your business risk, so you don’t have to claim on insurance, you, your supply chain and your valued customers are protected and safe. Your main function will be to transfer data and money, therefore secure policies are your protection. Your website/s represent the main function of your business, this takes many different forms. Some only present information, while others gather it; some advertise, and some sell.

So, what more do you need to be compliant and protected?

The most important is both GDPR and Privacy & Cookie Policy. Your privacy policy covers your website data sharing but your GDPR protects all data within the business on and offline.

To ensure compliance with the UK’s data protection legislation (UK GDPR and the Data Protection Act 2018), you need to be able to demonstrate that compliance, to do this you need to conduct a data protection audit, assess the current state within your business, determine the steps to which your current practices bring into line with the requirements set down in the UK GDPR, and identify areas for improvement. Similarly, when starting out on a new project which involves personal data, a Data Protection Impact Assessment can be a crucial tool in ensuring compliance, minimising privacy risks and maximising the protection of individuals’ rights.

All organisations working with personal data should now be adopting a proactive not reactive, preventative not remedial approach. Websites represent an important part of many businesses and take many different forms. Some only present information, while others gather it; some advertise, and some sell.

As an E-Commerce business, you will need to have in place Website Terms and Conditions, these include terms and conditions of service. Some website terms and conditions and terms of use, for example, may set out a customer’s rights; others may set out the terms for the use of copyright material. Whatever the type of website, by ensuring certainty in these matters, your customers, your website, and your business are all protected. Depending on the operations of your E-commerce business other policies to consider are Returns & Refunds Policy, Subscription Policy.

Lastly, every business requires a Business Continuity Planning (BCP), this is the process of predicting possible events or disasters and planning to ensure that your business can return to “business as usual” as quickly and painlessly as possible in the event of a disruption. No business, even a sole trader, is too small for BCP. Having effective Business Continuity Planning can also be an important part of the process of tendering for work.

A disaster can strike any organisation and potentially bring the business to a grinding halt and flood, fire, power failure, IT system failure, staff illness etc. can happen at any time.

Government estimates that around half of all businesses experiencing a disaster with no effective plans for recovery, fail within the following 12 months.

Written by:

Sarah Jane Black
S B Business Support
Nurturing the roots of your business, keeping the wolves from your door

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Skip to content