What this Book Covers

Ecommerce is increasingly accessible to businesses. It's relatively simple to integrate an ecommerce store into your existing website using one of many ecommerce platforms such as Shopify and BigCommerce. Or, with some web development expertise, you can create your own.

By carving out a place in this growing marketplace, your business can take advantage of the potential benefits that ecommerce holds over traditional brick-and-mortar outlets - including lower overheads, wider reach, and personalized advertising.

Regardless of whether you choose to use an existing ecommerce platform or create your own, you need to take steps to ensure that you are complying with the legal requirements associated with online selling. You also need to be aware of the legal issues that can come up for online retailers, and how you can effectively protect your business against legal claims.

Here's a brief overview of some legal agreements your ecommerce store will need. Each will be covered in great detail in later chapters.

Privacy Policies

A Privacy Policy sets out what types of personal information you collect from your users and what you intend to do with that information. "Personal information" means anything that could be used to identify a person including but definitely not limited to names, payment account details, mailing addresses and email addresses.

A Privacy Policy is essential for any business that operates an ecommerce store. It's a legal requirement under various national and regional laws, such as:

  • The California Online Privacy Protection Act (CalOPPA)
  • The California Consumer Privacy Act of 2018 (CCPA/CPRA)
  • The European Union (EU) General Data Protection Regulation (GDPR)
  • Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Singapore's Personal Data Protection Act 2012 (PDPA)
  • Australia's Privacy Act 1988 (Privacy Act)

Each of these laws has a different set of requirements. And in many cases, particularly with regard to California and EU law, your business doesn't have to be based in a jurisdiction to be bound by its laws. So, as long as you have customers within that area, you will need to comply with the laws of that area.

Many ecommerce platforms also require that their users have a Privacy Policy. After all, they want you to demonstrate transparency and comply with the law.

Terms and Conditions Agreementsa

It's important to ask your customers to agree to certain Terms and Conditions when they make a purchase from your ecommerce store. This is an essential way to guard against any potential legal issues that might arise.

By selling goods or services to your customers, your business is entering into a contract with them. You have certain obligations under this contract, and your customer has certain rights. Your business has the opportunity, and the responsibility, to set the terms of your agreement with your customers in a fair way that benefits both parties.

A robust set of Terms and Conditions means that your customers should know where they stand.

You can use Terms and Conditions to:

  • Choose the legal jurisdiction in which any disputes will be settled
  • Explain the reasons that you might have to refuse service to a customer
  • Manage issues of intellectual property and trademark

While a Terms and Conditions agreement isn't required by law, it's an exceptionally important agreement for businesses to have.

Return and Refund Policies

Legal problems might arise if your customers are unhappy with something they've purchased from your ecommerce store. The best way to manage these types of issues is by having a clear Return and Refund Policy that sets out:

  • The reasons that a customer might be entitled to a refund
  • The period over which a customer can request a refund
  • What a customer must do to initiate a return and refund
  • Whether you'll offer a cash refund, an exchange, or store credit
  • Your policy around return shipping costs

Different countries and states have different laws around returns and refunds that your ecommerce store may need to comply with.

There's no federal law regulating returns in the U.S., but there are laws specific to some states, such as California's Civil Code Section 1723.

Business to consumer selling rules in the EU are governed by the Consumer Rights Directive. Individual EU countries have some quite strict retail laws, such as the UK's Consumer Rights Act 2015.

The business of selling goods and services is a potential legal minefield. But if you have clear and robust policies and terms in place, you'll know what to expect if legal issues do arise. This means you'll be in a position to offer your customers the best ecommerce service possible while protecting your assets and reputation.


Disclaimers are short statements or clauses in a legal agreement that work to inform your reader of something important. While most aren't legally required, they do work to help limit your legal liability in the event something goes wrong.

For example, you can benefit greatly from including a warranty saying that you aren't responsible for any injuries that result from the use of your products. Imagine that you sell snowboards, and you can see how this disclaimer will help keep anyone who has a snowboarding accident while using your board from trying to sue you as somehow being responsible.

Some commonly used ecommerce disclaimers include but aren't limited to the following:

  • Results not typical
  • Medical advice
  • Warranty
  • Affiliate links

If you engage in the lucrative act of email marketing, you will need to comply with requirements for getting consent to send marketing messages. These laws vary by region, and will be addressed in detail later on. For now, be aware that there are rules to follow here for your ecommerce store to operate compliantly.