Website content law

The modern business website fulfills many different roles. It is simultaneously an electronic storefront, a sales channel, a customer contact point and a service and information resource.

It is also a legal entity in its own right, with rules specifying certain types of information that every business website must make available in order to comply with the law.

The categories of information you must include generally fall into three  areas:

  • Details about the company.
  • Data protection and privacy information.
  • Terms and conditions of service and customer guarantees.

Let’s take a brief look at the legal background to these requirements, including new GDPR content that you need for accessibility. We’ll also touch on things that aren’t necessarily legally required, but are certainly recommended.

This article is applicable to the UK and the EU, although some principals are good practice anywhere in the world.

A simple, 8-point legal checklist for website content

Reading through pages and pages of dense legislationis no fun for anyone. So we’ve pulled together a quick checklist of the things you need to keep your website compliant.

1. Company information

Registered companies such as limited companies and limited liability partnerships (LLPs) must publish their main registration details on their website, namely:

  • Company name
  • Registered business address
  • Place of registration
  • Registration number
  • Details of membership of any trade organisations.

For sole traders and non-registered companies, you must provide a principal business address.

Website content company information
Photo by Chris Barbalis on Unsplash

These requirements were some of the first regulations introduced under the EU distance selling directive to crack down on fraudulent operators running scams from fake websites.

2. Contact details

In addition to company information, the Consumer Contracts Regulations 2013 state that all websites must also clearly display contact information.

This is to make sure customers always have the option to query an order or transaction made online.

The requirement to clearly display contact information is most easily covered by having a dedicated contact page. It’s good practice to include a phone number, although that isn’t a legal requirement. You may find it helps with conversions.

3. Privacy policy

Websites have always had to publish a privacy policy if they collect and process information from visitors, for example:

  • By asking for subscriptions to a newsletter
  • When logging customer details after making a sale.

A privacy policy has to state clearly what data is collected, what it will be used for, and how it will be protected.

Website content for GDPR
Photo by Paulius Dragunas on Unsplash

The GDPR has built on existing privacy policy requirements by stating that they must be written so ordinary readers can understand them – in other words, not hiding the use of data behind legal jargon.

They must also include a clear explanation of the individual’s rights in relation to their data, including opt-out steps, their right to be told what data is held on them, and their right to ask for all personal data to be deleted.

Find out how to write a GDPR privacy policy yourself. We’ll cover GDPR in more detail in section 7, below.

4. Cookie policy

The GDPR has reclassified information processed by cookies and similar technologies as personal data. The use of cookies has been regulated in the UK for a number of years, requiring websites to offer a means of opting out.

The new GDPR definitions mean the use of cookies must now be explained fully in a policy, accompanied by explicit consent from the web user.

In the interests of transparency — an important principle of GDPR compliance — the majority of business websites are choosing to meet these requirements by taking the following three steps:

  • Creating a pop-up at point of access to the site which tells the visitor that cookies are used
  • Accompanying this with an ‘I accept’ button, which acts as opt-in consent
  • Including a link to a dedicated cookie policy which explains why they are being used, how the information will be used, and how it will be kept safe.

5. Terms and conditions

The details of the terms and conditions a company has to publish will vary according to the nature of the business.

For example, an e-commerce business selling goods has to include terms of delivery and returns, but these are not applicable to a service-based company.

The principle behind terms and conditions are that they set out the contractual basis of the transaction between customer and online business. They are legally binding and guarantee a level of service customers can expect.

Website Content Terms and Conditions
Photo by Olu Eletu on Unsplash

Key things to include in your terms and conditions are:

  • Full breakdown of all costs, including taxes, delivery charges, service charges, use of extras like premium rate phone lines etc.
  • Payment details
  • Who will fulfill the order, including contact details
  • Details of cancellation periods
  • Duration of the terms, e.g. how long goods are under guarantee.

6. Disclaimer and copyright notice

If you want to reserve rights to the content on your website, you should publish a copyright notice to that effect.

Equally, if you want to grant permission to visitors to re-publish or re-use content from your site, you should specify the terms by which they can do so.

A disclaimer is an important legal notice protecting a company from liability for how content on its website is used. Think of it as a kind of ‘vehicles are left at their owner’s risk’ notice for websites – the business grants permission for people to use their content, but accepts no liability for any consequences that arise from them doing so.

Without publishing a disclaimer like this, you will be deemed not to have informed visitors of their legal position in relation to your content. If they do then try to download something you make available and it somehow damages their computer systems, they could sue you for liability.

7. GDPR content

Efforts to regulate online trade started to emerge on the back of the first Dot-com boom in the late 1990s.

At the time, new-fangled concepts like e-commerce were widely viewed by governments and public authorities as some kind of digital Wild West, where unscrupulous operators could make a fast buck without having to pay heed to the niceties of consumer protection or corporate governance.

In Europe, the EU led the way on updating business regulations so they were fit for purpose for this brave new digital world:

  • It introduced a directive covering all forms of distance selling, whether via mail order, telesales or ecommerce, requiring companies to make full company registration details available to customers and to offer a compulsory right to cancel.
  • It strengthened regulation of online trading with a specific e-commerce directive which gave the agreement between seller and purchaser the status of a legal contract. This meant online businesses had to draw up, share and follow clear terms and conditions of sale for the first time.
Website content and GDPR
Photo by Joshua Fuller on Unsplash

Along with data protection, privacy and anti-discrimination directives, these have been adopted into UK laws governing how businesses run online businesses and websites.

The relevant up to date pieces of legislation are:

The GDPR has forced all companies to re-examine how they handle personal data. It explicitly sets out to strengthen the rights of individuals with regards to how their information is used online.

What website content needs to be changed for GDPR?

In terms of what you must include on your website, the GDPR does not require anything extra.

It does, however, set out the principle of ‘privacy by design’, which boils down to making privacy and data protection a priority when designing your website.

Businesses don’t need to rush out and pay for a website rebuild. But it has been interpreted as meaning that website operators should make the highest privacy settings the default, with options for users to reduce them if they wish.

They should also rewrite their privacy policy and ensure that their website is correctly configured.

The GDPR has also extended the definition of personal data to include a much broader range of digital information, even if it does not directly identify an individual. One example is the data collected by cookies, which websites use to do everything from remembering where a user’s last session ended so they can start browsing from the same place, to targeting advertising.

Even though cookies do not directly identify people, the information about devices and browsing habits they process is considered unique enough to be classified as personal information under the GDPR. That means that every website using cookies now has to gain definite and provable consent from every visitor.

That’s why so many businesses reconfirmed their mailing lists in May.

Also, since the end of May, every website now has an opt-in ‘I accept’ button and a link to its cookie policy when a page first loads.

8. Accessible content

Website accessibility refers to making the content of your site available to everyone regardless of any special needs, including:

  • Visual and hearing impairment
  • Difficulties with motor function that might make use of a keyboard or mouse difficult
  • Cognitive needs, such as dyslexia and autism.

The W3C organisation is responsible for an internationally-recognised set of standards outlining principles and practices relating to website accessibility, the Web Content Accessibility Guidelines 2.0.

While there is no explicit requirement in UK law for websites to follow the guidelines, it is widely understood that accessibility is implicitly covered by the The Equality Act 2010, which demands businesses and organisations make sure all services can be accessed equally by all persons.

Ensure your website content is legal

Creating website content that ticks all of these boxes can be time-consuming. But once you have the basic framework written, like your terms and policies, you probably won’t have to change much as your business grows.

The following two tabs change content below.

Paul Newham

Business copywriter, blogger, and journalist at Red Robot Media
Paul Newham is a content writer, journalist, and PR specialist for Red Robot Media. He works on a variety of blogging and content production assignments for business clients.
Share this:
Show Buttons
Hide Buttons
Red Robot Media