Warners

Running and Marketing your Business online

Company Commercial

The use of the internet has led to a huge increase in business conducted online.  Consumers are now willing and more confident in submitting their details electronically for the purposes of shopping. 

 

Indeed, every serious business will have online facilities as their customers will demand it.  This leaflet deals with what businesses need to consider to effectively operate their businesses on line.

 

Introduction
The most important legal issues businesses need to consider when operating online are the formation of contracts over the internet and compliance with data protection and privacy laws in respect of their customers’ details.

 

An online contract is an agreement created wholly or partly through communications over computer networks.  The suppliers of goods and services over the internet will be entering into contracts with users of their website when those users (the customers) place orders on the site.

 

All online transactions with customers, and also the submission by people enquiring to businesses on their products and services, will inevitably contain personal data about individuals, e.g. e-mail addresses and names and residential addresses.

 

Online Contracts
Forming a contract online
At the date of this leaflet, the rules which apply to the formation of contracts online are largely the same as the traditional rules that apply to contracts generally.

 

Most types of contract can be formed without written formalities.  This means that they can be formed electronically. Typical exceptions to this are the creation or execution of a will or a contract for the sale of real property.


Under English law, the essential ingredients for a contract must contain an offer by one party, communication of acceptance of that offer by the other party, consideration flowing between the parties (for example, the payment of money) and an intention by the parties to be legally bound.

 

In terms of online contracts, it is vital to be able to determine clearly when an offer is accepted.  It is best policy for businesses selling goods and services over a website to include details such as the following:

 

- The display of goods for sale which should be phrased as a  
mere invitation to treat.

 

- The customer should complete and submit an order form which will constitute an offer) via the website.

 

- The business will then send an acknowledgment of receipt and
formal acceptance following submission by the customer of
the online order form.

 

What are the terms of the contract?
Businesses operating over the internet need to ensure, as far as possible, that their standard terms and conditions of business apply to the contract.  Standard terms will only be “incorporated” into the contract (and therefore be legally binding on the user) if the terms are brought to the other party’s attention before the contract is made.

 

The online customer will therefore need to actually know, or have sufficient notice, that the transaction is subject to those terms before the point at which the contract came into existence.

 

Sufficient links will therefore need to be made to such terms and a detailed consideration of the method of doing this will need to be undertaken by businesses.  Every business is different and certain methods will be more attractive than others.

It is also important for business to tailor their standard terms to an online situation.

 

Data protection and privacy considerations
If an online customer wishes to submit an order for goods or services over the internet, that individual will need to submit data so that the businesses can process the order.
What are the ramifications of this?

 

Data Protection Act 1998 (DPA)
The obligations under the DPA fall upon the "data controller".  In the vast majority of situations, the operator of a website will be the data controller for the purposes of the DPA and this is the case even when the website is hosted by a third party.  Businesses operating online will almost certainly be data controllers.

 

Consent
Website operators have an obligation to provide details of how individual’s data will used by them before they collect any personal data.  Since visitors to a website may not necessarily enter via the homepage, this means that the information should be provided at the point at which personal data is collected on the site.  In respect of online businesses, it is usual for this to be via the online registration or order form.

 

The use of privacy policies is important in this aspect as the registration or order form will usually have a link to the privacy policy, however, when obtaining information on individuals, that individual must have the opportunity to opt in or opt out to certain uses of his data as required by law, particularly direct marketing (see below).

 

Direct marketing
Often, businesses will want to be able to contact customers in the future regarding their products and services.

 

It is highly unlikely that the use of individual’s personal data for sending unsolicited e-mail messages (or "spam") will be regarded as fair under the DPA where it is done without consent.  Further, recent legislation, known commonly as the E-Privacy Regulations, requires opt-in consent in most cases for direct marketing to individuals by electronic means. 

 

An example of opt-in consent  would be “if you do want us to send you marketing material, click this box”.  Opt-outs, e.g. “if you do not want us to send you marketing material, click this box”, will generally be regarded as unfair in direct marketing situations.


If your business wants to do this, procedures need to be implemented on your website for the consent to be obtained from the customer.

 

Cookies
What is a “cookie”?  A cookie is a small text file implanted by a website on the hard disks of visitors to the site (usually without their knowledge), and this file collects information about the visitors, such as their names, addresses, e-mail details, passwords and user preferences.

 

Cookies do provide web users with some personal benefits, however, they also enable website operators to build up user-profiles without the knowledge or consent of the individuals concerned.

 

It is unlikely that the use of cookies will be seen as fair under the DPA when web users are not aware of their use.  It is therefore best practice for websites to deal with the issue of cookies in order to ensure compliance with the DPA. Typically, most sites address the use of cookies in their privacy policies.

 

Further, the E-Privacy Regulations provide that the use of cookies is only allowed on condition that the user concerned is provided with clear and comprehensive information about the purposes of such processing and is offered the right to refuse such processing by the data controller (opt-out).

 

How can Warners help?
We can provide all necessary advice in relation to the contractual documentation needed by your business online.

For further information about how Warners can help you with these and other business issues, please contact a member of the company commercial team.