Skip to main content
Laws ecommerce must comply

Laws with which an ecommerce must comply

If you have dared to launch your online store, you may be wondering which laws an ecommerce must comply with so that it is within current law.

In this post we will mention the main ones for your peace of mind, but remember that the thorough analysis of the activity of the online business and the creation of the appropriate texts will be recommended in each case.

You should not be “inspired” by the legal texts of other businesses, even though they may initially seem like yours. Go for this:

Three basic laws an ecommerce must comply with:

Indeed, any online store must generally comply with three laws:

  • Law on Information Society Services and e-Commerce.
  • General Law for the Defence of Consumers and Users.
  • General Data Protection Regulation.

Compliance with these three rules practically guarantees the lawfulness of your online store and your peace of mind as an entrepreneur or businessperson, but how does each of them affect your online business?

The Law on Information Society Services and e-Commerce, has several sections that are of interest to your online store, from the minimum legal information that the website must have on the company or freelancer managing it to the prior information to offer in the event of online sales or the requirements to send commercial emails.

In any case, whether or not you sell online, you must include the identification data of your company or your own, if you are self-employed, as well as a form of contact. This is usually included in the Legal Notice of the website.

If you intend to make commercial use of the emails provided, for example in contact forms or through other means, remember that you require express consent or prove that the recipient is your customer (who has bought or contracted a service from you).

The General Law for the Defence of Consumers and Users is basic in B2C online businesses, i.e. those selling to end consumers (not to entrepreneurs), as it establishes rights for said consumers that your business must respect. We especially highlight two that we already discussed in February 2020 in this post:

a) The right of withdrawal, which consists of the possibility for the customer to return what was purchased, without giving any explanation, within 14 days of delivery.

b) The right of guarantee, which consists of the fact that the business must guarantee that the purchased product is suitable for its normal use. This term changed on 1st January 2022 from 2 to 3 years.

These rights are usually included in the Website Purchasing Conditions, text that must be available and that the customer must expressly accept before completing the purchase so that it is linked to the “contract”.

Public Authorities ensuring Consumer rights are respected are usually quite active in checking that online stores meet these requirements. In some cases, they usually act without prior complaints.

Finally, the General Data Protection Regulation must be highlighted, which affects any online or offline business in which personal data is collected. Undoubtedly, an online store is no exception as there are multiple data collection channels (contact form, newsletter registration, purchase forms, etc.).

This involves the need for an adequate Privacy Policy for your online store, in which you must include, among others, aspects such as: 

  1. Your contact details.
  2. An indication as to what you will do with the data.
  3. Notification if you will share it with third parties.
  4. Information on how customers can access or delete their data.

In many cases, you must obtain the express consent of the customers before using their data. Also remember that having a good Privacy Policy and nothing else does not mean complying with data protection regulations.

In this case, the Spanish Data Protection Agency has the power to implement penalties, which is by far the most active in terms of inspection of those that exist in all EU Member States.

The lawfulness of your online store is therefore not a minor issue and one that you should consider carefully. Although it may seem otherwise, no two online stores are the same and this will directly affect your legal texts.

If you have any question about this or any other issue, don’t hesitate to contact us!

    Information on data protection

    Company name
    Providing the service.
    Sending the newsletter.
    Legal basis
    Compliance with the service provision.
    Your data will not be shared with any third party, except service providers with which we have signed a valid service agreement.

    You may access, rectify or delete your data and exercise the rights indicated in our Privacy Policy.

    Further information
    See the Privacy Policy.