Legal requirements for your web site

For all UK based businesses that have a web site selling or promoting products and services, UK laws apply. Web sites hosted in another country are still covered by UK law if the business is physically inside the UK. Some laws apply to all sites and some are only relevant in some cases, for example if you have a shopping cart on your site.

All sites however should be designed with the Web Accessibility and the Disability Discrimination Act 1995 in mind, to ensure that people with disabilities can use and operate web sites. All businesses are expected to make ‘reasonable adjustments’ to their site and it is good practice to incorporate the Web Accessibility Guidelines (set out by the World Wide Web Consortium (W3C)) into your web design. These include such things as provide text alternatives for any non-text content such as large print, braille, speech, symbols or simpler language and making all functionality available from a keyboard. Use the website for up to date information and guidance.

The Companies Act 2006 and Business Names Act 1985 is relevant if you are a limited company, sole trader or partnership. For a limited company, this means that you should disclose the company name, registration number, place of registration, and the registered office address. If the company is being wound up, this should also be stated.

For a sole trader, you will need to state your name and the UK address where service of any document relating to the business will be effective. Partnerships need to name each member, and state the business address.

The Data Protection Act 1998 is relevant if you collect data from your site (e.g. from enquiry forms). In this case, a privacy policy must be displayed, informing the user what the business does with the data. The privacy policy should disclose to users the way that your web site collects, processes, stores, discloses and uses personal information.

E-commerce sites must comply with the Consumer Protection (Distance Selling) Regulations and Electronic Commerce (EC Directive) Regulations 2002, which applies to individuals, not companies. The site should show things such as terms and conditions, returns policy and delivery policy amongst others.

If the site also collects and processes debit and credit card information it will also need to comply with the PCI DSS (Payment Card Industry Data Security Standard and ensure that card details are protected and that the web site encrypts transmission data, the system and passwords are secure and that the server has a suitable firewall and anti virus software, amongst other things.

You also need to be aware of EU Anti Spam Laws if you collect email addresses or contact details) for a database. You should have opt-in email addresses only and should ensure the possibility of allowing people to opt out on all marketing emails.

This is only an overview of web sites and the law and designed to be a quick guide to point you in the right direction. In order to make sure you are fully compliant and up to date with current law, it is best to seek legal advice.

By Lara Ball,

Cravenplan Computers Ltd

Twitter: Cravenplan_UK

Found this useful wondering how you can show me your appreciation? Well, there are some ways you can say thanks and support my website: ➡

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge

This site uses Akismet to reduce spam. Learn how your comment data is processed.


  1. August 13, 2010 / 2:42 pm

    Hi Joanne, Just read your article on legality of websites & was pleased to see mention of the need for sites to be accessible, as this is one of my annoyances with a lot of website & web design companies at the moment. As this is one of our focusses when developing new websites for clients, as well as SEO, would it be possible to include a link to our site from the post? Perhaps we can also contribute an article or two on the subject for your blog in return? Thanks, Toby Ltd