In what is already a challenging and competitive sector, the importance of an informative and engaging website cannot be overestimated, but in a desire to attract more visitors and give them reasons to stay longer, has the need for websites to conform to minimum legal requirements been ignored?
It appears, in fact, that many UK businesses remain ignorant of the laws regarding websites, with most assuming, incorrectly, that only e-commerce sites or those selling to the public are covered by the law. The websites of UK-registered companies must display the company name, place of registration, registered number and address, along with the VAT number and details of any regulator. A host of other compliance issues affect business websites, but some are only relevant to those which undertake certain activities, like those selling products, services or digital content.
In 2011 the laws governing cookies changed, with visitors now needing to positively consent to their use. If cookies are blocked by visitors who are wary about them, the visitor experience of the site could be ruined and ultimately it might need a costly re-design, so it’s far simpler and cheaper to explain what cookies are being used and what will be done with any information gathered. (UK regulations differ from the rest of the EU which can be an issue for sites accessed from abroad.)
New data protection laws are being considered, with tighter regulations expected soon. Failure to comply with these could result in enforcement action and heavy fines.
Website owners seek the details of visitors through subscription to a newsletter, a free report or free resources, which usually means providing personal details, email address or telephone number. This growing trend to engage with visitors is creating compliance issues around the collection, storage, use, sharing and even selling of data. While there’s no problem emailing individuals in response to their original enquiry, the fact they have provided you with a direct communication channel does not give you the right to contact them for additional or previously undisclosed purposes.
When a visitor provides an address and phone number, you may contact them with marketing information by phone or post, but they must have the option to unsubscribe. Importantly, if these individuals are to be contacted by email or text, their express consent must be obtained and opt-in/opt-out boxes must not be pre-ticked. The courts consider that an opt-out not taken does not convert to automatic consent – institutions risk enforcement action if they use pre-ticked boxes.
Terms and conditions
Although not a legal obligation, a good set of terms and conditions on your website can prevent a lot of future problems. They should clearly define what your organisation does and what intellectual property is owned on the site. A disclaimer of liability is also a good idea, advising visitors that information provided is accurate to the best of your knowledge, but should not be taken as fact.
Many websites now have blogs and forums which allow users to post comments. If you allow people to add content to your site, you should have an acceptable use policy to protect against illegal or offensive material being posted – without this you could face legal action.
Nichola Jenkins is lawyer in the intellectual property and technology team at UK commercial law firm SGH Martineau W: www.sghmartineau.com