Legal Requirements for eCommerce Sellers in the UK Explained

December 6, 2023
5 min read

Ecommerce Legal Requirements in the UK Explained

Ever wondered why some eCommerce businesses list certain information on their websites or online stores? Well, it’s simply their legal obligation to their customers, which, if infringed, could instigate legal ramifications. 

Launching a digital business requires a lot of work. From product design to logistics and delivery, each stage of the eCommerce supply chain must align with the next. However, a key aspect that can pose a serious threat to your business continuity is the legal department. 

As an eCommerce trader, you’re protected by the same laws as conventional retailers, like the Consumer Protection Act or 1979’s Sale of Goods Act, to name a couple. However, you’re also protected by other internet-specific laws that cover online selling, terms and conditions, etc. 

While there are several eCommerce laws in the UK, no one expects you to memorise and know each law by heart. However, having an idea of the key legislations for running a UK eCommerce business is important for making informed yet lawful decisions for your business. 

From eCommerce business laws like consumer protection and general data protection regulation (GDPR) to the electronic commerce directive legislations, nearly all eCommerce sales channels are covered by these legal requirements. So, there’s no escaping them, especially if you want a successful business with no legal infringements. 

To keep you on the best track logistically and legally, Bezos is highlighting all of the UK’s legal requirements for starting or maintaining an eCommerce business in the UK. 

Here we go!

Key Points

  • Like any other business, legal obligations and requirements apply to eCommerce businesses in the UK. The adherence of these businesses to the stipulated obligations is often hoisted on their website.
  • With so many evolving regulations, outlining the most important ones will help you know what to expect when it comes to running a UK eCommerce business.
  • From GDPR to the EC Directive, and so much more, knowledge of these regulations can be the defining factor that prevents your business from being served a government fine or, worse, a lawsuit.
  • Another legal requirement worth knowing is VAT. If the business has a UK establishment, the owner will have to register for VAT if the said business makes a turnover greater than €85,000 a year. 

Legal Requirements for eCommerce Businesses in the UK

According to the UK government, eCommerce businesses in the United Kingdom or those distance selling with UK clients are legally required to adhere to the following regulations:

  1. The UK General Data Protection Regulation (GDPR) and Data Protection Act (DPA) 2018.
  2. The Electronic Commerce Regulations.
  3. Consumer Protection Regulation 2000.
  4. Consumer Rights Act 2005.
  5. Privacy and Electronic Communications Regulations 2003.

Here’s detailed information about each regulation and some others:

  1. The UK GDPR and DPA

The UK General Data Protection Regulation and Data Protection Act were created in the best interest of the consumers. These regulations are the legal requirements of eCommerce businesses in the UK. They govern how customer data is handled, stored and used, as eCommerce businesses in the UK must responsibly handle customer data. This way, they can establish trust and maintain customer satisfaction. 

Given the global scope of eCommerce, even if your business isn’t physically based in the UK or the European Union, you must comply with the GDPR and DPA if you have customers there. Under the UK GDPR, personal data includes many data types, such as names, addresses, email addresses and IP addresses. Essentially, any information that could be used to identify a customer directly or indirectly is considered personal data, and the GDPR and DPA stipulate that businesses must:

  • Obtain explicit consent from users (customers) before collecting and processing their data.
  • Provide clear information about how and why they are using personal data.
  • Securely store and protect personal data.
  • Report any data breaches to the Information Commissioner’s Office (ICO) within 72 hours.
  • Respect individuals’ rights to access, correct, delete and move their data.

  1. The Electronic Commerce Regulations

The Electronic Commerce Regulations of 2002, also known as the EC Directive, cover various issues, from commercial communications to electronic contracts.

For instance, these regulations require online businesses to:

  • Provide clear information about their businesses, such as their name, geographical address and email address.
  • Outline the steps involved in making a purchase.
  • Make the terms and conditions accessible and easily understandable.
  • Confirm the order’s receipt to the customer without delay.

  1. Consumer Protection Regulations

The Consumer Protection Regulations are designed to safeguard customers’ rights when shopping online. They aim to promote fairness and transparency in eCommerce transactions. 

Under these regulations, online businesses must:

  • Provide accurate information about their goods or services, including the total price (including taxes), delivery costs and payment methods.
  • Offer a cooling-off period of 14 days, during which the customer can cancel the order/contract without giving a reason.
  • Refund any payments made by the customer within 14 days of receiving a cancellation notice.
  • Offer a means of redress if a customer is dissatisfied with the product or service.

  1. Consumer Rights Act 2015

The Consumer Rights Act of 2015 is the primary legislation governing consumer transactions in the UK. It provides a comprehensive framework for the rights of consumers when buying goods, digital content or services. Hence, it covers eCommerce transactions.

This Act requires that all goods sold be of satisfactory quality, fit for purpose and as described. It also requires that digital content meet certain standards and not damage the consumer’s device or other digital content. If a product is faulty, consumers have a right to a repair or replacement and may be entitled to a full or partial refund, depending on the circumstance. To remain compliant, UK eCommerce businesses must ensure that their terms and conditions, return policies and warranty conditions reflect these requirements.

  1. Privacy and Electronic Communications Regulations (PECR)

PECR complements the GDPR and DPA by outlining specific rules for electronic communications. It covers areas such as marketing emails, cookies and location data.

Under PECR, businesses must:

  • Obtain explicit consent before sending marketing emails.
  • Inform users about the use of cookies and get their consent.
  • Protect the security of any electronic communications.

  1. Distance Selling Regulations

The Consumer Contracts Regulations might have replaced the Distance Selling Regulations in 2014, but many of its principles still apply. These regulations were designed to protect consumers shopping by phone, mail order, internet or digital tv.

For distance selling regulations, which apply to international eCommerce businesses trying to get into the UK market, a cooling-off period of 14 days must be provided to customers. During this time, the consumer can cancel their order. 

Specific rules on information concerning delivery, risks and other conditions must be provided to the customers before the conclusion of the contract. However, certain products, such as personalised or perishable goods, are exempted from these rules.

  1. Payment Services Regulations 2017

The Payment Services Regulations 2017 apply to eCommerce businesses that provide avenues for electronic payments. These regulations aim to make payment transactions more secure, reducing the risk of fraud and enhancing consumer protection.

Businesses must provide clear, comprehensive information about the payment service, including any charges. Strong Customer Authentication (SCA) is a key part of these regulations, and most eCommerce businesses must implement them to confirm the customer’s identity during transactions.

  1. Intellectual Property Rights

Awareness of intellectual property (IP) rights in the eCommerce sector is vital. Intellectual Property rights cover trademarks, copyrights, design rights and patents. Businesses should ensure they have the right to use all IPs featured on their website, including logos, images, software and product designs. Also, they must respect the IP rights of other businesses. Breach of IP rights could lead to litigation, financial penalties and damage to the business’s reputation. 

  1. Online Dispute Resolution (ODR) Platform

Businesses selling online in the UK must provide a link on their website to the EU’s Online Dispute Resolution (ODR) platform. This requirement facilitates dispute resolution between consumers and traders, which may arise from online transactions.

While the UK is no longer a member of the EU, UK businesses selling to consumers in the EU are still required to adhere to this provision.

  1. Value Added Tax (VAT) and eCommerce

Since Brexit, VAT laws have changed in the UK. Presently, the VAT registration threshold for eCommerce businesses in the UK is £85,000. This means that if a business’s taxable turnover exceeds this threshold, the said business must register for VAT with His Majesty’s Revenue and Customs (HMRC). Once registered, the business will need to charge VAT on their sales and can reclaim any VAT paid on business expenses.


Due to the complexity of the legal landscape in the UK, it's advisable to seek professional legal advice to ensure your eCommerce business is fully compliant. With the constant evolution of the laws and regulations that govern online purchases, eCommerce businesses in the UK need to stay updated with these changes to guarantee the continued success and expansion of their businesses. 

For a fulfilment company like Bezos, adhering to these legal requirements is as important as for the eCommerce businesses we serve. We’re legally compliant in the UK and the 16 other countries we operate in. So, not only will you get cutting-edge order fulfilment solutions with us, but you’re guaranteed to be partnering with a company that can help your business remain abreast of the UK’s eCommerce legal requirements. 


Do you need an eCommerce licence in the UK?

No, you do not need an eCommerce licence to sell or operate in the United Kingdom. But, you will need to be tax-compliant if your yearly revenue exceeds the stated threshold. 

What are the 7 types of eCommerce?

eCommerce business models could be:

  • B2B (Business-to-Business)
  • B2C (Business-to-Consumer)
  • B2B2C (Business-to-Business-to-Consumer)
  • B2G (Business-to-Government)
  • C2B (Consumer-to-Business)
  • D2C (Direct-to-Consumer)
  • C2C (Consumer-to-Consumer).

Can a foreigner register a business in the UK?

Yes, businessmen and women of any nationality can register and start businesses in the UK. You don’t need a residential status to register a business in the UK, but the company should be registered to a verified UK address. 

2 min read

Premium wines delivered reliably and less environmental impact

2 min read

Scaling orders volumes whilst saving time and money on fulfilment