Skip to content
Main » Legal requirements to sell online

Legal requirements to sell online

Being present on the Internet with a website, online store or through a marketplace poses major legal challenges.

The use of the electronic channel as a distance sales channel has altered the legal system, causing the revision, creation and adaptation of the rules to make possible the regulation of the new contractual situation.

Therefore, New terms and new rules have been introduced to regulate the situation and that you, if you want to sell online legally, you must know.

First of all, we will begin by defining some terms that are the basis for selling online.

What is a ecommerce

An ecommerce is one Virtual store where a customer can purchase any product at a price and under certain conditions determined by the seller. and without intervening no physical establishment at the time of sale.

What is distance selling

Distance selling can be defined as that concluded without the simultaneous physical presence of the buyer and the seller, in which the seller's offer and the buyer's acceptance are transmitted exclusively by a means of remote communication of any nature and within a distance contracting system organized by the seller.

What is an electronic contract

Un electronic contract is any contract in which the offer and acceptance are transmitted by electronic means and the data processing and storage equipment is connected to a telecommunications network.

As Spain is part of the European Union, any Spanish electronic contract will also be subject to the EC Regulation 593/2008, of June 17, 2008, on the law applicable to contractual obligations (Rome I), which will apply to contractual obligations in the civil and commercial sphere.

What is an electronic contract

What is the electronic signature

La Electronic signature It is configured as a instrument equivalent to a normal signature, and a digitally signed document has the validity and effectiveness of a traditional document.

Having clear the previous concepts, we can now see what the requirements are to sell online.

What is personal data

Personal data is any information relating to an identified or identifiable natural person.

These personal data must be safeguarded by online websites.

And although it is difficult, it can be achieved.

Requirements to sell online

Distance selling through e-commerce It is regulated in Spain by the Law 34/2002, of July 11, on information society services and electronic commerce (LSSICE).

This law establishes a series of terms that electronic businesses must comply with in order to operate legally.

One of these conditions is the inclusion of a series of documents and clauses on the online store's website.

In addition, both on the website and during the purchasing process, the following must be specified:

  • The identity of the seller.
  • The characteristics of the product, its price and shipping costs.
  • The method of payment and the method or methods of delivery of the order.
  • The validity period of the offer and the minimum duration of the contract.
  • The existence of a right to terminate the contract.
  • The procedure for resolving extrajudicial conflicts.

That is, the online store must be adapted to the LSSICE.

Furthermore, as we have been warning, online sales also produce an electronic contract.

Therefore, An online store must also comply with the e-commerce directive 2000/31/EC.

So, during the online purchasing process, you should reflect the following aspects:

  • The technical steps necessary to place an order. This information must be available to the consumer so that it can be reproduced and stored.
  • Prices should be clear and indicate whether they include taxes or shipping costs.
  • The name of the service provider, their email address (a contact form is not enough) and a geographical address.
  • Acknowledgment of receipt of the order by electronic means and information on how to correct data entry errors made during the order process.
  • If it is a company, the company registration number and the place of registration.
  • Membership data, including the registration number of any trade or professional association to which the service provider belongs.

Once the purchase has been accepted by the parties, the contract will have been "signed" and will therefore have the same validity as any other.

And in this regard, we find in Spain the General Data Protection Regulation of April 27, 2016.

The company must meet its own requirements to comply with this regulation.

Documents that a website must include

We could say that for a website to meet all the requirements of the GDPR and previous LSSICE should have the following sections:

  • Legal warning.
  • Privacy Policy.
  • Terms and Conditions.
  • Cookies policy.
  • Withdrawal form.
  • Claims form.
  • Informative skirt.
How does the General Data Protection Regulation affect companies?

Geoblocking and cybersecurity

On the other hand, the company must also comply with the Regulation (EU) 2018/302 of the European Parliament and the Council to limit geoblocking, and not discriminate against any buyer based on the location from which they make the purchase.

In addition to the above, online entrepreneurs must take special care with the ciberseguridad. They must develop a series of legal and technical security measures to prevent damage and loss to their security systems.

The company must protect and safeguard by all means the personal data of its customers, its suppliers and its employees, as well as the company's own data.

Furthermore, must comply with Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015, on payment services in the internal market, which regulated access, with consent, to customer bank account data by third parties such as Facebook or Amazon.

In the case of the website, it is usually built on the same domain as the online store, so they must follow the same steps as this one, paying special attention to the RGPD.

Privacy and security of personal information

Today we live in the revolution of the digital age.

For years, virtual platforms have used our personal data as if they were goods that can be bought and sold, without us knowing it.

So much so that there is a sector dedicated to collecting data to use it to increase consumption. Or has it ever happened to you that you talked to someone about a pair of shoes and when you went to Facebook or Amazon you saw ads for them?

There are tools that use our data to understand our consumption preferences and our activity.

With these tools, data scientists can even find out how much money we spend, which online or physical store we shop at, and where we physically walk.

And not necessarily all website owners collect this data.

What happens is that websites are hosted on paid or free software such as WordPress, which have implemented payment systems and many other plugins that have created security breaches and information trafficking.

Therefore, our data must be protected and the user must be notified of what is going to be done with it. All Spanish legal websites must adapt to the RGPD and the LSSICE, already explained in the previous paragraphs.

Recommendations to make our website a secure site

Online stores and websites are hosted on shared or private servers called "hosts".hosting«.

Therefore, for the website to be secure, its foundations must also be secure from the beginning, being hosted on secure hostings.

Additionally, the website must have SSL security, so that Google recognizes it as a secure website and treats it as such.

Likewise, The website must always be up to date, so that data cannot be leaked in any way.

And we must pay special attention to the plugins that we added to our website.

These supplements must come from a secure developer, otherwise they may harm our website and cause security breaches.

Another very important topic is the payment gateway.

This payment gateway must be provided by a bank that protects our customers' banking data.

As for communications with our customers, if we do them through plugins on our website, we have to be ensuring that the message reaches the correct recipient and is not leaked to other users.

If the website owner does not follow some of these recommendations and does not safeguard the data of his clients, he will be breaking the law and may be sanctioned.

Sale in Marketplaces

In the case of sales through marketplaces such as Amazon o Alibaba the process is different.

Our online store would have an international contract (because the headquarters of these marketplaces are usually abroad) with the marketplace to be able to sell its products there, and another contract for each sale with its clients.

Thus, you will have to re-establish purchase terms and conditions in accordance with the marketplace, with the national legislation of the country to which they sell and with international law.

If you need help selling online legally, contact contact us.

RRYP Globallawyers specializing in new technologies.

An international boutique law firm specializing in the strategic resolution of family and corporate law disputes. With over 200 cases and clients from 26 countries, we assist and represent individuals and international companies in Spain in matters of family law, business law, technology law, and cross-jurisdictional disputes.

Mar Gamez Ramirez – CEO and lawyer at RRYP Global.

Mar Gamez

Mar Gamez

Lawyer and consultant. Master in Law and International Business Law from ISDE. She graduated in Law and International Relations from Loyola. Co-founder - CEO of Reáculoateypunto SL

Leave your comment

Your email address will not be published. Required fields are marked with *

Related articles

Hand using smartphone with holographic digital interface, data analysis, mobile technology and digital transformation.

When can automated decisions in a company pose a legal risk?

Digital platforms use algorithms to make increasingly important decisions: from displaying content and setting prices to blocking accounts and granting credit. When… Read More »When can automated decisions in a company pose a legal risk?

Best international law lawyers in Spain

When someone looks for international law lawyers in Spain, they're usually not looking for theory. They're looking for solutions. They're looking for a firm that knows which court has jurisdiction, which law applies… Read More »Best international law lawyers in Spain

Management team in office pulling on a rope, representing conflict between former partners or former employees and unfair competition in a technology company.

Competition with former partners and former employees: how to act legally in technological environments

When a former partner becomes a competitor or a former employee takes clients, code, or know-how, the threat is existential for a… Read More »Competition with former partners and former employees: how to act legally in technological environments

DO WE TALK?

If you're looking for legal information personalized, schedule a video call with us, your you choose el to date and hour depending on your availability. You can also arrange a personal meeting at our offices or we can talk by phone. Call us at 957858952 and we will establish the best modality.

Schedule meeting
Consult matter

Standard Meeting

Initial meeting with a specialized lawyer RRYP Global, boutique office expert in international affairs.

Request meeting

Urgent Meeting

This service is for those who require a immediate meeting with a lawyer specializing in international legal affairs. 

Request meeting