Operating an eCommerce website presents certain challenges from a legal perspective. This is especially true when you target visitors from multiple regions, meaning that local legislation could be involved. This article will explain important aspects of legal compliance that eCommerce businesses, operating regionally or worldwide, should account for.
Cookie Consent Management
Cookie legislation is gradually becoming stricter on a global scale. Globally, the requirements for Cookie compliance can be divided into opt-in and opt-out regions. There are some region-specific adaptations, such as specific categories that require explicit consent from visitors. The similarity is that every law requires websites to be transparent about their use of Cookies and include a list of Cookies used on the website (also known as a Cookie Policy).
General Cookie Consent guidelines to abide by:
- Inform visitors about the way cookies are used on your site (usually done via a cookie banner and Cookie Policy)
- Gather consent (opt-in), or offer the possibility to opt-out to the usage of non-functional cookies
- Block non-functional cookies before consent or after an opt-out
Complianz helps fulfill Cookie consent requirements by scanning your website for Cookies. Upon completion, the plugin automatically describes the functionality, purpose, and retention of the detected Cookies. Finally, a legally validated Cookie Policy will be generated based on this information.
Complianz allows you to ask and register your visitors’ Cookie consent preferences. The correct banner will be displayed to visitors, either opt-in or opt-out, based on the region from where a visitor connects to your website (using GEO IP) and then determining what laws are applicable.
To demonstrate that visitors have consented to the processing operation while also respecting the Data Minimization principle, Complianz keeps records of a time-stamped Cookie Policy that describes the functionality and purpose of the cookies at the time the visitor gave their consent. This can be further extended with Records of Consent, which will register consent per individual user.
Privacy Statement
The purpose of the Privacy Statement is to inform visitors of your webshop by declaring how the website and your organization deals with privacy and personal information. Aside from Cookies, webshops process personal data such as payment information and account details, and this data will typically be shared with external parties. You will need to review all processes that involve the processing of personal data, according to applicable legislation for all regions to where you intend to sell your products or services. Agreements with external parties that will receive data should be signed.
Complianz generates a Privacy Statement detailing the purposes for which personal data is processed, categories, and retention period. Complianz also lists the security measures that have been taken to protect personal data, how users can exercise their legal rights, and how potential complaints can be sent.
Processing Agreements
Complianz allows you to generate a Data Processing Agreements : written agreements on the processing of personal data by a Service provider or a Processor. Such agreements must be made before or when an external party carries out the processing of personal data within your organization.
Integrations
When developing your eCommerce store using WordPress, there are many free and paid plugins available to add great functionality. While we all love the flexibility this provides, it quickly becomes hard to keep track of cookies used on your site, which plugins process personal data, and for which cookies or processing consent is required.
Because of this great diversity of available plugins, Complianz has always focussed on integrating with all commonly used plugins. As one of the few native and WordPress-only solutions available, Complianz helps to list used cookies and block cookies and scripts if necessary.
Statistics tools
Gathering statistics of your WordPress site is key to improving conversion rates on your eCommerce site. There are some great plugins available that allow you to configure your statistics tracking. Complianz integrates with the most commonly used ones (e.g., MonsterInsights, WooCommerce Google Analytics, and Matomo) and allows you to keep configuring your Google Analytics settings using these plugins while adding a consent layer if needed.
Script Center (blocking/firing scripts based on consent)
The Script Center in Complianz allows you to enter scripts and iFrames to block, which should only be fired when your visitor has consented to the use of (marketing) Cookies. The Script Center can be used to fire scripts such as the Facebook Pixel and Hotjar based on consent.
Terms and Conditions
There are several legal matters for which you might want to limit your liability. Terms and Conditions are used to govern the contractual relationship between a website and its users. The addition of a Terms and Conditions page on your eCommerce website helps to protect your business from possible liabilities by defining how your product or service may be used.
Complianz allows you to generate your Terms and Conditions dynamically and entirely free for your eCommerce business, tailored to your website’s specific requirements upon completing the simple Installation Wizard. Examples of the subjects covered are contents of your website, age restrictions, liability, copyright, and returns/refunds.
Returns and Refunds
European consumer law dictates that webshops must provide information about their refund policy. Essential aspects of the refund policy include the refund period, the type of contract with consumers, and the costs of returning goods.
Imprint
The Imprint (statutory and regulatory disclosures) provides insight into the company or the organization behind a website. In Germany, this document is referred to as Impressum and is a requirement set by the German Telemediengesetz.