Hi, this is our series on how to lawfully run a business. Let us know your questions and don’t forget to subscribe. Today’s topic is: 4 legal standards for websites targeting European Union users.

1. GDPR compliance

GDPR sets out a high standard for personal data protection. Data must be processed on valid legal basis, with security measures basing on risk analysis results. The same applies to data transfers outside the European Union. By default, you should process data only to minimum necessary and provide transparent information, typically a privacy policy.

2. Cookie law compliance

European e-privacy laws are not just at the European Union level – many states add more requirements. If you target their users, you should at least:

• Inform of use of cookies upon first visit to website and link to a detailed cookie policy
• Start using non-necessary cookies only after the user agrees to it
• Inform the user that it is possible to restrict cookies through browser settings
• Do the same with other ways of processing user data or monitoring their behavior

3. Consumer law compliance

EU law provides many guarantees to consumers. Among others, these include transparent information on your identity, fair terms of use, collecting explicit consents, and by default, allowing to withdraw from a sales contract within 14 days. The e-commerce site should confirm all website purchases by notifying the user within 24 hours.

4. Payment processing requirements

EU e-commerce payment regulations, including Payments Services Directive (PSD2), are designed to boost consumer confidence when buying online. Requirements cover security measures, including strong customer authentication (SCA), as well as additional obligations, such as “no questions asked” refund rights and a prohibition of surcharges for payments with consumer credit or debit cards. Also, there is a global PCI-DSS standard for storing, processing or transmitting cardholder information.

Next to just mentioned standards, there might be industry-specific or member state laws applicable to your case.

Do you have any other legal questions? Leave a message & let us know!