Legal terms Needed on an eCommerce Website or O...

Legal terms Needed on an eCommerce Website or Online Store

Legal terms Needed on an eCommerce Website or Online Store


When your online store is ready to go live you need to make sure that you have all the necessary legal information available to protect your business and inform your customers. What we cover in the following article are all the issues related to necessary legal information. Above all other reasons having the correct contact and legal information will help instill trust for your business when customers find you online.


Physical address and contact details


We always recommend contact details containing a real address and phone number (maybe fax) are clearly shown on the website. ePages has a special content page just for this information. A Post Office box might be OK if it is in Australia and you do not have a business address. But I prefer a real location.

When I see a mobile phone as a contact number my immediate reaction is negative. It is just too easy to go get a pre-paid mobile these days. 1800 numbers are relatively inexpensive and can be directed to different phones at different times.

If the website does not have a physical address then I am concerned that it might not take products back or even worse not deliver them in the first place. If you are a website owner and do not want your address on the site then get a PO BOX and maybe offer Australia Post COD as a shipment and payment method. 

If the person who runs the site does not have their name and Australian Business Number or Australian Company Number (ABN or ACN), if applicable, clearly on the site then I am immediately suspicious. You should not use a personal email address but you should have contact email details using your domain name which can be used as a contact point. You sometimes see websites with a hotmail address as the contact point this to me translates to “go to another website”.


Special Legal Content Pages


In the content manager of our eCommerce system you will find a number of special content pages that are predefined to enable you to add the necessary legal information. You can enable these and add the content like you would any other content page.

special legal content pages in ePagesThey are:

  • Privacy Policy
  • Terms and Conditions
  • Right of Withdrawal (Shipping and Returns)
  • Contact information
  • Business hours


Terms and Conditions


If the website does not have a set of Terms and Conditions that I can find and read easily then I generally do not trust that website. The Terms and Conditions are never going to be simple but if they stretch to 20 or 30 pages then there is an issue. So you need to cover yourself without going too legally verbose. You should always seek legal advice on the legal terms and aspects of your business. Do not just go and copy the T&Cs from some other website. This may cause you to be in breach of the Intellectual Property Copyright protection of that website. If you are directly targeting a competitor’s website they will probably figure it out quickly. You can find some very useful information at


Copyright Notice


Always make sure that the footer on every page of your website carries a copyright notice. It will be something like “Copyright ©2016 My Business Name”. If you have images that you want to protect you might consider using an image watermark and there are a number of software products available that will let you add watermarks.


Shipping and Returns Policy


These may be part of the Terms and Conditions but if you are selling commodity products then make the Shipping and Return Policy easy to find and understand, we provide a special page just for that purpose. For some items like food and clothes you may not have to accept returns, however it is an area that you have to understand. In Australia all sales (including online sales) fall under the Trade Practices Act. This says that what you are selling must be fit for the purpose that you describe. So you need to make sure that your product descriptions are not so vague as to open a potential problem for you. Returns can create the need for a refund to a buyer. There are a number of ways that can be done but you need to have the process clearly documented so it cannot be disputed.

If the customer has bought via a credit card then you can process the refund to the card. This will result in a fee that you, the merchant will pay and may be $25 to $40. The fee will vary by provider and card type. The alternative might be to send a cheque or do a direct deposit to the consumer’s bank account. As a refund this may be less effort and not incur a fee from the payment provider or bank. You can also offer a credit certificate (for use at a later date) or a replacement with an alternative product.


Privacy Policy


Australia has a Privacy Act and a set of National Privacy Principles. Generally these apply to:

  • Private companies with a turnover greater than $3 million annually
  • Health service providers
  • Traders in personal information
  • Contractors to government

Setting up a Privacy Policy is good practice and helps to take away any fear that the information provided by your potential customers to your site will be misused or sold to a third party.


basketsettings-tcsForce Policy Acceptance


If you have all the correct policies on your website how do you know if a customer accepts these. The best approach is to have the website force acceptance and that is usually by the acceptance of a tick box or radio button in the basket process. With ePages you will find that you can turn that on and off in the Settings menu >> Basket setting.


Cookies and Customer Notifications


Most modern websites use cookies which are a small piece of code that is stored in the customers computer and lets the website know some information about the customer. This might relate to information in the hsopping basket, where you have visited while on the website, tracking and analytics information and much more. You customers can disable cookies in their browser and that diables the use of the cookie information. So now it is good practice to tell your customers if you are using cookies and why. Generally that is in the Privacy Policy. But you might also see on some websites a pop-up that warns about cookies and asks for approval to capture some information.

With ePages there is a speciifc feature that enables that ability which you can find at Settings menu >> General settings >> Presentation.



Where do I find information about the content for these terms?


Getting these documents drafted up at high-end law firms will prove expensive, however specialist firms and new cloud-based legal service have made it cost-effective and easy to get the protection you need.

We partner with several providers who can assist you to get started or improve your legal content. We recommend Cappello Rowe Lawyers for those in NSW.

We recommend LawPath’s Online Starter Bundle, which includes all the legal documents you’ll need to get started online. LawPath’s technology allows you to customise, edit and download the legal documents in minutes and at a fraction of the price.

lawpath online legal service

You can also get some great information by watching the webinar - Important Trust Issues for Your eCommerce Website - from Lawpath and eCorner.





Other Security Issues to Consider



SSL and encryption should be used when in pages where sensitive data is entered - this may be personal data such as name and address details or it could be financial data such as credit cards and bank details. Your site should show a valid SSL certificate when in protected pages. The URL will begin with HTTPS and the browser “padlock” icon should appear.

Certain types of SSL or TLS are now no longer supported as they present a security vulnerability. You can read the full eCorner policy on TLS and Security - click here.


Payment Card Industry Data Security Standards - PCI DSS


The credit card industry introduced some standards to assist eCommerce store owners and providers understand their responsibilities. These are the Provider Card Industry Data Security Standards. The Provider Card Industry Data Security Standards (PCI DSS) was developed to assist businesses that process card data to meet 12 security standards. It sets requirements for the monitoring and storage of credit card information to four levels of security, depending on the volume of credit card transactions being handled. If you use a reputable payment service provider then these issues will in general be handled by them. If you take credit card data on your website using the manual credit card payment method then you need to be aware of the risk.


The 12 key guidelines are:

  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for passwords or other security parameters
  3. Protect stored cardholder data
  4. Encrypt the transmission of cardholder data and sensitive information
  5. Use and regularly update anti-virus software
  6. Develop and maintain secure systems and applications
  7. Restrict access to data by business need-to-know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security


Make sure the doors are bolted and windows barred When it all comes down to the bottom line there is a lot that you can apply to eCommerce from the Bricks and Mortar world. Think of any parallel analogy and apply it to your website. It does not matter if you are thinking about how the home page needs to attract visitors into the store and comparing it to the store front window; or reconciling the cash register at the end of the day and comparing that to reconciling your online orders. To open a store on Main Street you have to think about all the aspects that go to make up a business from the sales sheets to the BAS to the shop security and locking the doors and windows each night. Even getting rid of the rubbish! The key to being successful and safe is to treat your web store like your business and manage it the same way.



Legal Disclaimer: This is not offered as legal advice and you need to consult your legal advisor to get specific legal advice as it pertains to your business. eCorner will offer the most accurate recommendations but we take no responsibility or liability for the information that is provided or how it is used on your website.