Legal aspects of online marketing
Most companies these days take advantage of various forms of online marketing, whether it’s a regular email update or advertising products on their website or via social media channels. Although online marketing campaigns are generally cheaper to carry out and are therefore more accessible to smaller businesses or start-ups compared to more traditional forms of advertising, there are various legal considerations which must be taken into account.
If you’re using email marketing, you’ll be holding and processing information about your customers or potential customers (such as email addresses and names). You are legally obliged to protect this information in accordance with the UK GDPR and the Data Protection Act 2018. The main principles of the UK GDPR and the Act with regards to this type of data are to:
• only collect data for a specific purpose
• keep any data secure
• ensure that data is relevant and up to date
• only keep it for as long as necessary
• allow customers to view it if requested
• not transfer it out of the EEA without adequate protection
If your organisation processes any personal information, you are required to register with the Information Commissioner’s Office (ICO).
You have certain online marketing obligations under the Privacy and Electronic Communications Regulations 2003 as subsequently amended. One of the most important rules you need to stick to is providing a clear opt out method for any recipients of an email marketing campaign. Additionally, unless the contact details of the recipients were obtained in the course of business, you need to first obtain their consent by getting them to opt in to receive these types of emails.
The Privacy and Electronic Communications Regulations also govern the use of cookies. These are essentially files which are stored on a computer when the user visits certain websites. These cookies can be used for a variety of marketing purposes, such as posting specific adverts in their browser (e.g. Google Chrome) based on their internet activity. Some cookies are “essential” to the operation of an e-commerce website, such as where they are required for the purchase process to work properly. These essential cookies don’t require consent. However, non-essential cookies, such as those which are used for advertising purposes require the consent of a user in order to be deployed. In practice, this generally takes the form of a banner or notification which is visible when a user first visits a website, asking them to opt-in. Fines of up to £500,000 can be levied by the Information Commissioner’s Office (ICO) for failure to comply with the laws on cookies.
Even if you’re not selling any goods or services on your website, any products which you’re advertising on your website should be correctly described and there needs to be a breakdown of any costs. It’s an implied term of any contract that goods match the description so make sure you get this right.
A variety of Ts and Cs for online businesses and data protection template documents can be downloaded from our Business Documents Folder. Click on a heading under "Related Documents" below for further information (including a Cookie Policy)