3 Legal Watch-outs You Need to Know as an eCommerce Business Owner

6 minute read

The world of eCommerce has gained momentum with its growth and continues to expand at a speedy pace under the current circumstances. This opens up opportunities towards various entrepreneurs to digitalise their business thus enabling them to expand into the global market.

However, regulating a worldwide market equates to stricter law enforcement to prevent malpractice and ensure compliance. With that said, entrepreneurs must address the following issues to reduce the risk of legal consequences.

Laws and regulations are constantly being reviewed and changed in response to the evolving societal values. Entrepreneurs should be able to develop a good practice of staying updated on current legal amendments and applying them to all areas of operations.


1. Formulate Effective Terms and Conditions for Your Website

Terms and conditions are a legally binding agreement between you and the customer. Although it is not legally mandatory based on the Hong Kong law, incorporating them is highly recommended as it adds contractual value. Entrepreneurs shall ensure that the terms and conditions are accurately incorporated and agreed by consumers before each transaction.

If a business incorporated terms and conditions to its website, the terms created should comply with the Electronic Transactions Ordinance (Cap 553).
Additional points to note for a fairly good terms and conditions agreement:

  • Accessible to consumer
  • Clear and concise language
  • Great attention drawn to specific terms that are against consumer interest
  • Any translation provided MUST be clearly stated which version prevails to prevent any discrepancies
  • Information about the seller’s business
  • Fair and reasonable

2. Collecting Customers’ Personal Data for Direct Marketing

The execution of the privacy policy is legally MANDATORY under Hong Kong law. While it is not a contract, the policy is an independant declaration that should be visible and accessible to customers using the website. The policy must be articulated clearly to the customers and disclose any information regarding the objective and use of the customers’ personal data.

According to the Personal Data (Privacy) Ordinance (Cap 486), the collection of consumers’ personal data is highly sensitive and requires strict execution in terms of its use for marketing purposes. Breaches or failure to comply with the requirements may result in criminal sanctions.
Basic requirements of a privacy policy:

  • Clearly state the use and type of personal data collected
  • Identify the collector and the entities involved to which the information is disclosed
  • Personal information can only be retained temporarily
  • Implement a system that allows customers to access and rectify their data

Cybersecurity Protection From Online Fraud

Cases of fraud within the cyber space has reached an alarming level, to which online businesses must comply to prevent security breaches and disruption to business operations.

These frauds usually target money and/or private information. They would disguise their method of collections through phishing emails and/or text messages as well as suspicious links to generate business. Cybersecurity issues are time-sensitive and MUST be acted upon promptly to prevent the company from going through data, financial and reputational loss.

Preventive measures to minimise cybersecurity risks:

  • Verify the sender’s identity before opening any suspicious link or responding to the emails
  • Conduct regular security checks of any new beneficiaries before making any financial transactions or exchanging any private company information
  • Encrypt all sensitive information, ESPECIALLY customers’ personal information

Wrap up

Overall, undergoing rapid integration of technology and online platforms for business has become more crucial than ever. Entrepreneurs must ensure proper measures are being taken to prevent any possible fraudulent practices which would lead to heavy legal consequences.

JC Legal has established a broad practice in cross-border corporate and commercial law, regulatory compliance and dispute resolution involving Hong Kong, PRC, ASEAN, France and the UK.

Ready to register your company in Hong Kong? Talk to our sales team.

Other articles that might interest you

Related content

Get in touch.

Start your Sleek journey today

Ready to grow your business to the next level?
Let us help take the load off your shoulders so you can continue doing what you love.

Get USD $5,000 in AWS Promotional credit

Amazon Web Services provides startups with low cost, easy to use infrastructure needed to scale and grow any size business. You will be eligible for:

  • USD $5,000 in AWS Promotional Credit valid for 2 years
  • 1 year of AWS Business Support (up to S$1,500).
  • 80 credits for Self-Paced Labs ($80 value)

Get USD $8,000 in processing volume credit

Stripe is the best software platform for running an internet business. Stripe provides the technical, fraud prevention, and banking infrastructure required to operate online payment systems.

  • Fast, reliable and secure
  • Faster eligibility period for custom processing rates
  • Priority betas and special event access