3 Legal Watch-outs You Need to Know as an eCommerce Business Owner
6 minute read
The world of eCommerce has gained momentum with its growth and continues to expand at a speedy pace under the current circumstances. This opens up opportunities towards various entrepreneurs to digitalise their business thus enabling them to expand into the global market.
However, regulating a worldwide market equates to stricter law enforcement to prevent malpractice and ensure compliance. With that said, entrepreneurs must address the following issues to reduce the risk of legal consequences.
Laws and regulations are constantly being reviewed and changed in response to the evolving societal values. Entrepreneurs should be able to develop a good practice of staying updated on current legal amendments and applying them to all areas of operations.
Overview:
- Formulate Effective Terms and Conditions for Your Website
- Collecting Customers’ Personal Data for Direct Marketing
- Cybersecurity Protection From Online Fraud
1. Formulate Effective Terms and Conditions for Your Website
Terms and conditions are a legally binding agreement between you and the customer. Although it is not legally mandatory based on the Hong Kong law, incorporating them is highly recommended as it adds contractual value. Entrepreneurs shall ensure that the terms and conditions are accurately incorporated and agreed by consumers before each transaction.
If a business incorporated terms and conditions to its website, the terms created should comply with the Electronic Transactions Ordinance (Cap 553).
Additional points to note for a fairly good terms and conditions agreement:
- Accessible to consumer
- Clear and concise language
- Great attention drawn to specific terms that are against consumer interest
- Any translation provided MUST be clearly stated which version prevails to prevent any discrepancies
- Information about the seller’s business
- Fair and reasonable
2. Collecting Customers’ Personal Data for Direct Marketing
The execution of the privacy policy is legally MANDATORY under Hong Kong law. While it is not a contract, the policy is an independant declaration that should be visible and accessible to customers using the website. The policy must be articulated clearly to the customers and disclose any information regarding the objective and use of the customers’ personal data.
According to the Personal Data (Privacy) Ordinance (Cap 486), the collection of consumers’ personal data is highly sensitive and requires strict execution in terms of its use for marketing purposes. Breaches or failure to comply with the requirements may result in criminal sanctions.
Basic requirements of a privacy policy:
- Clearly state the use and type of personal data collected
- Identify the collector and the entities involved to which the information is disclosed
- Personal information can only be retained temporarily
- Implement a system that allows customers to access and rectify their data
Cybersecurity Protection From Online Fraud
Cases of fraud within the cyber space has reached an alarming level, to which online businesses must comply to prevent security breaches and disruption to business operations.
These frauds usually target money and/or private information. They would disguise their method of collections through phishing emails and/or text messages as well as suspicious links to generate business. Cybersecurity issues are time-sensitive and MUST be acted upon promptly to prevent the company from going through data, financial and reputational loss.
Preventive measures to minimise cybersecurity risks:
- Verify the sender’s identity before opening any suspicious link or responding to the emails
- Conduct regular security checks of any new beneficiaries before making any financial transactions or exchanging any private company information
- Encrypt all sensitive information, ESPECIALLY customers’ personal information
Wrap up
Overall, undergoing rapid integration of technology and online platforms for business has become more crucial than ever. Entrepreneurs must ensure proper measures are being taken to prevent any possible fraudulent practices which would lead to heavy legal consequences.
JC Legal has established a broad practice in cross-border corporate and commercial law, regulatory compliance and dispute resolution involving Hong Kong, PRC, ASEAN, France and the UK.
Ready to register your company in Hong Kong? Talk to our sales team.