PHPI gets the lowdown from Andrew Brennan, a partner in the Intellectual Property and Technology team at commercial law firm SGH Martineau, on how to ensure your website is legal.
In this ever more online and competitive world, modern installers are beginning to understand the need for their company website to deliver an engaging experience for visitors, with reasons to return, but many appear to be ignoring the need for a website to meet minimum legal requirements. Andrew Brennan explains: “So many businesses are unaware of, or ignoring, the laws governing the websites of UK registered businesses. Sites must display the business name, place of registration, registered number, registered office address, details of any regulator if the business undertakes regulated activities and the VAT number.
“For sole traders and partnerships, the address of the principal place of business must be shown. Whilst it doesn’t have to be displayed on the homepage, all of this is necessary information which should be easy to locate on the site.
“In 2011 the law governing cookies changed and visitors must now consent to their use. Websites should clearly explain what cookies are used, what information they gather, what’s done with it and that by continuing to use the site, the visitor consents to their use. This is something any web design company should be able to help with, but for installers building their own sites, most of the free site building packages are likely to offer the necessary plugins.
“An engaging website offers business owners the opportunity to obtain personal details from visitors, to help with future marketing and where an e-mail address is given by someone in relation to a particular enquiry or transaction, they can be contacted about this and related services.
“When that email address is used for any other communication, a box, which must not be pre-ticked, must be provided to allow the recipient to opt in or out of receiving additional marketing information from the company or third-party affiliates.
“All e-mail marketing must contain the identity of the business and give the recipient the option to unsubscribe from the service and be removed from any list that holds their contact details.
“When a business collects and uses personal data it becomes a data controller, so must explain what is being collected and why. The website must have a Privacy Policy that explains to users how information will be used and this should be easy to find and contain a method for contacting the designated data controller.
“If a website visitor provides personal address details and a phone number, the business can market to them by telephone or post until the recipient asks them to stop.
“Terms and conditions are not a website legal requirement, but a good set can prevent many problems in the future and help protect the business, by clearly stating what the business does and what Intellectual Property (IP) it owns on the site. They should also warn visitors against ‘framing’ or ‘deep linking’ to the site – which might imply some professional endorsement of the site that includes the link. It’s also a good idea to include a ‘disclaimer of liability,’ warning visitors the information provided is accurate to the best knowledge of the site owner, but should not be taken as fact.
“Some businesses will blog about their activities or engage with customers on social media and allow ‘user generated content’ (UGC) on their sites, where individuals can post comments, reviews, pictures etc. When this is allowed, it is essential that the site has an ‘acceptable use’ policy to protect against any offensive or illegal material being posted. Without this policy in place, it is the site owner that could face action, not the individual responsible for the post.
“Even the smallest businesses are not exempt from the need to comply and need to ensure the site displays the minimum business information, along with a Privacy Policy, if any data is collected, even if it’s just an email address for replies. If in doubt, get someone to check the site for you.”