There are only a few days left for the GDPR to go into effect at 100%, but if you have any kind of online presence, know that there is more legislation applicable to Websites and Online Stores and that it can also impact the way you do business on the web.
For this purpose of legislation, we can divide websites into 2 types, online stores and all others (which we will refer to as websites), and, as will be understood, the legislation applicable to online stores is more extensive.
Legislation applicable to Websites and Online Stores
Cookies are usually used by content management software (CMS) such as WordPress, to customize some of the content presented or features available.
Information on Alternative Resolution of Consumer Disputes
With a view to streamlining the entire dispute resolution process, Alternative Dispute Resolution (ADR) for Consumers has been created for a long time, so that processes of this type do not have to be resolved in court.
Currently, it is mandatory for practically all companies to indicate which RAL entity they are linked to.
Having a website, this information must be specified in a clear, understandable and easily accessible way., and it is usual for this information to appear in the footer at least on the website's homepage, so it is yet another obligation that you will have to fulfill (see Law no. 144/2015 article 18 2)
Electronic complaints book
Although it has already entered into force for public entities, in the case of private entities this law will only start to apply from 1 July 2018. After the GDPR, this should be another regulation to take into account on your website (Decree-Law No. 74/2017)
Legislation applicable only to Online Stores
The main document applicable to Online Stores is the Law on Distance Contracts ( Decree-Law No. 24/2014), which regulates distance and off-premises contracts, however it is important to also take into account other applicable laws such as those that also apply to physical establishments.
Prices, discounts, reductions
A point that is sometimes overlooked in online stores is that the same legislation on prices applies here, namely price reductions, as is applied in physical stores.
In other words, it is necessary to take into account whether the price reductions that we announce fit the defined typology (Decree-Law No. 10/2015), namely balances, promotions, sales and take into account that the use of other expressions, even if similar, to announce sales with price reductions is prohibited. Among other aspects, it will be taken into account that information on the start and end date of these reductions must always be included, as well as the discount percentage.
It will be important to take into account that, in the case of Online Stores, consumers can cancel a contract, or in plain Portuguese, can return the product they have purchased within 14 days, without having to specify a reason or incurring any penalty.
It is true that there are some exceptions (see article 17), for example personalized products, but even so the general cases are enough to be taken into account.
Regarding the topic of the moment, which has to do with personal data, namely registration, use, right to be forgotten, among others, the General Data Protection Regulation (RGPD) will review much of the previously applicable legislation, although the main concept remains and though reinforced.
In general, we can say that personal information should not be used for anything that has not been previously and explicitly authorized by the user.
This is a topic that we have followed throughout the year, namely through the different workshops held by Samsys Academy since the end of 2017, but that will surely have new monitoring in the near future.
Even so, we already leave you an indication that you should pay attention to 8 essential points:
- Right to transparent communication and basic information (Articles 5, 12, 13 and 14 of the GDPR)
- Right to consent (Articles 7 and 8)
- Right of access of the data subject (Article 15)
- Right to rectification of data (articles 5, paragraphs 1 and 16)
- Right to be forgotten (Article 17)
- Right to data portability and transmission (Article 20)
- Registration of personal data processing activities (Article 30)
- Conditional access to personal data and sensitive data
How to ensure that you comply with all Legislation applicable to Websites and Online Stores
Having an online business is not just about building a website and starting selling... there is legislation applicable to Websites and Online Stores that you should know and comply with, and Samsys can help with this through its team of Development e Communication.
If you already have your website and want to correct any of the situations we have indicated, please contact us or use this article as a basis to ensure that you comply with all legal requirements.
Vítor Rodrigues worked for many years as a web programmer having developed websites since 1999. Since 2012 he coordinates the Samsys web team, which during this time has developed more than 100 WordPress sites, from institutional sites to online stores, including specific solutions for integration with other systems.
In the coming months it will publish a set of articles based on questions. Questions collected from the different conversations you had with clients or potential clients. If you have any questions you would like to ask, please fill in the form below.
Shall we talk more about this subject?
"*" Indicates required fields