Platform Overview

Launching an Online Store: The Legal Essentials

Online businesses have seen rapid growth in recent years, and it’s easy to see why. Not only is online shopping highly convenient for customers, it’s also convenient for you as a business owner because you can run your online store remotely, but also reach more customers than ever before. When setting up your online store, there are quite a few legal requirements that you need to be across. In this guide, we’ll outline the legal considerations you need to make when launching an online store.

Table of Contents

Legal documents

Running an online store still means you have all the same legal obligations as you would a physical store. There’s a number of legal documents you’ll need to run your business legally and ensure that your website is compliant.

Privacy policy

A privacy policy is a document that you’ll see on most Australian websites. A privacy policy is a relatively simple document. It’s usually only two to three pages long and can act as a pop-up or link towards the footer of your website. This document informs your user what you’ll do with their confidential information. Confidential information includes details such as names, email addresses, credit card information, and residential addresses. If you’re running an online business, it’s probable that you’ll need to collect this information from customers. Your privacy policy will inform your customer how you’ll use their information and who you’ll be sharing it with.

Online privacy has become a key concern for many people, so it’s important that you address this on your website. Privacy policies aren’t compulsory for all Australian businesses, as only businesses with revenue over $3 million are legally required to have one. However, you should still have one. Letting your users know what you’ll be doing with their information and where it will be stored will instil trust and legitimise your website.

Terms and conditions/terms of use

You will need a terms and conditions for your website if you’re selling products online. This document includes things such as your refund and exchange policy. These policies are legally required and are usually found in your terms and conditions. Further, if you’re going to be operating an online marketplace (a good example is eBay), you would need terms which are for both the seller and the buyer.

The next document you’ll need is a terms of use, which is usually located on an information site or blog. This document outlines the rules around what people can and cannot do on your website, but also how they can use the information on your website.

Intellectual property

It’s important to have your intellectual property secured early on. Intellectual property can be summarised as the assets of your business that are intangible. When you first start a business or a company, usually the idea is all you have. This is why it’s the first thing you should seek to legally protect.

Beyond trademarking your business name and other brand assets, you also need to protect your website. It’s likely that you’ll also hire someone externally to develop, design and build your site. When you outsource this, it’s important that you have the site (the intellectual property asset) transferred to the business. You can do this by using an intellectual property agreement or including a clause in your services agreement which confirms that ownership of the asset will be in the business’s name. If the site isn’t assigned to you, there’s a risk that the developer could go on to design another website that’s exactly the same. Another important thing to note is that when you’re raising capital for your business, investors will want to make sure that all of the intellectual property assets rest with the business, and not someone else.

If you’ve already had your site designed, you can ask the developer to sign an intellectual property agreement. This will help you make sure that the intellectual property belongs to your business.

The moonlighting problem

Many business owners start their business whilst still working for someone else. If you’re moonlighting, it’s important that any intellectual property is separated from your current employer. You can do this by only working on your business outside of your ordinary hours and making sure none of your business’s assets are held on company property.

The Zuckerberg problem

This is a common problem that happens to businesses. If you hire someone to design your website, it’s important to ensure the intellectual property rights belong to you. In the case of Facebook, Zuckerberg was allegedly commissioned to program a social networking site named ‘ConnectU.’ Not long after this, Facebook launched. Unfortunately, the founders of ConnectU could not enforce their rights as there was no legal agreement made between them.

Marketing and advertising

Complying with the Spam Act

To sell your products or services, you’re going to need to market and advertise your business. However, there are important legal requirements which you should be aware of. One of the most important of these is the Spam Act 2003 (Cth). The Spam Act covers all electronic communications you send to your customers (such as emails), and requires that these communications must be sent with your customers’ consent. For example, when you sign up to a newsletter on a website, by signing up to that newsletter in the terms and conditions you’ll be saying there is an implied consent that they can contact you and give you newsletters and, most likely, advertise products to you.

Another thing to note is that you (as the sender) must be identifiable by the recipient. For example, if you’re sending an email, you’d put your name, ABN, ACN and address down the bottom in the footer of the email.

And the last compliance issue is that every email must have an unsubscribe link. What that means is that they must be able to opt out of being sent messages from your business. You should place your unsubscribe link in the footer of your email. However, government bodies, political parties, charities and religious organisations are exempt from this rule.

PCI compliance

PCI compliance stands for payment card industry data security standards and it deals with any time you might be taking credit card payments through your website. There are a lot of rules around this and everyone must comply. If you are collecting payments online, you need to comply with this and often it’s a very complex procedure to become compliant. However, there’s definitely a shortcut and that is by using payment gateways. So when you next purchase online, you’ll most likely come to the payment page and you’ll see that at the bottom it usually says something like “powered by Stripe” or “powered by PayPal” or “powered by Braintree”. All of these are payment gateways and they deal with all the PCI compliance standards for you.


Get a free legal document when you sign up to Lawpath

Sign up for one of our legal plans or get started for free today.

Australian consumer law

The Australian consumer law is the piece of legislation that covers all Australians if they’re selling goods and services online. It particularly applies to the sale of consumer goods.

Misleading and deceptive conduct

You cannot mislead or deceive your customers. This includes lying about description of goods on your online store, displaying the wrong pricing, and making false or inaccurate claims about what your product or service can do. What people are purchasing needs to be what you deliver. One thing to note is that silence is not a rebuttal to this. So you cannot just not say something if it would have been reasonable that you did need to talk about that feature of the product. Adversely or alternatively to that, puffery, (which is exaggerating claims about your product) can be misleading.

False representations

It’s crucial to avoid making any false representations about your product. These include false representations about the price, standard, quality, value, history or place of origin of your product. A common one is products which claim to be Australian-made, but aren’t.


Peer to peer reviews and testimonials are very important for online businesses these days. Often people will not buy from an online store unless they can see reviews and testimonials. However, false testimonials are not allowed.

Unconscionable conduct

You cannot target any group unconscionably. This can include those with a disability, the elderly, and the financially disadvantaged. A well-known example is where the Commonwealth Bank was targeting elderly couple and trying to get them in to refinance their mortgages. They were specifically targeting elderly people, which amounted to unconscionable conduct.

Unfair terms

If you are selling a subscription service online, you can’t be locking people into contracts. For example, you can’t lock your customer into a five year contract and increase the price of the subscription. That will be seen as an unfair term. Usually an unfair term is increasing the price of your goods and service without notice, unless it’s written into your terms and conditions.


Launching your business online has multiple benefits and will allow you to grow your business beyond the confines of a physical store. Despite this, it’s important to keep in mind that you still need to comply with the legal requirements for running a business in addition to your online obligations.

You may also like
Recent Articles

Get the latest news

By clicking on 'Sign up to our newsletter' you are agreeing to the Lawpath Terms & Conditions


You may also like

Having an equitable interest in a property may give the holder the right to acquire legal title. Find out what this means and when it can occur here.
If you're interested in protecting your assets for your children, a descendant's trust is likely the best option. Our article breaks this down.
Backdating is the practice of making a contract legally enforceable from a point in time prior to the current date. It can only be done in certain situations.