Your website and the law

There are a number of legal issues that you need to be aware of which affect your website. The site itself needs to comply with a range of regulations, from intellectual property to privacy. It's also important to have the right contracts with suppliers such as web designers and website hosting services

Web design contracts and intellectual property

If you use a web designer, make sure there is a clear, written agreement between you. Particularly, make sure they assign or license any intellectual property (like copyright) in the website to you. Otherwise, they could use the same design for another client, withdraw your right to use the design, and stop you taking the design to another designer.

Similarly, if your website is dependent on particular software to work, you must be absolutely sure you can continue using the code, even if you change designers.

Be clear about what you want the designer to do for you at the outset. One of the biggest causes of disputes is 'scope creep', when you keep adding extras or changing your original spec because you didn't think it through at the beginning. Set milestones for testing and link payment to these.

Be clear who will maintain the site - add to, remove or amend existing content on the site. If you want to be able to do it, say so, and ensure staff training is included in the agreement. If the designer or agency will do it, make it clear what they will do, and the costs for doing so.

Trade marks

Your designers will ask you for keywords to include on the website, and in the underlying code, so that your site can be found more easily by search engines like Google.

Do not use other people's names or trade marks in your keywords, without taking advice. You may be infringing their intellectual property rights by doing so.

Hosting and domain names

If your website is going to be stored ('hosted') on the server of an Internet Service Provider ('ISP') rather than on your own server, you need to negotiate a service level agreement (SLA).  The agreement commits the ISP to key performance standards in areas such as website 'availability' or 'uptime', and should be clear on how problems will be dealt with.

Make sure you are happy with the host's security - firewalls, anti-virus software, etc.

Make sure other websites aren't diverting visitors to their sites using similar domain names and websites. Consider subscribing to a domain name monitoring service.

Overseas visitors

People outside the UK will be able to visit your website. There can be legal consequences if, for example, your website is illegal in other countries, or clauses in your website's terms of use are invalid in that other country. For example, clauses designed to limit your liability for any loss suffered by a visitor may be unlawful in other countries, leaving you exposed to unlimited claims there.

Limit your potential problems by clearly specifying which countries the website is targeted at on the site itself. A legal review of the laws in your key overseas markets is strongly recommended.


If your site contains advertising, it must be legal, decent, honest and truthful, and you must not misdescribe your products or services. The UK Code of Non-Broadcast Advertising, Sales Promotion and Direct & Promotional Marketing (CAP code) also applies your website, and to Facebook, Twitter and any other non-paid-for online space you control (eg blogs or other social media sites such as LinkedIn).

Be careful about non-UK visitors. For example, some countries prohibit comparative advertising, or advertising to minors.


Know which information you must provide to visitors, such as:

  • your business name and address
  • if you are a limited company, place of registration, registered office address and company number.

If your website includes prices, you must state whether these include VAT and delivery charges.

If users can buy or place orders on your site there are additional distance and online selling requirements. For example, you must provide written confirmation of orders, and tell consumers about their cancellation rights (if any).

Privacy and data protection

Include a privacy policy on your site saying how you will use any visitor information you capture, for example through registration or cookies. You must comply with data protection regulations covering how you process personal information.

If you want to send marketing emails, you must either have specific 'opt-in' or already have a relationship with the recipient. You must always provide the option to opt-out, both on your website and in any emails you send them.

You also need to comply with the rules on cookies.

Third party content and hyperlinks

Only use third party content if you have been granted a licence by the copyright owner, which covers use on the web. You should check any existing license agreements.

Make sure links to other websites do not infringe third party intellectual property rights, eg by making it appear that their material is part of your website. Include a disclaimer on your website stating that you are not liable for the contents of third-party websites.

Website disclaimers

Include a disclaimer in your terms and conditions of use, to help limit your liability for any damage a user might suffer through relying on your advice.

If you offer a chat room/discussion forum, disclaim liability for visitors' postings in your terms and conditions of use. Monitor and remove inappropriate comments.

Disability discrimination

If visitors can buy goods or you provide product support on your website, you must take reasonable steps to ensure that it is not unreasonably difficult for disabled people to use these services and that you do not discriminate against them.

Sector-specific issues

If you are in a regulated industry, there may be special legal issues for your website. Take advice.

If in doubt, take legal advice.

What does the * mean?

If a link has a * this means it is an affiliate link. To find out more, see our FAQs.