Marketing Officer at Independent Studios UK
14 January 2010 12:05pm
Can anyone recommend a comprehensive source of information on all the legal requirements/compliancy issues applicable to running an e-commerce website?
Thanks for your help!
E-Business Consultant at Dan Barker
15 January 2010 18:45pm
hi, Bernadine, how are you?
Out-law.com has some
fantastic resources. Scroll halfway down this page & you'll find 9
excellent articles on ecommerce law & a further 7 on email law.
Further down is an internet advertising guide, etc:
Hope that's useful,
Executive at nisbets
16 January 2010 07:02am
Informative link. Thanks for sharing with us.
Technical Project Manager (MBA, MBCS, CITP, CEng) at Naxtech.com
16 January 2010 21:01pm
Indeed a useful link from Dan. Actually there is a workshop/interactive-session (www.techandlegal.co.uk)
we are in the process of putting together which will focus on technical and legal issues
one should know when creating, updating, promoting products and
Other than the information which the speakers will provide,
attendees will also have the chance to get answers on specific issues
of their own. The event's website will be online within the next few
weeks but it sounds like it might be the kind of thing you are looking
I hope this helps.
Media Partner: Pharmaceutical eMarketing Europe 2010http://www.eyeforpharma.com/emarketing/?from=naxtech.comUse promo code "DK1" and save 200 Euros.
See us at Tech-Legal for Business 2010 : www.TechandLegal.co.uk
18 January 2010 10:16am
Thanks so much for your replies, really helpful stuff, particularly the link from Dan.
I'm also looking for info on compliancy issues for online Merchants, e.g. things like PCIDSS and the requirement to have SecureCode if you want to process Maestro cards. Anyone have any ideas?
ceo at Sapience Infosolutions
19 January 2010 04:59am
Business Development at Realex Payments
20 January 2010 17:35pm
For PCI DSS there is a great quick guide on the PCI security council site at the link below.
The most difficult part of PCI Compliance is usually around what level you need to be compliant to. The acquiring banks are responsible for telling you where you stand on this but a good way to work it out is how you take the payments. A number of PSPs will give you a hosted payments page, this removes the onus of you capturing the cards and allows you to only have to fill in the SAQ (Self Assesment Questionnaire) D which is very short, I think it is only 11 questions.
If you want complete control over the payments page and you want to host it yourself then there is a extra work and you may need to do a more lenghty SAQ A and even engage a QSA (Qualified Security Assesor).
For 3-D Secure (the umbrella name for Verfied by Visa and Securecode) you don't need to show all of the logo's but it is very helpful if you do. Your customer is more aware that you use this service and will be less likey to drop out of the shopping process because of this. mastercard however have stipulated that you need to remove the Maestro logo if you don't implement Securecode. In addition to the legislative side about 3-D Secure there should be a commercial benefit to processing your payments with it. Your acquiring bank will be charged less and thus can charge you less for a "secured" transaction.
At the end of the day your acquiring bank has the most control over what you have to do here so they should be able to answer any payments related questions. Failing that your PSP should be capable of answering your questions.
Free market research on digital marketing
Daily Pulse: award winning newsletter
It takes 30 seconds to register