Do you know your responsibilities as an online business?

Online businesses are charged with responsibilities above and beyond those of a traditional bricks and mortar store.

Starting a retail business is, in many ways, easier today than it’s ever been. It’s perfectly possible, and indeed common, to start a retail business from home with nothing but a website and a small amount of inventory.

The day-to-day running of these online businesses can feel very different to that of traditional bricks-and-mortar stores, though the legal responsibilities remain similar.

As an e-retailer, you are subject to the same laws that govern traditional stores and face a number of additional responsibilities. Here are three key overarching obligations for every e commerce business.


The Australian Consumer Law binds all retailers, whether online businesses or not, to a number of legal guarantees about the goods they sell. For instance, it guarantees that any product sold by the retailer to a consumer is safe, of acceptable quality and matches the description provided by the retailer.

If a product falls short of those guarantees, the consumer has the right to request a repair, replacement or refund.

However, the costs of selling faulty products can be far more significant than having to issue refunds. As the seller, you have a responsibility to ensure your products are safe and you could potentially be held liable if something goes wrong.

In situations like that, Product Liability Insurance can mitigate your business’ risk by covering issues such as legal costs and damages.

“The day-to-day running of these online businesses can feel very different to that of traditional bricks-and-mortar stores, though the legal responsibilities remain similar”

Mailing Lists

Mailing lists are a key part of the marketing strategy for many internet businesses. They are most commonly used to engage with customers who have previously bought from you or expressed an interest in your products.

However, email marketing is also prone to misuse by unscrupulous operators so it’s important to know where the law stands. Under the Spam Act 2003, there are three key rules for retailers to know when it comes to email:

  1. Before you send emails to previous or potential customers, make sure you have their consent to do so. This is usually done by asking them to subscribe to your mailing list. If they haven’t subscribed, don’t email them.
  2. Your emails must clearly identify your business and give the recipient accurate information about what you sell and how they can contact you.
  3. You must give recipients the ability to unsubscribe from your mailing list if they chose to do so.

This includes messages sent by SMS, MMS and instant message.

Companies face hefty penalties if they break these laws. In 2017, internet provider TPG was fined $360,000 for spam breaches.

Privacy and Security

As an online business, you are able to collect a significant amount of information about your customers. During each transaction, you’ll receive names and addresses, not to mention credit card details and potentially contact numbers. And when it comes to those on your mailing list you may know even more – dates of birth, interests, gender and so on.

That kind of information could be very lucrative to hackers and it’s your responsibility to keep it protected. If your systems are hacked and customer information compromised, the effect on your business could be crippling.

You could face action from the Australian Information Commissioner under the Privacy Act, as well as legal action from affected customers. Arguably, though, the greatest impact would be to your business’reputation.

Imagine this scenario: an international hacker accesses your systems and uses your data to perpetrate fraud in your customers’ names. Those customers will never trust you again, and if word gets out – which is inevitable with social media – you may have trouble winning new business as well.

That’s why your online business needs to take cyber security very seriously. You should be using every protection available – firewalls, anti-virus software, secure web-hosts and password managers – since there is no such thing as being too secure.

But even with all that in place, bad things can still happen, which is why Cyber Insurance has become a vital requirement for any business dealing with customer data these days.

A Cyber Insurance package will typically help cover costs associated with lost revenue, legal costs and liabilities from the lost data. It may also help with costs associated with protection and rebuilding your company’s reputation.

For expert advice on the best insurance solutions for your business, talk to your broker or adviser now.


Important notice – Steadfast Group Limited ABN 98 073 659 677

This general information does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your insurance broker or adviser as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. These insurances are issued by various insurers and can differ.


Like This