free small business advice & information

Article Index
Website and Email Law: What You Need to Know as a Business
Email Basics
Contracts and E-commerce
Data Protection
Intellectual Property

Website and Email Law: What You Need to Know as a Business

What data protection law should I be aware of as a business?

Any personal data you collect or handle from consumers is governed by a set of regulations under the Data Protection Act 1998, which is administered by the Information Commissioner’s Office (ICO).

If you handle personal data in any form, you must comply with the Act – which normally means registering as a ‘data controller’ with the ICO annually, paying a fee of £35. Any use you put personal data to is governed by a strict set of principles – to comply with these, you should:

  • Set up a clear ‘privacy policy’ and make it prominently available on your website – this should tell users how their details will be used and shared, particularly so if you plan to use the data for marketing purposes or share it with third parties
  • Always obtain consent from a customer if you plan to share their data with third parties for mailings, research or marketing purposes – it’s the law
  • Only collect the data you need
  • If your site uses cookies (small files which are stored on a user’s computer by your website, recording their site behaviour and preferences), you need to tell users how they will be used and allow them to opt-out.
  • Never use a person’s information for direct marketing if they ask you not to
  • Store any data you collect securely, and put measures in place to restrict access to only the employees that need it
Am I responsible for my employees’ actions over the Internet?

Generally, yes – just as in other areas, you are legally responsible for your employees’ behaviour when using your email and Internet systems. Particular risks you should be wary of include:

  • Defamatory statements – these should never be circulated, even internally, as they could lead to your company paying substantial damages
  • Hostile, offensive and bullying emails – these could create a hostile work environment, leading to claims of stress, discrimination or harassment
  • Intellectual property breaches – for example, employees copying rights-restricted images from elsewhere on the web and using them on your website

You should set up and enforce an IT policy at your workplace and make sure you provide any training employees need – this can go some way to reducing your risk.

Labels: Email & Website