E-commerce is a very well established means of doing business (Amazon being founded back in 1994 and now having a market cap of over $1 trillion being testament to this!).

Yet today, in the Covid-19 world, e-commerce has assumed an even more important role in our economy (and day-to-day lives), and a number of SMEs are now looking to e-commerce as a new means of selling their products.

The Government has clearly recognised this with its May budget announcement of a planned $10 million fund to provide incentives and grants to encourage e-commerce, train more digital advisors and provide information and support for SMEs wanting to incorporate e-commerce into their business models.

We look forward to seeing the detail of this Government initiative, but in the meantime here are our top legal tips for New Zealand SMEs looking to implement an e-commerce solution:

Have appropriate Ts&Cs

Having an appropriate set of terms and conditions (Ts&Cs) to govern the sale/supply of your products is fundamental to mitigating the legal risks associated with e-commerce.  The Ts&Cs document the contract between you and your customer and should address the parties’ key rights and obligations.  Where consumer products are involved, the Ts&Cs will need to comply with applicable consumer protection legislation.  For example, under the Fair Trading Act contract terms can be declared ‘unfair’ and rendered unenforceable.  It is also an offence under the Fair Trading Act to attempt to contract out of the Consumer Guarantees Act other than in the limited manner permitted by that Act.

Ensure customers expressly accept your Ts&Cs and be able to prove this

As part of the online ordering process, you should require customers to expressly accept your Ts&Cs before any order is concluded.  Typically this is done via a tick-box ‘I accept’ facility.  You should also ensure that you retain sufficient records of orders and the ordering process/system so that you can, if you ever need to, prove that a particular customer accepted your Ts&Cs.

Be clear on when a contract is formed

One of the criteria for forming a contract is a concluded agreement between the parties.  Often this is considered in terms of one party making an offer and the other party accepting that offer.  In an e-commerce setting, the point at which a contract is formed can easily become contentious.  For example, when a customer clicks ‘I accept’ to your Ts&Cs, are they accepting an offer and in doing so bringing a contract into effect?  If so, what happens if you are currently out-of-stock or not able to deliver at the time requested by the customer?  These types of questions can be avoided by being clear on when exactly a contract is formed – for example, a contract is only formed when you confirm you have received and accept the customer’s order.  If your e-commerce platform is integrated with your relevant back-end systems (e.g. inventory management systems), you may be able to give such a confirmation almost instantaneously, making for a better customer purchasing experience.

The form and presentation of your Ts&Cs matter

To mitigate against the risk of a court finding that insufficient notice of particular terms was given, the Ts&Cs should use plain English, avoid legal jargon and be presented in a manner which allows the customer to quickly appreciate and scroll to the particular matters covered by the Ts&Cs (e.g. by the use of a contents page with hyperlinks to the relevant sections and/or summaries of the Ts&Cs).

Adopt and disclose a privacy policy

E-commerce transactions will inevitably involve the collection of personal information.  Under the Privacy Act businesses collecting personal information have an obligation to take steps to ensure individuals are aware of certain matters (such as the purposes for which the information is being collected and the intended recipients of the information).  This obligation (among other matters) can be addressed via an adequately prepared and disclosed privacy policy.  As with the Ts&Cs, it is best practice to have your customers expressly accept the privacy policy as part of the ordering process and present the privacy policy in a manner that is easy to follow and understand.

Obtain express marketing consents

Once a customer has purchased one of your products, you’re going to want to make them a repeat customer, including by possibly marketing your other products to them.  When it comes to electronic marketing (such as marketing via email or SMS), the fundamental rule under our Unsolicited Electronic Messages Act (aka Anti-Spam Act) is ‘thou shall not send commercial electronic messages without consent’.  While it is possible to infer consent from a business relationship, it is probably stretching it to say that a customer consents to being on your marketing list merely by purchasing from you once.  If you intend to send electronic marketing messages to customers, you should seek their express consent to this via an ‘opt-in’ tick box or at the very least through a term in the Ts&Cs that is clearly drawn to the customer’s attention.  Once consent is obtained, any marketing messages you send to the customer in the future will also need to include a facility allowing the customer to unsubscribe from receiving further messages.

Be mindful of overseas laws

While you may be based in New Zealand, your website, systems and data may be hosted in New Zealand, and your Ts&Cs may be governed by New Zealand law, it is still important not to ignore the possible application of overseas laws if you sell to overseas customers.  This will be particularly so if your website specifically targets overseas customers – for example, by having an overseas or foreign language version of your website, or allowing overseas customers to pay in their currency.  One example of an overseas law that could apply to New Zealand-based businesses is the EU’s General Data Protection Regulation (GDPR), which applies to businesses outside of the EU that target individuals in the EU.  If you decide to target customers in overseas jurisdictions, it is a good idea to have your Ts&Cs and privacy policy reviewed by overseas lawyers for compliance with applicable laws in those jurisdictions.