In recent years, the American institution of Black Friday and Cyber Monday has made its way across the Atlantic to become an annual event for British retailers.
Last year, it is estimated that £1.23bn was spent online on Black Friday, with an estimated £6.5bn being spent in ‘Black Friday week’, which spanned from Monday 21st November to Sunday 28th November 2016.
With this figure expected to increase this year, as has been the trend year on year, it is vital that you are up to date on consumers’ rights and your obligations in respect of Data Protection in relation to any goods or services supplied.
The Consumer Rights Act came into force on 1 October 2015, and provides a ‘one-stop-shop’ for consumers in respect of consumer rights. The Act applies to all businesses selling or providing services directly to consumers and sets out clear provisions as to what rights consumers have and what obligations businesses supplying goods and services have.
The Act clearly sets out rights relating to digital content. It also allows a consumer to claim compensation if defective digital content causes damage to a consumer’s existing device or digital content.
Consumers have a number of rights under the Act, relating to goods, services and contract terms. The rights are extensive, but some of the key points to be conscious of are;
- Goods should be of satisfactory quality, fit for purpose and as described. If they are not, consumers have the right to reject the faulty goods and receive a refund within 30 days of purchase. After 30 days, the consumer is obliged to provide the trader an opportunity to repair or replace the damaged goods and if any repair is unsuccessful, the consumer is entitled to a refund or price reduction.
- Services supplied should be carried out with care and skill, for a reasonable price and within a reasonable time. If this is not satisfied, the trader should ‘re-do’ the services (where possible) at no further cost to the consumer. If this is not possible, the consumer may be entitled to a price reduction of up to 100% of the cost charged.
- Consumer Contract Terms should be prominent and transparent and terms can be assessed for fairness. The Act makes provisions for terms which may be regarded as unfair and ultimately unenforceable.
The key takeaway is to ensure that your sales terms and conditions and practices online and in stores adequately comply with these laws to avoid any issues further down the line.
The legislation that governs the legal landscape of Data Protection in the UK is undergoing the most extensive reform since 1998. In response to the forthcoming General Data Protection Regulation (GDPR) in the EU, the UK Government has drafted a new Data Protection Bill which will govern this area, and will still apply following the UK’s exit from the EU.
Your obligations in respect of Data Protection when handling consumers’ data will be greatly increased, and you must ensure that you are fully aware of these so that you do not fall in breach of the legislation.
The rules surrounding consent have been significantly tightened, and you must ensure that you obtain clear, informed consent to handle consumers’ data. There should be no ambiguity as to what is being agreed to by the individual.
Individuals will gain greater access to the data stored about them. Any data should not be held except where strictly necessary, and should be stored securely.
Under the new legislation, opt out ‘tick boxes’ will become a thing of the past, as consent must be much more specific in order to comply. It is advisable to bring in these practices now in anticipation of the legislation to avoid having to go back and re-obtain suitable consents once the new legislation comes into force. The new legislation has also significantly increased the Information Commissioner’s authority in terms of imposing sanctions for any breaches, and the level for fines has been increased to a new maximum of £17m or 4% of the global turnover of an organisation.
GDPR will apply from 25 May 2018, and the new UK Data Protection Bill will likely come into force around this time.
You should review your supply terms and conditions on websites and privacy policies to ensure that they contain adequate consent mechanisms for your business, and that they fully comply with all applicable legislation. Data processing practices should also be reviewed, and any areas of weakness should be identified and rectified before the changes come in to avoid sanctions.
If you have any questions, or would like to discuss the legislation and how this affects your business, please contact us, and we would be happy to discuss your options.