What is the minimum legal content for a website?

Normal advertising rules apply to information on websites, so consult your own industry guidelines and the British Code of Advertising Practice.

Specific rules also apply. The Electronic Commerce (EC Directive) Regulations 2002 set out the minimum information required on a website.

Organisations must specify a geographic address and contact details including an email address. Information about "cookies" and the opportunity to opt-out of their use must be provided and there are further requirements where goods or services are sold online.

Limited companies must include their full legal name, their registered office address and their registration number on all emails and on their website, the same as for any "business letters" per the Companies (Registrar, Languages and Trading Disclosures) Regulations 2006.

Does a website need a "Privacy Policy"?

Yes, all websites should have one.

There is a legal requirement to have a Privacy Policy for US based organisations, but it is not a legal requirement in the UK. People browsing your site will look for a Privacy Policy, they may even think it is a legal requirement, so don’t disappoint them.

There is a legal requirement to provide a "cookie" warning where these are used and to explain how to disable cookies and the effect that will have on access to your website and its facilities. In practice most organisations put this information in the Privacy Policy. It is becoming a "best practice" standard.

A privacy policy also provides an opportunity to communicate the organisation’s policy on data protection, for example whether it treats personal data as strictly confidential or whether it trades in personal data. It is also the logical place to explain the purposes for which the organisation uses personal data and any likely disclosures.