Guide to launching online consumer brands in the UK – 10 essential steps

1. Building your eCommerce Platform 
2. Protecting IPR In Your Online Brand and Design 
3. Key UK Ecommerce and Consumer Regulations 
4. Online Terms of Sale, Community Guidelines and Other Terms
5. Data Privacy and Use of Cookies
6. Securing and Managing Your Supply Chain
7. Product Safety and Labelling 
8. UK presence, Tax and Customs
9. Advertising and online marketing
10. Online Safety 

We work with leading consumer brands from the world of fashion to gin and support every aspect of their UK and international retail businesses. 

Whether you are launching a new consumer brand online in the UK or expanding to the UK, here are 10 essential steps to a successful launch. 

This guide is focused on online Direct to Consumer (D2C) stores. Therefore, this guide does not cover online Business to Business stores, online internet service providers or marketplaces, which have separate legal considerations. The guide also focuses on brands selling in the UK, and whilst some of the considerations here will be relevant to other regions, local advice should be sought on each region before launch.  

1. Building your eCommerce Platform 

Selecting the right eCommerce platform is crucial. Whether opting for bespoke solutions or established platforms like Shopify, WooCommerce, or Magento, it is imperative to evaluate scalability, feature integration, and business continuity plans. Ensure that your platform can handle traffic spikes and aligns with your long-term strategic goals.

Bespoke vs. Off-the-Shelf eCommerce Platforms

If you are considering a bespoke platform, consider whether your developer has suitable experience and capacity to support your current and future requirements. As the number of customers grows, how will that affect development and support costs? What online features will be available, and how will the platform integrate with your other suppliers? Check what reporting is available and if there are reasonable service levels and sufficient resources to support and resolve any incidents. Finally, what are your business continuity plans if the developer goes out of business or is unable to continue to support the platform going forward?

If an established e-commerce platform is your preferred route, the above considerations are still relevant, however you may also want to consider how the road map and cost increases will affect your business plan in the shorter and longer term.  

Traffic spikes

So often businesses reach out to us when their existing platform cannot scale to accommodate sales spikes (such as around seasonal campaigns, influencer engagement and targeted campaigns). This can be devastating for a planned campaign, and very damaging for revenue and brand. Key considerations for the technical team include how the platform will scale and how quickly it can respond to both predicted and unexpected spikes in traffic. These provisions need to be included in a suitable Service Level Agreement, but as always, contractual protection is not enough; it is important to test scalability gradually with planned marketing campaigns.  

Roadmap and Features

Features are also an important consideration. Understanding the roadmap of eCommerce platform providers is crucial.  Will key features you want to have available be part of future roadmaps? Customisations and plug-ins around such platforms can be expensive to complete and test when they are not included in the standard roadmap. New features can also create security risks and unexpected support obligations and costs. Many brands are keen to ensure accessibility for all, so understanding how a platform can support customers with visual or hearing difficulties is also worth investigating.  

Reporting, Analytics & Integration

The ability for any chosen eCommerce Platform to report relevant data and integrate with other supply platforms is crucial to being able to provide a responsive supply and delivery chain.  

An integrated supply chain enables products to be stored, picked and shipped by multiple suppliers seamlessly.  Platforms such as Shopify (via the Shopify collective app) can integrate with your third-party suppliers so you can provide a connected user journey from sale to delivery.

However, don’t assume the reporting from all platform providers will be sufficient for your wider organisation or regulatory requirements; it is worth checking data requirements and also how long data should be retained.  

Business Continuity

A business continuity plan is crucial, and this should link to your brand’s cybersecurity policy so there is continuity between your internal and supply chain continuity plans. 

Legal Advice

Given the risks, we recommend legal advice on the relevant terms and contracts in play to test these issues and make sure you understand the potential implications and options. 

Once you have selected your supplier, a legal review of the platform user journey to ensure compliance with the UK Ecommerce and Consumer Regulations (see below) is sensible. Compliance with all aspects of legal regulation can be complicated especially around pricing and use of algorithms; you should not assume the default platform settings comply with all regulations. 

2. Protecting IPR In Your Online Brand and Design 

If you are creating a new brand or using an existing brand for your UK online store it is advisable to consider appropriate Intellectual Property Rights. This should include domains and potential trade mark and registered design applications to protect the brand in the UK. 

Trade Marks

A trade mark can protect the name, logo, design, or any distinctive colour associated with the brand. A registered trade mark can ward off similar or identical brands which are intending to launch. It is common for high street fashion brands (which routinely need to protect themselves from lookalikes and copycatting) to have in the region of 100-200 trade marks at any one time. These marks can range from a designer’s name through to a particular product line or collaboration.  

Registered Designs

Where the shape or configuration of a product or packaging is unique or distinctive, it is worth considering registration of design rights. Registered designs have protected perfume bottles, speakers, mobile phones but also the colours, patterns and packaging of a product (such as food cartons, bags or boxes).

Copyright

Other intellectual property rights include the copyright and related rights in the brand designs for your online store, images of products, store content, copy and typography. Specialist advice on brand design and the setup of any online store is recommended. This ensures all intellectual property rights in the brand are considered and your legal budget is allocated sensibly to maximise return and protect investment. This legal brand strategy should be joined up globally (if applicable).

Brand Guidelines

Brand guidelines should be created to ensure consistency, especially across regions and should be checked by UK lawyers to ensure the guidelines will comply with local laws and protect the strength of the brand (for example by preserving distinctiveness).

Brand Designers and Creatives

Any third parties who are engaged in developing the brand or online brand assets (for example product imagery, typography and content) should be subject to appropriate written agreements.

Where you are reselling third party branded items (such as fashion apparel, drinks or electronic items), you should have a suitable reseller or distribution agreement. This should ensure the terms on which you can resell or distribute products in the UK are clearly detailed; along with broad rights to use any third party brands. Any distribution or resell agreement will also contain other commercial terms around stock, returns, liability, health and safety, support etc., which you will need to negotiate. If your online store is dependent on the supply of branded products, getting the terms of these agreements right will be a key focus.

3. Key UK Ecommerce and Consumer Regulations 

Historically, the UK eCommerce and consumer regulatory and legislative landscape was contained in a patchwork of different statutes and regulations. However, the new Digital Markets, Competition and Consumers Act 2024 (DMCC) has consolidated much of this, but some aspects of the patchwork legislation remain.

It is important to remember that consumer legislation is not retrospective.  So even though we have a new regime in the UK this does not retrospectively apply to contracts with consumers before the new regime came into force.  

The DMCC became law in May 2024 but it has a phased implementation. In April 2025, the government expects to commence Part 3, which provides for the consumer enforcement regimes, and Part 4, Chapter 1, which replaces the unfair trading regulations. Reforms to subscriptions contracts and alternative dispute resolution will follow later, with subscription reforms not commencing before Spring 2026.

Despite the DMCC being the leading legislation, there are still over 10 other pieces of legislation which (in whole or in part) could apply to UK consumers, so specialist advice is recommended to ensure you consider all relevant aspects before any eCommerce launch.

Key legal considerations from these various laws when creating advertising, marketing, and user journeys include:

Transparent and fair

Terms of sale and the user journey through to purchase must be clear. Hidden subscription costs (if subscription is an option) and overly complex procedures for cancellations should be avoided. In the context of trials and introductory offers, consumers must be able to exit these easily if they don’t wish to auto-renew. The Competition and Markets Authority (the CMA) sets out helpful guidance on unfair contract terms here. 

Banned Terms

Terms of sale cannot include certain terms, but also terms which by their effect could have banned or prohibited outcomes. These should be considered on a case-by-case basis; examples include terms which seek to prevent consumers exercising their statutory rights and a host of grey-listed terms which seek to allow the price or product to be adjusted after the contract with the consumer is agreed.

Dark Patterns

These are any form of practice or design which have the effect of exploiting consumer behaviour to influence choice; such practices which also rely on algorithms should be avoided.  

Quality

Products need to be of satisfactory quality, fit for purpose, as described and match any samples or examined goods.

Right to reject

Consumers have statutory remedies to reject goods within 30 days of delivery in most cases; alternatively, they may request a repair or replacement, or price reduction with certain conditions (for example if products do not comply with statutory standards).

Right to cancel (if consumers have changed their mind)

Consumers have a right to cancel within 14 days of delivery, but online stores can require them to pay for the return and deduct sums from the refund in certain circumstances. There are some exemptions to the rights to cancel which should be considered on a per product basis (for example the right to cancel does not apply where the products are health or hygiene related such as cosmetics or toothbrushes).  

Refunds

Refunds in the event that a consumer has changed their mind must be for the cost of all returned purchases including delivery. Where next day delivery options are used, the refund can apply only to the normal delivery costs.

Subscriptions

Consumers have rights to cancel subscriptions at specific intervals under the DMCC and brands must give consumers information before purchase about subscription renewals and how to terminate.

Fake Reviews

The DMCC bans commissioning of fake reviews and posting reviews without taking reasonable steps to check they are genuine.

Transparent Pricing not Drip Pricing

Drip pricing (where a lower advertised price then gets increased due to mandatory hidden charges) is prohibited.

We recommend getting specific advice on the impact of the DMCC and other retained consumer legislation. This also applies to marketing and advertising communications which are caught by the provisions. The CMA under the DMCC can impose fines of up to 10% of a business’ global annual turnover for breaches of the DMCC.  

It is also worth noting that UK legislation will not necessarily follow the EU or other markets; so where you are expanding to other regions and markets you will need to accommodate these differences and provide different terms of sale for consumers from these markets

4. Online Terms of Sale, Community Guidelines and Other Terms

All online terms of sale and community guidelines need to comply with the above legislation.  As stated, online terms should be drafted in an easy-to-read format and updated regularly.

Community guidelines are beneficial if your platform encourages customer feedback, such as sharing photos, comments, or reviews of products.You may also want to include good behaviour terms in these guidelines around use of products (such as clothing) which are subsequently returned for refunds. Many online stores (especially in the fashion sector) are facing high levels of product returns, where products have been used or are returned late for refunds.  Setting out expectations in the guidelines, especially around complete packaging, marks and intact labels, is important.

If your online platform offers subscription terms (where customers buy the same product on a repeat basis, often for a discount; or a free trial which automatically renews to a subscription), you will need to consider more specific customer terms and ensure your supply chain (see below) can deliver these commitments. As above, the new DMCC requires express terms to be included in these types of contract terms too (covered below).

5. Data Privacy and Use of Cookies

Online customer data will be an operational necessity for any platform and a highly valuable asset for brand, customer and product insights. You will need to ensure that customer data is collected and processed legally, stored securely and used ethically.

Key steps are to ensure that:

• your cookie consent pop-up is compliant with the latest regulatory guidance.  In short, this means that there must be an “accept only necessary cookies” button and a “accept all cookies” button.  Both must be equally prominent and there should be no nudging techniques to encourage customers to click the latter!  You must also have a cookies policy which describes the types of cookies (or similar technologies) you or others place and how customers can opt-out.
• you collect marketing consents early in the customer journey and ensure that all marketing communications have a link to your privacy notice and how to opt-out of future communications.
• service messages do not contain any marketing or promotional content, otherwise there is a risk that you may be considered to be sending marketing communications to customers who have not consented.  The UK Information Commissioner’s Office (ICO) has taken enforcement action in this area, so it is important to take a cautious approach.
• you have a clear and user-friendly privacy notice that accurately describes how you process customer’s personal data.  The ICO has helpful tools on its website to help organisations create appropriate privacy notices.
• any agreements with third party service providers contain the appropriate contractual provisions (as required by Article 28 of the UK GDPR). If those providers are based outside of the UK/EEA, then additional steps may be required as the UK GDPR has strict rules on transferring personal data outside of the UK/EEA.

6. Securing and Managing Your Supply Chain 

Securing your supply chain to ensure you have access to stock from suppliers and that you can ensure this supply chain meets UK supply chain legislation and wider regulations is crucial. Some of the greatest compliance risks can potentially come from the acts and omissions of supply chain partners; so increasingly building out governance in this area should be a core focus.

The usual supply chain commercial considerations around passing risk to suppliers for supply constraints, product quality, component shortages, complaints, returns and liability should all be clarified in a robust supply agreement. Increasingly where products are produced to order or design, these will need to include shared standards and ethical commitments to ensure your brand values are supported by suppliers (for example around pay, treatment of workers, etc).  

You will need to consider what level of due diligence should be carried out on prospective suppliers, and to monitor ongoing risks arising from supply chains on a regular basis. This will need to cover compliance around workforce, data, cyber and information security, environmental, social and corporate governance.  

Green claims must be carefully considered and substantiated. The UK regulator has indicated that vague and misleading environmental claims will be a key focus for enforcement action. Online retailers also need to be aware of existing and upcoming product and packaging regulations aimed at increasing sustainability and minimising waste which may need to be cascaded down supply chains.

In addition, further UK obligations include:

• Modern Slavery Act 2015 requires certain organisations (with a £36 million + turnover) to make a statement and report on actions to eliminate modern slavery and human trafficking in supply chains; 
• Environmental Act 2021 requires large organisations to cease using forest risk commodities or products derived from those commodities in any UK activities; and requires due diligence systems to be in place and annual reporting (when implemented by secondary legislation); and
• Corporate Sustainability and Due Diligence Directive 2024 (CSDDD) requires in-scope organisations to conduct sustainability due diligence in respect of upstream and downstream business partners. As part of this due diligence, companies must identify adverse human rights and environmental impacts in their own and their supply chains’ activities and identify steps to prevent or mitigate these impacts. This extends to distribution, transport and storage of products so has a very wide scope. In-scope companies will also need a climate transition plan. The CSDDD applies to UK organisations which generate a net turnover of EUR 450 million or generate royalties from licensing or franchising of EUR 22.5 million in the EU and net turnover is more than EUR 80 million in the EU; or if they supply goods or services to in-scope UK or EU companies.  

Whilst some stores elect to take a risk-based approach, it is important to consider the impact that non-compliance could have on brand reputation.  

7. Product Safety and Labelling 

As an online store, it is your responsibility to provide sufficient and necessary information about the product being sold.  The extent of information required will vary depending on the nature of the product. Certain category products carry with them particular regulatory requirements around information, including for products for children, electronic products as well as labelling requirements for clothing and other garments.  For a wide range of products, the requirements may be numerous and product dependent.  Own brand products will carry significantly increased requirements around safety on you as manufacturer distributor over third-party products but the responsibility for checking compliance of what is sold and contractual risks rests with you.

8. UK presence, Tax and Customs 

If you are launching a business in the UK, you may find our guide to establishing a UK business here useful. There is no specific obligation to set up a UK company however to supply goods to the UK. For the importation of goods, the role of importer of record and the responsibilities that creates as an importer for the purposes of product safety requirements will be important considerations.

9. Advertising and online marketing

All advertising and marketing for online brands needs to comply with the BCAP Code (which covers broadcast advertising) and the CAP Code (which covers non-broadcast advertising and direct and promotional marketing) (collectively the Codes).  There are additional regulatory considerations for broadcast advertising.

The Codes are enforced by the Advertising Standards Authority (ASA) which has the powers to remove infringing advertisements and refer retailers to Trading Standards and the CMA in the UK.

In addition, where online advertising and marketing could have a negative impact on children, the Online Safety Act 2023 (OSA) and related guidance from The Office of Communications (OFCOM) should be considered.  We cover this in more detail below. It is advisable to get competitions, advertisements, promotions and associated marketing checked for compliance with the Codes and the OSA by a specialist lawyer.  

10. Online Safety

The OSA targets a diverse range of sectors including, among others, social media, dating, gaming and adult services. Its goal is to protect children from harmful content, so it will be relevant to brands which have appeal or target children. OFCOM is the UK regulator and responsible for enforcement of the OSA. Failure to comply with the OSA, amongst other offences can trigger fines of up to 10% of global turnover or £18 million, whichever is the greater.

The OSA is enforceable if online stores are targeting UK consumers, even if the online store is not based in the UK. It has relevance where online brands may host or facilitate user generated content (UGC) or interaction between online child users (such as sharing images or videos of products bought, connecting-up brand fans or access to brand influencers). To meet the duty of care required by the OSA, companies must put in place systems and processes to improve user safety. Different levels of obligations apply depending on the size, functionality and features of the platform involved.  

Next Steps

Given the rapidly evolving nature of legislation and best practices in this area, it is advisable for any new consumer brand launching online in the UK to seek specialist legal advice prior to launch.

Rebecca Steer is a Partner in the Commercial team and supports British and International consumer brands launch online internationally, including in the UK.  

Jamie Cartwright is a Partner in the Dispute Resolution team and advises on product and supply focused disputes, risk mitigation and dispute avoidance, and mediation.

Janine Regan is an experienced data protection lawyer and leads our Data Protection and Privacy practice.