Make WooCommerce Legally Secure: Requirements for Europe

Michael Firnkes Updated on 20.10.2020
8 Min.
WooCommerce legally binding
Last updated on 20.10.2020

WooCommerce is geared towards the US market. In the European Union, there are numerous legal requirements that need to be taken into account during planning and operation. Disregarding these regulations can easily lead to legal warnings. We'll show you the most important guidelines and WordPress plugins for your online shop.

It's not easy operating a web shop, regardless of whether you're using WordPress or any other system. One wrong setting and you face the quite realistic danger of a warning from competitors, competition associations, or authorities. This applies especially in either of the two following scenarios:

  1. The registered office for your online shop is in the EU
  2. If you sell from your shop to EU countries

In both scenarios, you can't operate WooCommerce with the default settings . You need to make the necessary changes yourself or use appropriate tools to do so. In the following article, we'll give you tips on what is required and introduce you to some helpful plugins that will save you a lot of work.


What specific legal requirements you need to adhere to depends on numerous factors. For example, on the location of your company headquarters, your industry, or your customer structure (delivery locations, B2C vs. B2B shops). The following information is therefore of a general nature and should be understood as such. You should always seek advice from a law firm specialized in online law before going live with your shop.

Legal texts for WordPress and WooCommerce

Your legal texts are the pivotal elements for making your shop as legally secure as possible. These include, for example, the legal notice or the general terms and conditions, the privacy policy, and, in some countries, required information for revocation/return and shipping. You need these legal texts on suitable subpages of your online shop, sometimes also as information in the emails you send to your customers. These texts must be easily accessible and confirm or link to important points in the ordering process.

What exactly needs to be mentioned in the individual legal texts? Again, this depends on various legal requirements. Here is just a small selection:

  • What is your legal form, which goods do you sell, do you ship them or are they purely virtual (e.g. music, downloads)?
  • Which customer data is stored and processed by you and how (IP addresses, master data, use of cookies and other tracking solutions)?
  • Which external services do you use to process payments or ship your products?
  • Which service providers do you use for accounting, calculating and processing taxes, managing your customers (CRM), or inventory management?
  • Do you rely on cloud services to store customer data and in which country is this data stored?
  • Which tools do you use to analyze user behavior? (e.g. Google Analytics, Piwik/Matomo, etc.)
  • Do you send newsletters and other emails to your customers?
  • Do you use social networks such as Facebook, Twitter, Instagram etc. for your online shop and how exactly are these technically integrated?

For most countries and languages, there are now free or inexpensive online services to create suitable sample templates. See, for example, the Privacy Policy Generator or the article Create AGB from the sevDesk blog. You have no guarantee with such sample texts, however, that they're valid for your intended use. Although it is more expensive to have individual documents drawn up by a law firm, this option is usually safer for professional use.

WooCommerce and the GDPR

In the European Union, the General Data Protection Regulation (GDPR) is the legislation that causes shop owners the biggest headaches. To read more on this subject, check out our GDPR Guide for WordPress agencies and freelancers. WooCommerce has created the most important basis for compliance with the regulation with its own update:

  • Easier creation of data extracts if your customers request them. Within the scope of the GDPR you are required to create such reports on demand.
  • Integrated approval process to verify the authorization of incoming data requests (after the so-called Double opt-in procedure).
  • Function to delete personal data on customer request.
  • The optional anonymization of orders.
  • Ability to set time limits for the retention of certain data in WooCommerce.

Free plugins like the WP GDPR Tools (GDPR) , Borlabs Cookie take on additional tasks, such as the integration of GDPR-compliant information on cookies. You should also have these checked by a lawyer. For tracking solutions such as Google Analytics or Facebook Pixel there are specific guidelines to follow.

You can find specific instructions in specialist magazines and blogs on the subject of online law. For European countries, I recommend the blog by Thomas Schwenke.

Since the GDPR was introduced, it's essential you have an enhanced privacy policy. This must contain, among other things, detailed information on the type of data processing in your company and by affiliated service providers. If necessary, your customers must agree to data processing by third parties via special checkboxes in the ordering process. These can be shipping companies, for example, to whom you provide information about your customers' addresses and orders.

If you work with external companies, you may need so-called contract processing agreements. These are special agreements with which your business partners ensure that your customer data is treated in accordance with data protection regulations. In some countries, you have to create a data protection concept and appoint appropriate data protection officers. The European Commission has created an information portal for all of these requirements. The texts are available in several languages:

Information on the GDPR GDPR
EU information on GDPR

Depending on how strict they are and how often they change in your country, you can easily get bogged down trying to comply with regulations. Such stress can easily hamper your experience of running your online shop. That's why I recommend outsourcing this task, more on this later on.

Further requirements for legal certainty

Special rules on EU VAT or sales tax apply, at least in the B2C area, for operators who deliver certain digital goods to EU countries. The amount of tax depends on where the customer lives. The regulation applies worldwide, regardless of the shop's headquarters. If you are affected by the guidelines, you must ensure uniform end prices in your online shop - even if you have several different recipient tax rates.

The complex calculation of the EU VAT can usually only be solved with additional plugins. Under the keyword "WooCommerce EU VAT" on you'll find different plugins for this purpose. We'll also look at a few of these later on.

There may be further specifications depending on the location of your online shop, industry or individual target countries of your orders. Make sure you consult an expert on which of these are relevant for you:

  • Taxes for additional services, for example shipping costs or additional fees, often need to be calculated proportionately. This procedure is called split tax and depends on the goods and tax rates in the shopping cart.
  • When your visitors add products to their shopping cart, WooCommerce estimates the tax and shipping costs until the customer provides their address. Sometimes you are required to make this fact explicit.
  • If there are tax breaks for small and young companies in your country, they may have to be integrated into WooCommerce.
  • For products sold by weight, measurement or volume, some countries require the unit price or a basic price to be displayed.
  • Do you distribute food, medical devices or software? There are different requirements depending on the target country as to what product information must be available where and in what form. These include, for example, the compatibility of software and e-books, nutritional values, ingredients, allergens, alcohol content, the type of packaging, quality and organic seals.
  • The double opt-in procedure is often required for both customer registration and outgoing emails.

Often you also have to add certain additional information to the prices on your product pages and in the checkout including:

  • The tax due
  • The delivery time
  • Notes on the shipping costs
  • Information on the basic price and the unit price

In some target markets, certain names are even prescribed for the Buy button. The same applies to invoices, delivery notes, cancellations and return notes, which are usually created directly by WooCommerce within the system. Here, too, there are sometimes mandatory specifications.

Some laws require you to operate your online shop with a secure connection via SSL. This should be a matter of course for a serious portal anyway. It also minimizes your business risk. Google also prefers portals that have an SSL certificate. Included in plans from RAIDBOXES is such a certificate by default.

WooCommerce plugins for Europe

As you can see, the legal requirements for the EU are particularly strict. You'll have to deal with these even if you only deliver to these target markets or your shop is available there. There are two special WooCommerce plugins for the European market that make your webshop as legally compliant as possible with minimal effort: German Market from MarketPress and Germanized from Vendidero.

You can implement the following functions without too much configuration:

  • Legal text templates in which you only need to add your own information, for example your address. You'll receive new versions of the texts via the plugin update and you'll need to exchange these yourself. Alternatively, you can integrate services like Protected Shops. More on that in a moment.
  • At all legally relevant points, necessary additional information such as taxes, delivery times, shipping costs, and the "price per unit" are displayed. The order in the checkout process also complies with legal requirements.
  • The plugins adjust your online shop to the GDPR. This includes, among other things, appropriate checkboxes.
  • Split tax support, for example for shipping costs or fees and automatically. Automatically sequential invoice numbers.
  • Support of double opt-in for customer registration.
  • Age verification for goods with age restrictions such as alcohol or certain media.
  • Mapping of EU VAT and verification of the EU VAT identification number.

The plugins also support payment by SEPA direct debit (direct debit) as well as purchase on account. You can create individually designed PDF invoices, delivery or return notes. These not only look much more professional than WooCommerce's own emails, they are also legally compliant.

Neither plugin can guarantee 100% protection against warnings. They can, however, take a lot of work off your shoulders trying to make your webshop as legally secure as possible. It's essential to still have lawyers specialized in online law carry out a final check of your webshop.

The plugin German Market also includes an automatic basic price calculation and a module for the Food Information Regulation. The latter is particularly important if you have to provide information on nutritional values or calorific values, allergens, ingredients, vitamins, minerals, weight, or other information for your products:

German Market
The module for the Food Information Regulation

The ability to connect to accounting systems such as lexoffice, sevDesk, the 1&1 online accounting system and the Billbee merchandise management system is very useful. Generally speaking, sooner or later you are going to need such systems for handling your finances and processes. An automated connection saves time and reduces the risk of transmission errors.

Service providers for legal certainty

For some European countries and languages, there are services such as Protected Shops, the Händlerbund, or the IT law firm. These services provide continuously updated legal texts to make your shop even more resistant to warnings. The providers also have interfaces to WooCommerce so the legal texts are automatically updated when the law changes. This considerably reduces the time you need to spend on administrative tasks considerably.

Often the texts are available in different languages and for different European countries even if the service providers are located elsewhere, for example the Händlerbund:

Legal information on the Händlerbund portal

Multilingual legal texts are especially helpful if you want to offer your shop internationally. Or if you sell to the EU from other countries.

With some of these providers, you can purchase additional packages including, for example, legal advice or help in case of warnings. This may be an alternative to hiring your own law firm and not only an option for smaller online shops. In this case, you should make sure that you know exactly which services are covered by the service providers. Do they check that the structure of your shop pages complies with the law? Or the legal suitability of WordPress plugins? Large shops often follow a two-track approach here: they purchase a (more cost-effective) service for processes that can be standardized and, for more complex questions, they then commission a law firm specialized in online law.

Conclusion and further tips

There are some good extensions available that make your WooCommerce Shop as legally secure as possible - but no one can offer you 100% protection. You still need to get support from suitable specialist lawyers, especially at the beginning. Only they can estimate which additional measures are necessary for your business model.

We recommend that you include the factor "legal certainty" in the cost calculation for your online shop. Especially if you're unable to implement all the points mentioned yourself. As soon as you include your own working time in this calculation, you should expect a sum in the low five-figure range until the first version of your web shop can go live. Ongoing maintenance is also a challenge. You can find further information in the article cost of WooCommerce.

Get more WooCommerce tips in our 70-page e-book WooCommerce for Professionals: Online shops with WordPress. This book is aimed at freelancers, agencies, WordPress professionals as well as beginners.

Do you have questions about WooCommerce? Please use the comment function below. Do you want to be kept informed about updates to the shop system? Then follow us on Twitter, Facebook , or subscribe to our newsletter.

Picture: Samuel Zeller

Michael takes cake care of the areas of content and mental health at RAIDBOXES. He has been active in the blogger and WordPress community since 2007. Among other things as co-organizer of WordPress events, book author and corporate blog trainer. He loves blogging incredibly, professionally but also privately. Michael works and writes remotely from sunny Freiburg.

Related articles

Comments on this article

Write a comment

Your email address will not be published. Required fields are marked with * .