WooCommerce legally secure

Make WooCommerce Legally Secure: Requirements for Europe

WooCommerce is geared towards the US market. There are numerous legal requirements in the European Union, particularly in Germany and Austria. You must take them into account when planning and during operation - otherwise you could face warnings. We show you the most important requirements and WordPress plugins for your online store.

It's not easy operating a web shop, regardless of whether you're using WordPress or any other system. One wrong setting and you face the quite realistic danger of a warning from competitors, competition associations, or authorities. This applies especially in either of the two following scenarios:

  1. The registered office for your online shop is in the EU
  2. If you sell from your shop to EU countries

In both cases, you cannot run WooCommerce in thestandard way. You will have to make the necessary changes yourself, or use appropriate tools to do so. Below you will find some hints on what is required. And we introduce you to Plugins , which will save you a lot of work.


What the legal requirements actually look like for you depends on numerous factors. For example, your company headquarters, your industry or your customer structure (delivery locations, but also B2C vs B2B stores). The following information is of a general nature. You should therefore always seek advice from a law firm specializing in online law for your use case before you go live with your store.

Legal texts for WooCommerce

The central element for a shop that is as legally secure as possible - because there is, of course, never 100 percent security - is your legal texts. For example, the imprint or the general terms and conditions (GTC), the privacy policy, and in some countries also the necessary information on revocation/return and shipping. You need these legal texts on suitable sub-pages of your online shop, and sometimes also as information in the e-mails to your customers. They must be easily accessible and confirmed or linked at important points in the order process.

What exactly needs to be mentioned in the individual legal texts? Again, this depends on various legal requirements. Here is just a small selection:

  • What is your legal form, which goods do you sell, do you ship them or are they purely virtual (e.g. music, downloads)?
  • Which of your customers' data do you store and process and how (IP addresses, master data, use of cookies and other tracking solutions)?
  • Which external services do you use to process payments or ship your products?
  • Which service providers do you use for accounting, calculating and processing taxes, managing your customers (CRM), or inventory management?
  • If you use cloud services to store customer data, in which country is it stored?
  • Which tools do you use to analyze user behavior? (e.g. Google Analytics, Piwik/Matomo, etc.)
  • Do you send newsletters and other emails to your customers?
  • Do you use social networks such as Facebook, Twitter, Instagram etc. for your online shop and how exactly are these technically integrated?

For most countries and languages, there are now free or inexpensive online services for creating suitable templates. See, for example, the data protection generator by Thomas Schwenke for Germany, or the article Create general terms and conditions from the sevDesk blog. However, with such sample texts you have no guarantee that they are really valid for your purpose. Documents created individually by a law firm may be expensive, but they are generally safer for professional use.

WooCommerce and the GDPR

In the European Union, it is primarily the General Data Protection Regulation (GDPR) that is causing store owners headaches. WooCommerce has created the most important basics for compliance with the regulation with its own update:

  • Easier creation of data extracts if your customers request them. Within the scope of the GDPR you are required to create such reports on demand.
  • Integrated approval process to verify the authorization of incoming data requests (according to the so-called double opt-in procedure).
  • Function to delete personal data on customer request.
  • The optional anonymization of orders.
  • Ability to set time limits for the retention of certain data in WooCommerce.

Free plugins such as WP GDPR Tools (GDPR) or Borlabs Cookie take on additional tasks, such as the integration of GDPR-compliant information on cookies. You should also have these checked by a lawyer. Special guidelines apply to tracking solutions such as Google Analytics or Facebook Pixel. You can find special instructions for this on specialist magazines and blogs on the subject of online law. For Germany, Austria and Switzerland, I recommend Thomas Schwenke's blog.

In any case, you will need an extended privacy policy with GDPR . This contains, among other things, detailed information on the type of data processing in your company and with connected service providers. If necessary, your customers must consent to data processing by third parties via special checkboxes in the ordering process. These can be, for example, shipping service providers to whom you transmit information about your customers' addresses and orders.

If you work with external companies, you may need so-called order processing contracts. These are special agreements with which your business partners guarantee that your customer data will be handled in accordance with data protection regulations. In some countries you have to create a data protection concept and appoint data protection officers. The European Commission has provided an information portal for all these requirements, the texts are available in several languages:

Information on the GDPR GDPR
EU information on GDPR

Depending on how strict and how frequently changing the regulations are in your country, compliance can quickly become too much for you - and it ruins the joy of your online shop. In that case, you should outsource this task, more on that in a moment. Also make sure that your WordPress hosting is GDPR compliant.

Further requirements for legal certainty

For retailers who deliver certain digital goods to EU countries, special rules on EU VAT or sales tax apply, at least in the B2C area. The amount of tax depends on the customer's place of residence. The regulation applies worldwide, regardless of where the store is based. If you are affected by the regulations, you must ensure uniform end prices in your online store - even with multiple recipient tax rates.

The complex calculation of the EU VAT can usually only be solved with additional plugins. Under the keyword "WooCommerce EU VAT" you can find different extensions for this purpose at wordpress.org, more about this in a moment.

There may be further specifications depending on the location of your online shop, industry or individual target countries of your orders. Make sure you consult an expert on which of these are relevant for you:

  • Taxes for additional services, for example shipping costs or additional fees, often need to be calculated proportionately. This procedure is called split tax and depends on the goods and tax rates in the shopping cart.
  • When your visitors add products to their shopping cart, WooCommerce estimates the tax and shipping costs until the customer provides their address. Sometimes you are required to make this fact explicit.
  • If there are tax breaks for small and young companies in your country, they may have to be integrated into WooCommerce (in Germany: "Kleinunternehmerregelung").
  • For products sold by weight, measure or volume, some countries require the display of the price per unit of measure or a basic price.
  • Do you distribute food, medical devices or software? There are different requirements depending on the target country as to what product information must be available where and in what form. These include, for example, the compatibility of software and e-books, nutritional values, ingredients, allergens, alcohol content, the type of packaging, quality and organic seals.
  • In many cases, the double opt-in procedure is required not only for outgoing e-mails, but also for initial customer registration.

Often you also have to add certain additional information to the prices on your product pages and in the checkout including:

  • The tax due
  • The delivery time
  • Notes on shipping costs
  • Information on the basic price and the price per unit

In some target markets, certain designations are even prescribed for the Buy button. The same applies to invoices, delivery bills, cancelations and return bills, which are usually created directly from WooCommerce . Here, too, there are some mandatory requirements.

Some laws oblige you to operate your online shop with a secure connection via SSL. However, this should be a matter of course for a serious portal anyway. It also minimises your business risk. Google also prefers portals that have an SSL certificate. Such a certificate is always included in the packages from Raidboxes.

WooCommerce plugins for Europe

As you can already see, the legal requirements in the EU are particularly strict, especially in Germany and Austria. You also have to deal with this if you only deliver to these target markets or your shop is available there. For the German-speaking market there are two special WooCommerce Plugins , which make your webshop as legally compliant as possible with little effort: German Market from MarketPress and Germanized from Vendidero.

"*" indicates required fields

I would like to subscribe to the newsletter to be informed about new blog articles, ebooks, features and news about WordPress. I can withdraw my consent at any time. Please note our Privacy Policy.
This field is for validation and should not be changed.

You can implement the following functions without too much configuration:

  • Sample legal texts in which you only need to add your own details, such as your address. Updates to the plugin provide you with new versions of the texts, which you have to replace yourself. Alternatively, services such as Protected Shops can be connected, more on this in a moment.
  • In all legally relevant places, necessary additional information such as taxes, delivery times, shipping costs, and the "price per unit" are displayed. The layout in the checkout also complies with the legal requirements.
  • The plugins adjust your online shop to the GDPR. This includes, among other things, appropriate checkboxes.
  • Split tax support, for example for shipping costs or fees and automatically. Automatically sequential invoice numbers.
  • Double opt-in support for customer registration.
  • Age verification for goods with age restrictions such as alcohol or certain media.
  • Mapping of EU VAT and verification of the EU VAT identification number (EU VAT ID).

The plugins also support payment by SEPA direct debit (direct debit) and purchase on account. You can also create customized PDF invoices, delivery or return bills. Not only do these look much more professional than WooCommerce's own emails, they are also legally compliant.

Neither solution offers 100% protection against warnings. However, they do take a lot of work off your hands to make your online store as secure as possible. A final check by suitable online lawyers should therefore be carried out in any case.

The plugin German Market also includes an automatic basic price calculation and a module for the Food Information Regulation. The latter is particularly important if you have to provide information on nutritional values or calorific values, allergens, ingredients, vitamins, minerals, weight, or other information for your products:

German Market
The module on the Food Information Regulation

The connection to accounting systems such as lexoffice, sevDesk, 1&1 Online Accounting and the Billbee merchandise management system is also particularly practical. As a rule, sooner or later you will need such systems to handle your finances and processes. An automated connection saves time and reduces the risk of errors during transfer.

Service providers for legal certainty

For some European countries and languages, there are services such as Protected Shops, Händlerbund or IT Recht Kanzlei. These provide continuously updated legal texts, which make your online store even more warning-proof. Particularly practical: the providers have interfaces to WooCommerce so that the legal texts are automatically updated when the law changes. This minimizes your administrative effort considerably.

The texts are partly available in different languages and for different European states, even if the services are based in Germany, like here the Händlerbund:

Legal information on the Händlerbund portal

Multilingual legal texts are especially helpful if you want to offer your shop internationally. Or if you sell to the EU from other countries.

With some of these providers, you can book additional packages that include legal advice, for example, or help in the event of warnings. This may be an alternative to hiring your own law firm, and not just for smaller online stores. In this case, however, you should make sure exactly which services are covered by the service providers. For example, do they check the legally compliant structure of your store pages? Or the legal suitability of WordPress plugins? Large stores often take a two-pronged approach here: they book a (more cost-effective) service for standardizable processes and then commission a law firm with an online affinity for more in-depth questions.

Conclusion and further tips

There are now good extensions that make your WooCommerce store as legally compliant as possible - no one can offer you 100% protection. Nevertheless, you should get help from suitable specialist lawyers, especially at the beginning. Only they can assess which additional measures are necessary for your business model.

We recommend that you include the "legal security" factor in the cost calculation for your online store. Especially if you can't implement all of the above points yourself. As soon as you include your own working time, a sum in the low five-digit range quickly becomes due until the first version of your webshop can go live. And also the ongoing maintenance is quite expensive. You can find more information about this in the article Costs of WooCommerce.

You can find more tips on WooCommerce in our 70+ page e-book WooCommerce for professionals: Online stores with WordPress. It is aimed at freelancers, agencies, WP professionals and beginners.

Contributing photo: Samuel Zeller

Did you like the article?

Your rating helps us improve our future content.

Post a comment

Your email address will not be published. Required fields are marked with *.