WooCommerce legally secure

Making WooCommerce legally compliant: Requirements for Germany and Europe

WooCommerce is geared towards the US market. There are numerous legal requirements in the European Union, particularly in Germany and Austria. You must take them into account when planning and during operation - otherwise you could face warnings. We show you the most important requirements and WordPress plugins for your online store.

It is anything but easy to run an online store in the German-speaking market. Whether with WordPress or another system. One wrong move and you run the very real risk of a warning - from competitors, competition associations or authorities. This is especially true if:

  1. the registered office of your online store is in the EU or
  2. If you sell from your store to countries in the EU

In both cases, you cannot run WooCommerce as standard. You have to add the necessary changes yourself or use suitable tools for this. Below you will find some tips on what is required. And we'll introduce you to plugins that take a lot of the work off your hands.

Please note

What the legal requirements actually look like for you depends on numerous factors. For example, your company headquarters, your industry or your customer structure (delivery locations, but also B2C vs B2B stores). The following information is of a general nature. You should therefore always seek advice from a law firm specializing in online law for your use case before you go live with your store.

Legal texts for WooCommerce

The central element for a store that is as legally compliant as possible - because of course there is never 100% certainty - are your legal texts. For example, the legal notice or the general terms and conditions (GTC), the privacy policy, and in some countries also the necessary information on withdrawal/returns and shipping. You need these legal texts on suitable subpages of your online store, sometimes also as information in emails to your customers. They must be easily accessible and confirmed or linked at important points in the ordering process.

What exactly must be stated in the individual legal texts? That depends on numerous specifications. Among other things:

  • What is your legal form, what goods do you sell, do you ship them or are they purely virtual (music, downloads)?
  • Which of your customers' data do you store and process and how (IP addresses, master data, use of cookies and other tracking solutions)?
  • Which external services do you use to process payments or ship your products?
  • Which service providers do you use for accounting, calculating and processing taxes, managing your customers (CRM) or for merchandise management?
  • If you use cloud services to store customer data, in which country is it stored?
  • Which tools do you use to analyze user behavior (Google Analytics, Piwik/Matomo, etc.)?
  • Do you send newsletters and other emails to your customers?
  • Do you use social networks such as Facebook, Twitter, Instagram etc. for your online store and how exactly are they technically integrated?

For most countries and languages, there are now free or inexpensive online services for creating suitable templates. See, for example, the data protection generator by Thomas Schwenke for Germany, or the article Create general terms and conditions from the sevDesk blog. However, with such sample texts you have no guarantee that they are really valid for your purpose. Documents created individually by a law firm may be expensive, but they are generally safer for professional use.

WooCommerce and the GDPR

In the European Union, it is primarily the General Data Protection Regulation (GDPR) that is causing store owners headaches. WooCommerce has created the most important foundations for compliance with the regulation with its own update:

  • Easier creation of data extracts if your customers request them. You are obliged under the GDPR to create such extracts on request.
  • Integrated approval process to verify the authorization of incoming data requests (according to the so-called double opt-in procedure).
  • Function for deleting personal data at the customer's request.
  • The optional anonymization of orders.
  • Definition of deadlines for the retention of certain data in WooCommerce.

Free plugins such as WP GDPR Tools (GDPR) or Borlabs Cookie take on additional tasks, such as the integration of GDPR-compliant information on cookies. You should also have these checked by a lawyer. Special guidelines apply to tracking solutions such as Google Analytics or Facebook Pixel. You can find special instructions for this on specialist magazines and blogs on the subject of online law. For Germany, Austria and Switzerland, I recommend Thomas Schwenke's blog.

In any case, you need an extended privacy policy with the GDPR. Among other things, this contains detailed information on the type of data processing in your company and with connected service providers. If necessary, your customers must consent to data processing by third parties via special checkboxes in the ordering process. These can be, for example, shipping service providers to whom you transmit information about your customers' addresses and orders.

If you work with external companies, you may need so-called order processing contracts. These are special agreements in which your business partners guarantee the data protection-compliant handling of your customer data. In some countries, you must create a data protection concept and appoint a data protection officer. The European Commission has provided an information portal for all of these requirements and the texts are available in several languages:

Information on the GDPR DSGVO
Information from the EU on the GDPR (DSGVO)

Depending on how strict and frequently changing the regulations are in your country, complying with them can quickly overwhelm you - and spoil the fun of your online store. In this case, you should outsource this task - more on this in a moment. Also make sure that your WordPress hosting is GDPR-compliant.

Further requirements for legal certainty

For retailers who deliver certain digital goods to EU countries, special rules on EU VAT or sales tax apply, at least in the B2C area. The amount of tax depends on the customer's place of residence. The regulation applies worldwide, regardless of where the store is based. If you are affected by the regulations, you must ensure uniform end prices in your online store - even with multiple recipient tax rates.

The complex calculation of EU VAT can usually only be solved with additional plugins. Under the keyword "WooCommerce EU VAT" you can find various extensions for this purpose at wordpress.org, more on this in a moment.

Depending on the location of your online store, industry and also for individual target countries of your orders, there may be further requirements. Get good advice on which of these are relevant for you:

  • Taxes for ancillary services, for example shipping costs or additional fees, must be calculated proportionately in Germany and Austria, among other countries. This depends on the goods and tax rates in the shopping cart. This procedure is called split tax.
  • When your visitors add products to the shopping cart, WooCommerce estimates the applicable taxes and shipping costs until the customers enter their address. In some cases, it is mandatory to point this out.
  • If there are tax breaks for small and young companies in your country, these may need to be integrated into WooCommerce (in Germany: "Kleinunternehmerregelung").
  • For products sold by weight, measure or volume, some countries require the price per unit of measure or a basic price to be shown.
  • Do you sell food, medical products or software? Here too, there are different requirements depending on the target country as to what product information must be included where and in what form. For example, information on the compatibility of software and e-books, or on nutritional values, ingredients, allergens, alcohol content, the type of packaging, quality and organic seals, etc. for other goods.
  • In many cases, the double opt-in procedure is required not only for outgoing e-mails, but also for initial customer registration.

You often also have to add certain additional information to the prices on your product pages and in the checkout, including in Germany and Austria. These can be:

  • The tax due
  • The delivery time
  • Notes on shipping costs
  • Information on the basic price and the price per unit

In some target markets, certain designations are even prescribed for the Buy button. The same applies to invoices, delivery bills, cancelations and return bills, which are usually created directly from WooCommerce. Here, too, there are some mandatory requirements.

Some laws require you to operate your online store with a secure connection via SSL. However, this should be a matter of course for a reputable portal anyway. It also minimizes your business risk. Google also prefers portals that have an SSL certificate. Such a certificate is always included in the Raidboxes packages.

WooCommerce plugins for Germany and the EU

As you can already see, the legal requirements in the EU are particularly strict, especially in Germany and Austria. You also have to deal with this if you only deliver to these target markets or your store is available there. There are two special WooCommerce plugins for the German-speaking market that make your online store as legally compliant as possible with little effort: German Market from MarketPress and Germanized from Vendidero.

"*" indicates required fields

I would like to subscribe to the newsletter to be informed about new blog articles, ebooks, features and news about WordPress. I can withdraw my consent at any time. Please note our Privacy Policy.
This field is used for validation and should not be changed.

The extensions implement the following functions, for example, with little configuration effort:

  • Sample legal texts in which you only need to add your own details, such as your address. Updates to the plugin provide you with new versions of the texts, which you have to replace yourself. Alternatively, services such as Protected Shops can be connected, more on this in a moment.
  • Necessary additional information such as taxes, delivery times, shipping costs and the "price per unit" are displayed at all legally relevant points. The layout in the checkout also complies with the legal requirements.
  • The plugins adapt your online store to the GDPR, including with suitable checkboxes.
  • Support for split tax, e.g. for shipping costs or fees charged, as well as automatically sequential invoice numbers.
  • Double opt-in support for customer registration.
  • Age verification for goods that may only be sold from a certain minimum age, such as alcohol or individual media.
  • Mapping of EU VAT and verification of the EU VAT identification number (EU VAT ID).

Payment by SEPA direct debit (direct debit) and purchase on account are also supported by the plugins. You can also create customized PDF invoices, delivery or return bills. These not only look much more professional than WooCommerce's own emails, they are also legally compliant.

Neither solution offers 100% protection against warnings. However, they do take a lot of work off your hands to make your online store as secure as possible. A final check by suitable online lawyers should therefore be carried out in any case.

German Market also comes with an automatic basic price calculation and a module for the Food Information Regulation (FIR). The latter is particularly important if you need to provide information on nutritional values or calorific values, allergens, ingredients, vitamins, minerals, weight or other information for your products:

German Market
The module on the Food Information Regulation

The connection to accounting systems such as lexoffice, sevDesk, 1&1 Online Accounting and the Billbee merchandise management system is also particularly practical. As a rule, sooner or later you will need such systems to handle your finances and processes. An automated connection saves time and reduces the risk of errors during transfer.

Service provider for legal certainty

For some European countries and languages, there are services such as Protected Shops, Händlerbund or IT Recht Kanzlei. These provide continuously updated legal texts, which make your online store even more warning-proof. Particularly practical: the providers have interfaces to WooCommerce so that the legal texts are automatically updated when the law changes. This minimizes your administrative effort considerably.

Some of the texts are available in different languages and for different European countries, even if the services are based in Germany, as is the case here with Händlerbund:

Dealer association
Legal information on the Händlerbund portal

The multilingualism of the legal texts is particularly helpful if you want to offer your store internationally. Or if you sell from other countries into the EU.

With some of these providers, you can book additional packages that include legal advice, for example, or help in the event of warnings. This may be an alternative to hiring your own law firm, and not just for smaller online stores. In this case, however, you should make sure exactly which services are covered by the service providers. For example, do they check the legally compliant structure of your store pages? Or the legal suitability of WordPress plugins? Large stores often take a two-pronged approach here: they book a (more cost-effective) service for standardizable processes and then commission an online-affine law firm for more in-depth questions.

Conclusion and help

There are now good extensions that make your WooCommerce store as legally compliant as possible - no one can offer you 100% protection. Nevertheless, you should get help from suitable specialist lawyers, especially at the beginning. Only they can assess which additional measures are necessary for your business model.

We recommend that you include the "legal certainty" factor in the cost calculation for your online store. Especially if you can't implement all the points mentioned yourself. As soon as you factor in your own working hours, a sum in the low five-digit range will quickly become due before the first version of your online store can go live. And the ongoing maintenance is also quite expensive. You can find more information on this in the article Costs of WooCommerce.

You can find more tips on WooCommerce in our 70+ page e-book WooCommerce for professionals: Online stores with WordPress. It is aimed at freelancers, agencies, WP professionals and beginners.

Featured image: Samuel Zeller

Did you like the article?

With your rating you help us to improve our content even further.

Write a comment

Your e-mail address will not be published. Required fields are marked with *