Running an ecommerce business can feel like the best of both worlds: you get the reach of the internet, the flexibility of digital tools, and the ability to scale without needing a physical storefront.
But it also comes with a unique legal “to-do list” - because you’re selling to customers you may never meet, collecting personal data, relying on third-party platforms, and often shipping products across New Zealand (or globally).
This guide is updated to reflect the current focus areas for online businesses in NZ, including consumer law expectations, privacy compliance, and the practical legal documents ecommerce brands rely on every day.
If you get your legal foundations right from day one, you’ll be in a much stronger position to grow confidently, build trust with customers, and avoid avoidable disputes.
What Counts As An Ecommerce Business (And Why The Legal Side Is Different)?
An ecommerce business is any business that sells products or services online - whether through your own website, a marketplace, social media, or a mix of all three.
Common ecommerce models include:
- Direct-to-consumer (DTC): you sell your own branded products via your website or social channels.
- Marketplace selling: you sell through platforms (like Trade Me, Etsy, Amazon, or niche marketplaces).
- Dropshipping: you take customer orders, but a supplier fulfils and ships the product.
- Subscription ecommerce: customers pay recurring fees for product deliveries.
- Digital goods/services: online courses, downloads, memberships, software, or digital content.
The legal side is different because ecommerce businesses often involve:
- Distance sales (customers don’t inspect goods before purchase)
- Higher reliance on marketing claims and product descriptions
- Payment processing and chargebacks
- Shipping, delivery disputes, and address errors
- Handling personal information (names, addresses, payment details, behavioural data)
- Third-party platforms and tech providers (Shopify, payment gateways, couriers, email marketing tools)
The goal isn’t to “lawyer everything to death”. It’s to build a practical, compliant setup so you’re protected when something goes wrong - because sooner or later, something usually does.
How Should I Structure My Ecommerce Business In NZ?
Before you worry about checkout flows and ad campaigns, it’s worth taking a step back and choosing a business structure that fits how you’re operating now and how you want to grow.
In New Zealand, the most common structures for ecommerce founders are:
Sole Trader
This is the simplest option: you operate the business in your own name (or under a trading name).
- Pros: easy and inexpensive to start, minimal admin.
- Cons: you are personally liable for business debts and legal claims (there’s no separation between you and the business).
Company
A company is a separate legal entity, which is often a better fit once you’re taking on more stock risk, spending more on ads, hiring staff, or planning to bring on investors.
- Pros: can limit personal liability, looks more established, can make ownership and growth easier to manage.
- Cons: setup and ongoing compliance are more involved.
If you set up a company, it’s common to put in place a Company Constitution early, especially if you’ll have more than one owner or want clear rules for shares and decision-making.
Partnership (Or “We’re Just Doing It Together”)
If you’re going into ecommerce with a co-founder, spouse, or friend, it’s tempting to split tasks and profits informally. That can work - until it doesn’t.
A written Partnership Agreement helps clarify what happens if someone wants to leave, if you reinvest profits, or if you disagree on direction (which is very common in fast-moving ecommerce).
Tip: If you’re not sure which structure fits, it’s worth getting tailored advice early. Changing structures later can create tax, contract, and admin headaches - especially if your store already has customers, supplier deals, and staff.
What Laws Do Ecommerce Businesses Need To Follow In New Zealand?
Ecommerce founders often assume “online” means fewer rules. In reality, online selling tends to attract more scrutiny because customers rely heavily on what you say on your website and ads.
Here are the key legal areas that most NZ ecommerce businesses need to get right.
Consumer Law: Fair Trading Act 1986 And Consumer Guarantees Act 1993
If you sell to consumers (not just B2B), you’ll usually need to comply with:
- Fair Trading Act 1986 (FTA): you can’t mislead customers. This covers advertising claims, pricing, “before/after” statements, endorsements, and product descriptions.
- Consumer Guarantees Act 1993 (CGA): products must be of acceptable quality, match their description, and be fit for purpose.
In practical terms, this means you should be careful about:
- “Natural”, “eco-friendly”, “NZ made”, “clinically proven”, “won’t break” type claims (only make claims you can back up)
- Photos that don’t match what customers will actually receive
- “Sale” pricing that isn’t genuine
- Refund and returns processes (including what you do with faulty items)
A lot of ecommerce disputes start with expectations. Clear product pages, accurate images, and straightforward policies can prevent most problems before they hit your inbox.
Privacy Law: Privacy Act 2020
If your store collects personal information - like names, emails, phone numbers, addresses, order history, or even IP addresses via analytics - you have privacy obligations.
Under the Privacy Act 2020, you should take reasonable steps to:
- only collect what you actually need
- store it securely (including managing staff access and passwords)
- tell customers what you’re collecting and why
- respond appropriately if a customer requests access to their information
- manage third-party providers you share data with (like couriers, CRMs, email tools)
For most ecommerce stores, having a clear Privacy Policy is a key part of building trust and showing you’re taking compliance seriously.
Spam Rules And Email Marketing
Email marketing is a major growth channel for ecommerce, but you still need to follow the rules around electronic messages. Practically, that means:
- only emailing people who have consented (or where another lawful basis applies)
- being clear about who you are
- including an unsubscribe option
This matters not just legally - it also impacts deliverability and brand reputation.
Product Safety, Labelling, And Industry-Specific Rules
Depending on what you sell, extra rules may apply. For example:
- Cosmetics: ingredient labelling and claims
- Food: safety, handling, and labelling requirements
- Children’s products: product safety expectations
- Supplements: careful marketing claims and relevant standards
If you’re importing goods, your obligations don’t disappear just because the manufacturer is overseas - customers will still look to you if something goes wrong.
Tip: When in doubt, focus on two questions: “Is what I’m saying about the product accurate?” and “Is the product safe and compliant for sale in NZ?”
What Legal Documents Should An Ecommerce Business Have?
Think of ecommerce legal documents as your “store rules” - but in a form that helps you manage risk, set expectations, and protect your brand.
These are the key documents most ecommerce businesses should consider.
Website Terms And Conditions
Your website terms (sometimes called “terms of use” or “terms and conditions”) can cover things like:
- ordering process and contract formation (when an order is accepted)
- payment and pricing errors
- delivery timeframes and risks (e.g. lost parcels)
- returns processes and exclusions (where permitted)
- product availability and backorders
- limitations of liability (to the extent the law allows)
- intellectual property ownership of your content and brand assets
If you’re running your store through a platform, you still benefit from having your own terms, because platform terms usually protect the platform - not you.
Many ecommerce brands start with Website Terms and Conditions tailored to how they actually sell (physical goods, digital products, subscriptions, pre-orders, etc.).
Shipping And Returns Policies (That Match How You Operate)
From a customer experience perspective, your shipping and returns policies should be easy to find and easy to understand.
From a legal and risk perspective, they should also match how you actually handle:
- delivery delays (including courier delays)
- incorrect addresses entered by customers
- “change of mind” returns (if you offer them)
- faulty items and remedies under the CGA
- international shipping and duties (if relevant)
One of the fastest ways to lose trust (and trigger complaints) is when your marketing says one thing but your policies or checkout experience say another.
Supplier, Manufacturing, Or Distribution Agreements
Your ecommerce business usually lives or dies on supply chain reliability.
If you work with a manufacturer or supplier - especially overseas - having the right agreement in place can help manage:
- product specifications and quality requirements
- lead times, minimum order quantities, and delivery terms
- who owns tooling, moulds, or product designs
- what happens if stock is delayed, defective, or non-compliant
- pricing changes and payment terms
If you’re scaling, it’s also common to put distribution arrangements in place, and a Distribution Agreement can be a helpful way to set clear territory and reseller rules.
Brand Protection And IP (Trade Marks, Content, Product Names)
Ecommerce is built on brand - your name, logo, packaging, and the trust you build with customers. That’s why intellectual property protection is a practical business step, not just a legal one.
Many ecommerce founders start with a trade mark search and then register their brand. If you want to protect a key brand name or logo, Trade Mark registration can help you stop copycats and reduce the risk of rebranding later.
This becomes even more important if you’re investing in:
- influencer marketing and brand collaborations
- custom packaging and product design
- SEO and long-term content
- international expansion
Employment Contracts (If You Hire Staff Or Contractors)
As soon as you start hiring - even if it’s “just a casual warehouse helper” or “someone doing customer service a few hours a week” - you should get your employment setup right.
Having a proper Employment Contract can help you clearly define duties, pay, confidentiality, and termination processes.
If you’re using contractors (for example, a freelance marketer or developer), make sure you’re clear on:
- deliverables and timelines
- ownership of created content (like product photos, videos, website code)
- confidentiality and customer data access
Tip: One common ecommerce mistake is treating someone like a contractor when they function like an employee. Misclassification can create legal and tax risk, so it’s worth checking early.
How Do I Manage Common Ecommerce Risks Day-To-Day?
Once your store is live, the legal side becomes less about “setup” and more about good habits and systems. Here are the risk areas we see come up most often for ecommerce businesses - and how you can manage them.
1. Marketing Claims That Get You Into Trouble
Most ecommerce founders aren’t trying to mislead anyone. The issue is that marketing moves fast, and claims can get exaggerated over time (especially in ads, influencer content, and short-form videos).
To reduce risk:
- Keep evidence for claims you make (lab reports, supplier certifications, test results).
- Avoid absolute promises (“guaranteed results”, “works every time”) unless you can truly stand behind them.
- Make sure discounting and “limited time” offers are genuine.
- Be careful with “New Zealand made” type statements - these are high-trust claims.
2. Refunds, Returns, And Chargebacks
Returns are part of ecommerce. The goal is to handle them consistently, fairly, and in a way that aligns with NZ consumer law.
Practical steps include:
- Train staff (or yourself) on the difference between “change of mind” returns and faulty goods rights.
- Document returns decisions so you apply your policy consistently.
- Use clear product descriptions, sizing guides, and FAQs to reduce return rates.
- Have processes for investigating suspected fraud, while still being fair to genuine customers.
If you rely heavily on card payments, chargebacks can be a real cost. Having clear order confirmations, shipping confirmations, tracking, and customer service records can help you respond to disputes.
3. Customer Data And Account Security
Ecommerce businesses are attractive targets for cyber incidents because they hold valuable personal information and account logins.
“Reasonable steps” for data security often includes:
- strong password policies and multi-factor authentication
- limited staff access to customer data
- secure handling of exports and spreadsheets
- vetting apps and integrations (not every plugin is worth the risk)
- a plan for what you’ll do if you suspect a data breach
Customers are also more privacy-aware than ever. Being transparent and careful with data isn’t just compliance - it’s a competitive advantage.
If you sell via a marketplace or rely heavily on one ad platform, your revenue can be impacted quickly by:
- account suspensions
- policy changes
- increases in fees
- algorithm shifts
You can’t fully avoid this risk, but you can manage it by:
- diversifying channels (email list, organic search, multiple platforms)
- owning your customer relationships where possible
- keeping copies of key business records and customer communications
- reading the key parts of platform policies that affect fulfilment and advertising
5. Scaling: New Staff, Bigger Orders, And More Complexity
Imagine your store goes viral and your monthly orders triple. It’s exciting - but it also puts pressure on your:
- supplier relationships
- customer service process
- returns handling
- cashflow and inventory planning
This is where strong legal foundations stop being “nice to have” and start being essential. Clear terms, clear supplier contracts, and a compliant privacy setup can help you scale without losing control.
Key Takeaways
- Running an ecommerce business in NZ means managing consumer expectations, advertising claims, and privacy obligations - not just building a great website.
- Choosing the right structure (sole trader, partnership, or company) early can save you time and headaches later, especially as you grow.
- Most ecommerce businesses need to comply with the Fair Trading Act 1986 and the Consumer Guarantees Act 1993, particularly around product descriptions, refunds, and misleading marketing.
- If you collect customer data (even just names and addresses), you should take privacy compliance seriously and have a clear Privacy Policy aligned with the Privacy Act 2020.
- Strong ecommerce legal documents - like Website Terms and Conditions, supplier agreements, and employment contracts - help protect your business from day one and make disputes easier to manage.
- Brand protection matters in ecommerce, and trade mark registration can be a practical step to reduce copycat risk and protect your long-term marketing investment.
If you’d like help setting up or reviewing the legal side of your ecommerce business, you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.
