Legal Requirements For An Online Business Australia (2026 Updated)

Running an online business can feel refreshingly simple: build a website, list your products or services, start marketing, and you’re open for sales.

But the legal side isn’t quite that “set and forget”. If you’re selling to customers in Australia (or you’re planning to base your online business there), you’ll want to make sure your legal foundations are solid from day one - especially around consumer law, privacy, marketing, and payments.

This guide has been updated to reflect current expectations and common compliance pitfalls we’re seeing right now, so you can launch (and grow) with confidence.

Quick note: This article is general information only. The “right” set-up depends on what you sell, where you’re based, and how you operate (for example, whether you’re dropshipping, running a subscription platform, or collecting sensitive customer data). If you’re unsure, it’s worth getting tailored advice before you go live.

What Counts As An “Online Business” In Australia?

In practice, an “online business” is any business that supplies goods or services through the internet. That can include:

• an ecommerce store selling physical products (including via Shopify, WooCommerce, Amazon, eBay, Etsy, or a custom site)
• a digital product business (courses, templates, software downloads, memberships)
• a service business that finds clients online (consulting, design, coaching, trades bookings)
• a platform or marketplace that connects buyers and sellers
• a subscription or SaaS business
• a social media business selling via Instagram/TikTok/DMs

The important part is this: if you’re dealing with Australian customers, Australian law can apply - even if you’re not physically located in Australia.

That’s why it’s smart to treat legal compliance as part of your go-to-market plan, not something you tack on later.

Do I Need To Register My Online Business In Australia?

Most online businesses will need some form of registration, but what you need depends on your structure and where you’re operating from.

1) Choose Your Business Structure

Common options include:

• Sole trader (simple and low-cost, but you’re personally liable for most business debts and risks)
• Partnership (two or more people running the business together, with shared responsibilities and risks)
• Company (a separate legal entity; can offer limited liability and is often easier to scale and bring in investors)

If you’re planning to grow, hire, raise investment, or bring on co-founders, a company structure is often worth considering early. For many founders, getting the structure right upfront saves major headaches later.

When you’re setting up a company and internal rules, it’s common to put the basics in a Company Constitution so decision-making and governance are clear from the start.

2) Business Name Registration And Branding Checks

If you trade under a name that isn’t your own personal name (for sole traders) or your company’s legal name, you may need to register a business name in Australia.

Also, don’t skip the brand due diligence. Before you commit to a name, you’ll want to check:

• business name availability
• domain availability
• social handle availability
• trade mark conflicts (this is a big one)

A business name registration doesn’t give you ownership rights in the same way a trade mark does. If your brand matters (and for most online businesses, it really does), protecting it early can be one of the smartest investments you make. Many businesses start by filing to register your trade mark before scaling paid ads and influencer campaigns.

3) Tax Registration (GST, ABN, Etc.)

Tax obligations can get complicated quickly with online businesses, especially if you sell cross-border, offer digital services, or use overseas suppliers.

In Australia, you may need to register for:

• ABN (Australian Business Number)
• GST (Goods and Services Tax) if you meet relevant thresholds or requirements
• PAYG withholding if you employ staff

Because tax treatment varies depending on what you sell and where your customers are, it’s worth speaking with an accountant who understands ecommerce and cross-border sales.

What Laws Do Online Businesses In Australia Need To Follow?

There isn’t one single “online business law” in Australia. Instead, your compliance obligations come from several key legal areas.

Australian Consumer Law (ACL): Refunds, Returns, And Product Claims

If you sell to consumers in Australia, Australian Consumer Law (under the Competition and Consumer Act 2010 (Cth)) is one of the biggest legal frameworks you need to understand.

ACL is relevant to online businesses because it covers things like:

• consumer guarantees (products must be of acceptable quality, match description, be fit for purpose, etc.)
• refunds/returns rules (you generally can’t contract out of consumer guarantees)
• misleading or deceptive conduct (including what you say in ads, product pages, influencer posts, testimonials, and pricing displays)
• unfair contract terms (particularly important if you use standard-form terms with consumers)

In practical terms, you should be careful with statements like “no refunds”, “results guaranteed”, “cures anxiety”, “approved by…”, “limited stock” (when it isn’t), or inflated before/after pricing. These can create legal risk fast, especially when you scale ads.

Privacy And Data Protection: Customer Info, Emails, And Tracking

Online businesses almost always collect personal information - even if it’s “just” names, emails, delivery addresses, IP addresses, or payment-related details.

In Australia, privacy obligations commonly come under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), depending on the size of your business and the type of information you handle.

Even where you’re not strictly required to comply, having proper privacy practices is still a good idea because it:

• builds trust (customers care about data use)
• reduces complaints and chargebacks
• helps you work with payment providers, platforms, and partners
• puts you in a stronger position if there’s a data incident

If your website collects personal information, it’s normal to publish a Privacy Policy explaining what you collect, why you collect it, who you share it with (like couriers, payment processors, CRMs), and how users can access or correct their information.

If you use analytics, pixels, or behavioural advertising, you may also need a Cookie Policy so users understand what tracking is happening and what choices they have.

Spam And Marketing Rules: Email, SMS, And DMs

If you do email marketing (welcome sequences, newsletters, cart abandonment emails) or SMS marketing, Australia’s Spam Act 2003 (Cth) is a key compliance area.

While the details depend on the message and the relationship with the customer, a good compliance baseline is:

• only send marketing messages with consent (express or inferred, depending on the context)
• clearly identify your business in the message
• include a functional unsubscribe option
• honour opt-outs promptly

If your marketing involves affiliates or influencers, you should also set clear rules about what claims can and can’t be made, how discount codes are promoted, and how disclosures are handled.

Online Trading Disclosures: Pricing, Subscriptions, And Checkout Transparency

Online customers can’t “inspect” your product in person, so regulators expect your website to be clear and accurate.

At a minimum, your website should clearly disclose:

• total price (including mandatory fees)
• shipping costs and delivery expectations
• refund/returns approach (while still respecting ACL)
• subscription renewal terms (if you run a membership or recurring billing)
• how customers can contact you

This is also where well-drafted website legal terms become more than a box-ticking exercise - they help prevent disputes and reduce the risk of chargebacks. Many online businesses use tailored Website Terms and Conditions to set clear rules around ordering, cancellations, acceptable use, and liability allocation.

What Legal Documents Should An Australian Online Business Have?

Legal documents are where your “good intentions” become enforceable rules.

If you’re serious about building a stable online business, you’ll usually want a core set of documents that match how you actually operate (not a generic template that doesn’t fit your checkout flow, products, or risk profile).

Customer-Facing Legal Documents

• Privacy Policy (especially if you collect customer data, use email marketing tools, or run tracking/ads)
• Website Terms and Conditions (covering orders, customer conduct, liability, IP ownership, and dispute management)
• Returns/Refunds Policy (aligned with Australian Consumer Law)
• Shipping Policy (delivery timeframes, address issues, lost parcels, international shipping)
• Subscription terms (if you offer memberships, software subscriptions, or recurring billing)

If you sell products online, you’ll often want purpose-built ecommerce terms - particularly if you have account logins, store credit, gift cards, pre-orders, or time-limited promotions. A tailored set of E-Commerce Terms and Conditions can help cover those ecommerce-specific issues in a way general website terms sometimes don’t.

Behind-The-Scenes Legal Documents (That Protect Your Operations)

As soon as you start working with others - developers, designers, marketers, fulfilment providers, customer support, or virtual assistants - you should think about contracts that clarify scope, ownership, and confidentiality.

• Contractor agreements (so you’re clear on deliverables, payment, deadlines, and IP ownership)
• Employment agreements (if you hire staff)
• Supplier agreements (manufacturers, wholesalers, white-label suppliers)
• Distribution/fulfilment agreements (warehousing, 3PL providers)
• Influencer or affiliate agreements (so promotions are compliant and on-brand)

For example, if a freelance developer builds your online store, you’ll want to be confident you actually own what you’ve paid for (or at least have the right licence to use it). That’s exactly the kind of thing a proper Contractor Agreement helps lock in.

And if you’re bringing on staff to handle customer service, marketing, fulfilment, or operations, a clear Employment Contract is a key part of staying compliant and protecting your business day to day.

Do I Need Anything Else For A Compliant Online Store (Payments, Security, And Platform Rules)?

For many online businesses, the biggest risks don’t come from a single dramatic lawsuit - they come from operational gaps that trigger customer disputes, platform bans, or regulatory complaints.

Here are a few areas you shouldn’t ignore.

Payments, Chargebacks, And Card Surcharges

If you take card payments, buy-now-pay-later, Apple Pay, PayPal, or other online payment methods, you’ll be dealing with:

• payment provider terms (Stripe, PayPal, Shopify Payments, etc.)
• chargeback processes (and what evidence you need to win a dispute)
• refund handling and timing expectations

You’ll also want to be careful about how you describe payment timing (especially for pre-orders, custom goods, and backorders) so customers aren’t surprised.

Cybersecurity And Data Handling (Practical Compliance)

Legal compliance and good security go hand in hand. If you collect personal information, you should take reasonable steps to protect it, such as:

• using secure checkout and reputable plugins
• restricting admin access (and using strong passwords + MFA)
• limiting staff access to only what they need
• training your team on phishing and common scams
• having a plan for responding to a data incident

Even a small online business can be targeted by scams. Having good practices upfront is much easier (and cheaper) than cleaning up a breach later.

Platform Terms (Shopify, Meta, Google, Marketplaces)

Most online businesses rely on platforms - and platforms have rules. Even if you’re legally compliant, you can still run into trouble if you breach:

• Meta ad policies (especially for health, skincare, finance, or “results-based” marketing)
• Google merchant rules (particularly around pricing and restricted products)
• marketplace rules (Amazon/eBay/Etsy product claims, returns handling, IP complaints)

A good approach is to align your marketing claims, product descriptions, and refund approach across:

• your website terms and policies
• your ad copy and creatives
• your email and SMS messaging
• your customer support scripts

Consistency reduces disputes and makes it easier to prove what customers agreed to.

Key Takeaways

• Australian online businesses (and businesses selling into Australia) often need to comply with a mix of registrations, consumer law, privacy rules, and marketing restrictions.
• Australian Consumer Law is a major compliance area for ecommerce, especially around refunds, product claims, and misleading or deceptive conduct in ads and product pages.
• If you collect customer information, it’s smart to have a clear Privacy Policy and practical security processes in place, even if you’re a small operator.
• Spam and direct marketing rules matter for email and SMS campaigns - you should build consent and unsubscribe processes into your marketing systems from the start.
• Strong legal documents like Website Terms and Conditions, ecommerce terms, and contractor/employment agreements help prevent disputes and protect your operations as you scale.
• If you’re unsure which legal requirements apply to your exact business model (subscriptions, cross-border sales, health claims, marketplaces), getting tailored advice early can save you time and money later.

If you’d like help getting your online business legally set up (or reviewing your website terms, privacy compliance, or contracts), you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.