eCommerce

What you must show at checkout — legal requirements for online stores

4 min read ·26 April 2026 ·By Trust Center

The checkout page is where legal requirements are most frequently enforced against online stores. Consumer protection regulators focus on this moment because it's where customers make financial commitments. Here is what you must show.

EU — Consumer Rights Directive

Before a customer clicks "Buy" or "Pay now", EU law requires you to clearly display:

  • Total price including VAT and all fees
  • Any additional charges (delivery, taxes) not included in the product price
  • Identity and address of the trader
  • Main characteristics of the goods or services
  • Minimum duration of the contract (for subscriptions)
  • Right to cancel (14-day cooling-off period) and the conditions
  • A clear statement that placing the order creates a payment obligation ("Order with obligation to pay")

If the final confirmation button doesn't make clear that the customer is placing a paid order, the customer is not bound by the contract.

UK — Consumer Contracts Regulations

UK requirements mirror the EU Consumer Rights Directive. The confirmation button must explicitly state that the order involves a payment obligation. You must also confirm the order by email and include all the pre-contract information in that confirmation.

USA — FTC rules

The FTC's guidelines require that negative option and subscription terms (recurring charges) are clearly disclosed before billing. If you offer a free trial that converts to a paid subscription, the terms of the conversion must be prominently displayed at signup — not buried in terms and conditions.

Subscription and recurring payments

In all major markets, subscription businesses face heightened requirements. You must clearly disclose the recurring charge, the billing frequency, how to cancel, and any trial-to-paid conversion terms. Dark patterns — like making the cancel button hard to find — are increasingly subject to enforcement action.

Trust signals that support compliance

Beyond legal minimums, showing your privacy policy link, security badges, and a link to your full terms at checkout builds trust and reduces disputes. Customers who can find this information easily are less likely to raise chargebacks or complaints.

Order confirmation emails

Your order confirmation email is part of your legal compliance — it's the record of the contract. It must include: what was ordered, the price paid, delivery information, your contact details, and information about the right to cancel. Archive these emails and make sure your email system is reliable.

Ready to simplify your compliance?

Trust Center manages your privacy policies, cookie consent, and DSARs — one platform, all your brands, always up to date.

Get early access →

Related articles

eCommerce

GDPR compliance for online shops — a practical guide for SMBs

If you sell to EU or UK customers, GDPR applies to your online store regardless of where you are based. Here is what you need to do.

5 min read · 26 April 2026
eCommerce

Legal requirements for online stores — what every eCommerce site needs

Selling online means meeting legal requirements that go beyond a standard website. Here is what your online store must have to comply across the US, UK, EU, Canada, and Australia.

6 min read · 26 April 2026