Legal requirements and compliances to open an E-Commerce Platform in India

Setting up a business in the Ecommerce field can be exceedingly favourable if done the right way. But before starting off one needs to make sure that all the legal compliances are met for the Ecommerce platform to function without any later disruption later on.

Business Law | Comments (0)


In India, e-commerce is rapidly growing. Its success could be contingent on technological advancements and people's hectic work schedules. People nowadays choose to buy anything online, from clothes to appliances to groceries. Not only does it save time, but it also offers a range of promotions that result in cost savings. If done correctly, starting a business in this industry can be extremely profitable. However, there are a few things to consider before beginning to open an online store in India. The days of the customer being at the mercy of shops and having to choose a product from a limited selection are long gone. In recent years, e-commerce, or electronic commerce, has revolutionised and become a customer-oriented industry. India currently has the world's fastest-growing e-commerce industry. When formal sales reached $1 trillion in 2014, e-commerce caused a stir in the global economy.

When there are online disputes in India, the Information Technology Act of 2000 governs the situation, but the act is deficient in many respects. E-commerce laws and regulations in India are constantly changing, leaving many entrepreneurs in the dark. There is a common misconception that e-commerce companies need less legal enforcement than their offline counterparts. Selling online, on the other hand, does not always save you money or relieve you of the responsibility of complying with regulations. The law considers all online and offline companies to be the same. Let's look at the steps to starting an online store:

Structuring Of Business

The Information Technology Act of 2000 regulates the situation in India when there are online conflicts, but the act is inadequate in several ways. In India, e-commerce laws and regulations change frequently, leaving many entrepreneurs in the dark. It is a common misconception that e-commerce businesses need less regulatory oversight than their traditional counterparts. On the other hand, selling online does not always save you money or relieve you of the burden of following regulations. Both online and offline businesses are treated the same by the regulation. Let's take a look at how to start an e commerce store.

  1. Sole Proprietorship,
  2. Partnership,
  3. Limited Liability Partnership (LLP),
  4. Company (Public/Private) and
  5. One Person Company.

The ultimate goal of an e-commerce entrepreneur is to raise funds, so the most popular business structure for them is a private limited company. The company's integration process is entirely online, and it can be accessed at For the formation of a private limited company, the entrepreneur must approve his name and registered office address. It must have at least two directors with DINs (Director Identification Numbers) and DSCs (Director Status Codes) (Digital Signature Certificate). The authorised share capital of the company must be INR 1 lakh. The Memorandum of Association (MOA) and Articles of Association (AOA) are also required to complete the incorporation formalities. The Registrar of Companies issues a certificate of incorporation to the company at its registered office address until all of these requirements are met (ROC).

Domain Name

  • They must register their company's domain name before the company's organisational structure is determined. An e-commerce company must not only protect their own intellectual property, but also ensure that they do not infringe on the intellectual property of others. When choosing a name, however, one must ensure that it is not similar to a previously registered name. Many e-commerce companies choose a specific name and register it with the Trademark Registry to obtain exclusive rights to that name.
  • The most well-known case recently is Paypal's filing of an objection against PayTM, an Indian company, in 2017, with the trademark registrar contesting on the grounds that the two brands' logos were identical. The lawsuit was filed on the last day of PayTM's four-month deadline for advertising its trademark application. They were accused of sticking to the logo's two-tone blue colour scheme, which they said could confuse customers.

Protection of data

  • Another important task for an e-commerce company is to protect its customers' data. Maintaining privacy for any potential customer who visits the website or portal is extremely important for any e-commerce entrepreneur who wants to build trust with customers. A customer is asked to include personal and confidential information while making the digital payment transaction and other formalities. As a result, online companies now have a greater responsibility to pay attention to and follow the laws governing "Data Privacy" and "Data Security." Passwords, medical records and history, financial information such as bank account details and credit card details, and other sensitive personal data or information (SPDI) provided by the customer must be protected by an entity in accordance with Section 43A of the Information Technology Act, 2000, by reasonable means.
  • An online organisation must fulfil the duty to follow a fair security practise and a standard procedure for ensuring the protection of sensitive data. If any organisation uses a standard other than the one defined for data protection, the Government of India will demand that their codes be approved. In accordance with the Information Technology Act of 2000, the e-commerce agency must obtain the customers' prior express consent before collecting personal information from them while communicating with them. Sensitive and confidential information must only be accessed if it is necessary for the reason at hand and is of a lawful nature, and it must not be kept by the agency for longer than is necessary.
  • The e-commerce agency must ensure that the consumer is aware of the collection of information, the purpose for the collection, and the organization's protection of such information, among other things. Any disclosure of confidential customer details to a third party other than a government entity or as required to be disclosed in accordance with the law will require the customer's prior consent. If the SPDI is transferred by the e-commerce agency to satisfy a customer's duty or if the customer has consented to such a transfer, the e-commerce agency must ensure that the third party, located anywhere in the world, maintains the same level of privacy and follows all of the Act's laws. The e-commerce business would also have to make plans to deal with consumer issues within a certain time frame. A small amount of SPDI security negligence on the part of an e-commerce company will result in a loss of reputation and goodwill.

Privacy Policy and Terms of Service

We often come across disclaimers, privacy policies, and terms and conditions while visiting any E-commerce website. Have you ever wondered why drafting such documents is so important? For any e-commerce website, the terms of service and privacy policy are the two most relevant documents. The terms and conditions of every website assist with informing consumers about the website's rights and obligations. It aids in the smooth operation of the business and also offers legal protection to the owner or promoters in the event of any liability arising from any arrangement entered into with a customer or another corporation. The privacy policy, on the other hand, informs consumers about how e-commerce firms can use the information provided by customers and how they will protect their personal information. The Privacy Policy must be published in its entirety on the e-commerce website so that it is easily accessible to all website visitors. These documents shield entrepreneurs from being prosecuted under section 43A of the Information Technology Act of 2000, which carries a maximum liability of INR 5 crores.

Vendor/Supplier Agreement

It is critical for all online stores to build a relationship with the vendors mentioned on their portal. However, if you just sell your goods in those stores and do not have an online site, it is important to have a supplier agreement in place. It should explicitly state each party's status and obligations, as well as all relevant clauses and terms to cover issues such as default, product quality, late delivery, payment, and so on, according to the business model of the company.

GST Requirements

Case Scenario-1 Selling through your own website

  • Assume an entity creates its own website to sell products online in addition to or instead of a physical retail outlet. Although the entity will be an Electronic Commerce Operator under Section 2(45), it will not be required to register because it will be collecting money on its own (i.e. through a payment gateway) and will be subject to the provisions of Section 52 (TCS) of the CGST Act.
  • Only if ECO is liable to collect TCS is compulsory registration under Section 24(ix) required. As a result, depending on the circumstances, a turnover threshold cap (i.e. 10 lakhs/20 lakhs/40 lakhs) would apply.
  • However, if an individual wishes to sell goods across state lines, it is required to register under Section 24(i). If the agency provides interstate facilities, there would be a threshold cap for registration.

Conclusion of Case Scenario-1:

Within the state, selling goods via a personal website

There will be a threshold cap, but it will not be mandatory to register.

Providing services via a personal website inside or outside of the state

There will be a threshold cap, but it will not be mandatory to register.

Outside of the state, selling goods via a personal website (Interstate)

The threshold limit would not apply to those who are eligible to register under Section 24. (i)

Selling products on e-commerce websites such as Flipkart, Amazon, and others.

If a company wishes to sell its products on online e-commerce sites like Flipkart or Amazon, it must register under Section 24(ix) regardless of its turnover. Simply put, even if you supply products worth Rs.1 via an e-commerce website, you will be required to register for GST.

Section 24 requires mandatory registration (ix).

Payment Gateway and Related Compliance

A payment gateway is a mechanism that allows an e-commerce website to accept payments from customers. Payment gateways such as PayPal, PayUmoney, and others accept credit cards, debit cards, and multi-bank net banking and transfer funds to the e-commerce company's bank account within 2-3 days. E-commerce entrepreneurs must apply documentation such as the company's bank account, certificate of incorporation, Memorandum of Association, Articles of Association, company PAN passport, proof of address, privacy policy, and the website's terms of service in order to use the payment gateway programme. Furthermore, banking and financial requirements for such transactions and online shopping in India must be met. PayPal, for example, must first obtain a licence from the Reserve Bank of India in order to allow for online receipts and other expenses for any e-commerce service (RBI).

Other Compliances

E-commerce is a form of electronic commerce. Contract law, the Indian Penal Code, labour rules, and other laws must all be followed by businesses. Various states have made it mandatory to obtain a Shop and Establishment licence before starting a company. The Shop and Establishment Act requires that the registration be completed within 30 days of the start of the job.

India's cyber laws have become increasingly strict, requiring e-commerce entrepreneurs to conduct cyber law due diligence in India. For non-compliance, many online portals, international firms, and even Indian companies are regularly prosecuted.

The legal requirements for e-commerce businesses vary depending on the type of company. For example, in the case of an e-commerce business that engages in electronic trading of prescription drugs, legal enforcement is stricter than in other e-commerce activities. Any digital trading in health goods is scrutinised more than other products. If the corporation does not comply with the legal requirements, it will be served with a legal notice.

The Information Technology (Intermediary Guidelines) Rules 2011 impose a strict duty on e-commerce sites in India. As a result, adequate digital due diligence should be performed prior to the launch of any e-commerce websites.

Copyright 2023 – Helpline Law


You could get in touch with our team to find a suitable lawyer for assistance.
Helplinelaw has been referring lawyers that fit your needs in terms of seniority and experience since 2001

Other Latest Articles