Legal Checklist For Online Businesses In Australia

Starting an online business in Australia can feel like the perfect way to launch (or grow) your idea without the overheads of a physical shopfront.

But while it’s online, the legal obligations are very real. From the way you advertise and take payments, to how you handle customer refunds and store personal data, online businesses are expected to meet the same standards as any other business - and in some areas, they face extra rules (especially around privacy, marketing and digital terms).

To make things easier, we’ve put together a practical legal checklist you can use whether you’re launching a brand new ecommerce store, a subscription-based platform, a SaaS product, an online agency, a digital course business, or anything in between.

Let’s walk through what you should set up early, what you need to keep reviewing as you grow, and the common legal traps we see online businesses fall into.

Note: This article is general information only and isn’t legal or tax advice. Because online businesses can vary a lot (and the rules can change), it’s best to get advice tailored to your situation.

What Counts As An Online Business (And Why That Matters Legally)?

When people say “online business”, they can mean very different things. Legally, the details matter because different business models trigger different risks and compliance obligations.

Common types of online businesses include:

• Ecommerce: selling goods online (including dropshipping, made-to-order, wholesale/retail).
• Online services: agencies, freelancers, consultants, coaches, virtual assistants, creative services, tradies with online booking, etc.
• Digital products: courses, templates, software licences, memberships, paid communities.
• Marketplaces/platforms: where you connect buyers and sellers or host user-generated content.
• Subscription businesses: recurring billing for products or services.

The reason this matters is simple: the legal documents and compliance steps you need should match what you actually do. A “one-size-fits-all” template often misses key clauses (or includes irrelevant terms), which can create confusion or disputes at exactly the wrong time - like when a customer wants a refund or a supplier delivers late.

If you’re unsure how to classify your online business, start by mapping out:

• What you sell (goods, services, digital access, or a mix)
• Who you sell to (consumers, other businesses, or both)
• Where your customers are located (Australia only, or overseas too)
• How your customers buy (checkout, quote acceptance, subscription, invoice)
• How you deliver (shipping, instant download, staged milestones)

Step 1: Set Up Your Business Structure And Registrations Properly

One of the most important early decisions for online businesses is the legal “vehicle” you operate through. It affects your personal liability, tax and growth options, and even how professional your business looks to customers, suppliers and investors.

Choose The Right Business Structure

Most online businesses start as one of these structures:

• Sole trader: simple to set up and low-cost, but you’re personally responsible for the business’s debts and liabilities.
• Partnership: two or more people running a business together - but you should be careful, because partners can be responsible for each other’s actions.
• Company: a separate legal entity. A company structure can help protect your personal assets, but comes with more admin and ongoing obligations.

If you have co-founders, investors, or you plan to scale quickly, it’s worth getting advice early on structure - changing later is possible, but it can create cost and complexity (especially if contracts, IP, or customer data are already sitting in the “wrong” entity).

Register Your Name And Get The Basics Right

Depending on how you operate, you may need to:

• Register an ABN (Australian Business Number)
• Register a business name (if you trade under a name that isn’t your personal legal name)
• Register a company (if you choose a company structure) and set up governance documents

If you run a company, having a Company Constitution in place can help clarify internal rules (like share rights, director powers and decision-making) instead of relying solely on default rules.

And if there are multiple owners, it’s usually smart to document who owns what, who makes decisions, and what happens if someone wants to exit - that’s where a Shareholders Agreement often becomes essential.

Step 2: Get Your Website And Sales Process Legally “Customer-Ready”

Your website (or app) is more than a marketing asset - it’s often your main “sales channel” and can form the contract between you and your customer.

For online businesses, the legal goal is to make sure the customer understands what they’re buying, how they’re buying it, and what happens if something goes wrong.

Terms And Conditions (The Rules Of The Sale)

Your Terms and Conditions (sometimes called “Customer Terms”, “Service Terms” or “Terms of Sale”) are where you set expectations, reduce misunderstandings, and protect your business.

Depending on your model, your terms may need to cover things like:

• What the customer receives (and what they don’t)
• Pricing, payment timing and GST treatment
• Shipping, delivery times and risk of loss (for goods)
• Digital access rules (for courses, subscriptions, memberships)
• Refunds, cancellations and dispute handling
• Acceptable use (especially for platforms and communities)
• Limitations of liability (done carefully - you can’t contract out of certain consumer guarantees)

If you sell online, it’s worth treating your Terms and Conditions as a living document - you may need to update it as your offerings change (new subscription tiers, new products, new delivery methods, new partnerships).

Website Terms (If You Have Users Browsing, Not Just Buying)

Even if people aren’t purchasing, they might be creating accounts, uploading content, engaging in your community, or using your site tools. That’s where website terms (or platform terms) come in.

For online businesses with user accounts, content or community features, consider using tailored Website Terms and Conditions that cover acceptable behaviour, moderation rights, and what happens if you suspend an account.

Make Checkout Disclosures Clear (And Avoid Surprise Terms)

Some of the biggest online business disputes start with “I didn’t realise…”

To reduce risk, make sure your key terms are presented clearly at (or before) checkout, including:

• Total price (including delivery fees and any “handling” fees)
• Recurring billing terms (for subscriptions)
• Delivery timeframes or service timelines
• Any important exclusions or limitations
• How cancellation works

This is also good practice under the Australian Consumer Law (ACL), which expects clarity and fairness in the way you market and sell.

Step 3: Comply With Australian Consumer Law (ACL) When Selling Online

Australian Consumer Law applies whether you sell from a shopfront, through social media, or via your own website. And in many ways, online businesses are under even more scrutiny because your advertising, product claims, and refund practices are visible and easy for customers to challenge.

Be Careful With Marketing Claims

Online marketing moves fast - but legal claims move slowly and can be expensive to defend. Make sure you don’t accidentally mislead customers through:

• Before-and-after photos that imply results you can’t guarantee
• “Limited stock” or “last chance” claims that aren’t true
• Inflated discounting (e.g. comparing against an RRP that’s not genuine)
• Reviews or testimonials that don’t reflect typical customer outcomes

As a general rule: if a customer relies on a claim to decide to buy, that claim should be accurate and supportable.

Understand Refunds And Consumer Guarantees

A common online business mistake is assuming “no refunds” automatically works. Under the ACL, customers have certain rights that can’t be excluded - especially when goods are faulty or services aren’t delivered with due care and skill.

That doesn’t mean your business has to give refunds for change-of-mind in every case. But it does mean your refund policy must be consistent with the ACL, and your Terms and Conditions should be drafted with those rules in mind.

If you offer warranties (or extended warranties), you should also take care with how you describe them, so customers don’t confuse extra warranties with their automatic ACL rights.

Step 4: Handle Privacy, Data Collection And Email Marketing The Right Way

If your online business collects personal information (and most do), privacy compliance shouldn’t be an afterthought. It’s a trust issue as much as it is a legal issue.

When Do You Need A Privacy Policy?

If you collect personal information like names, emails, addresses, phone numbers, or behavioural data (like analytics tied to individuals), you should have a clear Privacy Policy that explains:

• What personal information you collect and how
• Why you collect it (e.g. fulfil orders, provide services, marketing)
• Who you share it with (e.g. couriers, payment processors, email providers)
• Whether data is stored overseas
• How customers can access or correct their information

Many online businesses don’t directly store full payment card details (because payments are handled by third-party processors). Even so, you may still collect and handle personal information linked to payments (like billing details, transaction references, or partial card information), so it’s worth checking what data you actually collect and what your providers store on your behalf.

Also, while some small businesses may be exempt from parts of the Privacy Act 1988 (Cth) under the “small business exemption”, privacy obligations can still apply in certain situations (for example, depending on what information you handle, and how). Regardless of whether you’re strictly covered, having clear privacy documentation is often expected by customers, partners and platforms - and it helps you run your online business more responsibly.

Don’t Forget Your Collection Notices

In practice, privacy compliance isn’t just a Privacy Policy link in the footer. If you collect information through forms (newsletter signups, quote requests, account creation), you should think about what you tell people at the point of collection.

This may include a short “collection notice” near the form (for example, telling users that by submitting the form, they agree to your Privacy Policy and may receive communications).

Email Marketing And Spam Rules

Email marketing is a powerful growth channel for online businesses, but you need to follow the spam rules (including having consent, accurate sender details, and a functional unsubscribe option).

The safest approach is to make sure you’re building your list ethically and keeping records of how consent was obtained - especially if you scale and start running bigger campaigns.

Step 5: Protect Your Brand, Content And Other Intellectual Property

Online businesses often live or die based on their brand and their content. The risk is that if you don’t protect it early, someone else can copy your name, mimic your visuals, or reuse your content - and it can be difficult (and expensive) to fix later.

Trade Marks (Your Name, Logo And Brand Assets)

If you’re investing in a brand name, logo or tagline, consider whether you should register a trade mark. A registered trade mark can help you stop others from using a similar name in your market and can make it easier to enforce your rights.

This is especially relevant for online businesses because:

• you often market nationally (or globally) from day one
• copycats can appear quickly once you start getting traction
• customers can be easily confused by similar names online

Copyright (Your Content, Website Copy, Designs, Photos)

Copyright can protect original materials like written content, images, videos, and designs. But “having copyright” isn’t the same as having clear legal rights to use what’s on your site.

For example, if you hire contractors to create branding, photography, website design, or code, you should check the contract says IP ownership is assigned to you (or properly licensed) - otherwise you may not fully own what you’ve paid for.

Confidential Information (Especially Before Launch)

If you’re sharing your idea with potential developers, suppliers, collaborators or advisors, a Non-Disclosure Agreement (NDA) can help protect confidential information before you go live.

This can be particularly important if your online business has unique processes, product formulas, pricing strategies, or a platform concept that isn’t public yet.

Key Takeaways

• Online businesses in Australia still need a solid legal foundation, including the right business structure, registrations and governance documents.
• Your website can form part of your customer contract, so clear Terms and Conditions and website terms help set expectations and reduce disputes.
• Australian Consumer Law applies to online sales, meaning your advertising, refunds and customer promises must be handled carefully.
• Most online businesses collect personal data, so a Privacy Policy and good data-handling habits are essential for compliance and customer trust (even where a small business exemption may apply).
• Protecting your brand and content early (including trade marks and clear IP terms with contractors) helps you avoid painful disputes as you grow.
• As your online business scales, your legal checklist should scale with it - especially if you add subscriptions, new products, staff, or new markets.

If you’d like a consultation on setting up your online business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.