E-commerce regulation in Europe

Last updated: 28.11.2025

E-commerce regulation in Europe

Navigating the world of e-commerce in the European Union requires understanding a growing body of digital legislation. This article explores the key EU directives and regulations – such as the E-Commerce Directive, the Digital Services Act, the Digital Markets Act, and the Omnibus Directive – that define the legal landscape for online service providers and intermediary platforms.

Together, these laws aim to foster trust, ensure consumer protection, and support the smooth operation of cross-border online services in the EU’s digital single market.

Electronic commerce directive

The EU E-Commerce Directive (2000/31/EC) continues to apply to Polish online businesses – especially those selling to consumers in other EU countries for the last 25 years. It sets the legal foundation for offering digital services across borders and introduces basic rules for running a compliant e-commerce website.

The most important rule for B2C is the country-of-origin principle. If your company is established in Poland, you generally only need to follow Polish e-commerce law – not 27 different national laws. That means lower regulatory risk when selling across the EU, unless a foreign authority justifies an exception in a specific case.

Even after the Digital Services Act (DSA) came into force, the Directive still matters. It requires e-shops and platforms to provide clear and accessible company details on their website (e.g. business name, address, KRS or VAT ID). It also regulates online advertising: promotional content must be clearly marked, and commercial emails can’t be misleading or hidden.

In terms of checkout and contracts, the Directive still requires online stores to explain the ordering process step by step, allow error correction before purchase, confirm orders by email, and specify which languages are available for the transaction. These are now standard expectations in any well-run online shop.

The original safe-harbour rules (on liability for user content) have been moved to the DSA, but most other provisions from the Directive remain binding. In Poland, the rules are implemented in the Act on Providing Services by Electronic Means, which still applies to most B2C online businesses.

Key principles under the e-Commerce Directive that concern your business:

1. Country-of-origin rule – apply Polish law when offering services across the EU, unless another Member State intervenes in a justified case.
2. Business transparency – display full company details (name, address, registration, contact email) clearly on your site.
3. Commercial communications – label ads, newsletters and sponsored content clearly; avoid hidden marketing.

DSA – Digital Services Act

The Digital Services Act (DSA), formally Regulation (EU) 2022/2065, establishes a harmonized legal framework for digital services operating within the European Union. Effective from 17 February 2024, the DSA imposes specific obligations on providers of intermediary services, including hosting services, online platforms, and marketplaces.

Scope of Application

The DSA applies to all providers of intermediary services offering services to recipients in the EU, regardless of their place of establishment (Article 2(1) DSA).

This encompasses:

• Mere conduit services (e.g., internet access providers),
• Caching services (e.g., content delivery networks),
• Hosting services (e.g., cloud storage providers),
• Online platforms (e.g., social media platforms, online marketplaces).

Obligations for Hosting Services and Online Platforms

Providers of hosting services and online platforms are subject to several obligations under the DSA:

• Notice and action mechanisms: Implement procedures for the notification and removal of illegal content
• Transparency of terms and conditions: Clearly inform users about content moderation policies, including algorithmic decision-making processes
• Internal complaint-handling systems: Establish mechanisms for users to appeal content moderation decisions
• Designation of points of contact: Appoint points of contact for communication with authorities and users
• Legal representation: Non-EU providers must designate a legal representative within the EU.

Additional Requirements for Online Marketplaces

Online platforms facilitating distance contracts between traders and consumers are required to:

• Verify trader information: Collect and verify essential information about traders using the platform
• Provide traceability: Ensure that consumers have access to information about the identity of traders prior to the conclusion of a contract
• Inform about recommender systems: Disclose the main parameters of recommender systems used on the platform.

Although the DSA is directly applicable across the EU, national laws are required to designate competent authorities and define enforcement procedures. In Poland, the amendment to the Act on Provision of Electronic Services is still in the legislative pipeline. We continue to monitor legislative progress and draft proposals to ensure our clients receive up-to-date, practical advice.

UCPD – Unfair Commercial Practices Directive

The Unfair Commercial Practices Directive (UCPD) is a cornerstone of EU consumer protection law, aiming to safeguard consumers from unfair business practices and ensure a level playing field for businesses across the internal market.

Scope and Applicability

The UCPD applies to all business-to-consumer (B2C) commercial practices occurring before, during, or after a transaction. It encompasses a wide range of activities, including advertising, marketing, and sales tactics, both online and offline.

General Prohibition of Unfair Practices

A commercial practice is deemed unfair if it:

• Contravenes the requirements of professional diligence; and
• Materially distorts or is likely to distort the economic behaviour of the average consumer.

Categories of Unfair Practices

The directive identifies two main categories:

• Misleading Practices: These include actions or omissions that deceive or are likely to deceive the average consumer, leading them to make decisions they would not have otherwise made. Examples encompass false information about product characteristics, pricing, or the trader’s commitments.
• Aggressive Practices: These involve harassment, coercion, or undue influence that significantly impairs the consumer’s freedom of choice. Tactics such as persistent unwanted solicitations or exploiting a consumer’s vulnerability fall under this category.

Blacklisted Practices

Annex I of the directive provides a list of commercial practices considered unfair in all circumstances. Notable examples include:

• Falsely claiming a product is able to cure illnesses.
• Advertising products similar to those of a competitor in a misleading way.
• Falsely stating that a product will only be available for a very limited time to elicit an immediate decision.

Recent Amendments

The UCPD has been updated to address emerging concerns:

• Directive (EU) 2019/2161: Introduced measures to enhance enforcement and modernize consumer protection rules, effective from 28 May 2022.
• Directive (EU) 2024/825: Focused on combating “greenwashing,” it prohibits unsubstantiated environmental claims and mandates transparency regarding product sustainability.

Obligations for Businesses

Businesses must ensure that their commercial practices:

• Provide clear and accurate information to consumers.
• Avoid misleading or aggressive tactics.
• Comply with the specific prohibitions outlined in Annex I.

Non-compliance can lead to enforcement actions by national authorities, including fines and orders to cease unfair practices.

Omnibus Directive

The Omnibus Directive (Directive (EU) 2019/2161) introduced significant changes to consumer protection rules in Poland, particularly affecting online commerce. It aims to improve transparency in e-commerce, especially regarding price reductions and online consumer reviews.

One of the key obligations for online sellers is the proper presentation of price reductions. Whenever a discount is announced, traders must indicate the lowest price applied during the last 30 days before the reduction.
Example: If a product was sold for PLN 200 in the last 30 days and is now offered for PLN 150, the seller must state that the previous lowest price was PLN 200.

This obligation is intended to prevent artificial inflation of prices immediately before a promotion (a practice often referred to as “fake discounts”).

The Omnibus Directive also impacts the presentation of consumer reviews. Traders must inform consumers whether and how they verify that published reviews come from actual buyers.
Example: An online store must clarify if reviews were posted by verified customers or if there is no verification process at all.

Non-compliance with the Omnibus requirements may lead to significant administrative fines in Poland – up to 10% of the trader’s annual turnover – imposed by the Office of Competition and Consumer Protection (UOKiK).

Understanding and implementing the Omnibus Directive rules is essential for businesses operating online to avoid legal risks and maintain consumer trust.

Top 3 Compliance Tips for the Omnibus Directive compliance:

• Always display the previous lowest price from the last 30 days when advertising a discount.
• Clearly inform consumers whether product reviews are verified and how verification is done.
• Document your pricing history and review verification processes to be prepared for potential inspections by UOKiK.

For more information about Omnibus directive check Omnibus Directive Poland / Price Indication Directive | Dudkowiak & Putyra

Geoblocking Regulation

Regulation (EU) 2018/302 of the European Parliament and of the Council of 28 February 2018 on addressing unjustified geo-blocking and other forms of discrimination based on customers’ nationality, place of residence, or place of establishment within the internal market (commonly referred to as the Geo-Blocking Regulation) has been applicable since 3 December 2018. The Regulation aims to eliminate unjustified barriers to online access to goods and services within the European Union.

Key Obligations for E-Commerce Businesses

1. Equal Access to Online Interfaces

• Businesses must not block or limit access to their websites based on a user’s location, such as through IP address identification.
• Redirecting users to local versions of a website requires their explicit consent.

2. Non-Discrimination in Commercial Terms

• Differentiating sales conditions (e.g., pricing, payment terms) for customers from different EU Member States is prohibited unless objectively justified.

3. Prohibition of Sales Denial

• Businesses cannot refuse sales of goods or services to customers from other EU Member States if these are offered to domestic customers, unless there are legitimate legal or technical reasons.

Exceptions

The Regulation does not apply to certain services, including:

• Audiovisual services, such as sports broadcasts subject to territorial licensing.
• Transport services.
• Financial services.
• Healthcare services.
• Gambling services.
• Services provided by notaries and bailiffs.

Implementation in Poland

Poland has aligned its national legislation with the Geo-Blocking Regulation through the amendment of the Act of 4 July 2019 on Competition and Consumer Protection. The Office of Competition and Consumer Protection (UOKiK) is responsible for overseeing compliance with these provisions.

Practical Recommendations for Businesses

• Ensure your website is accessible to users across the EU without unjustified restrictions.
• Avoid applying different sales conditions to customers from various EU Member States unless objectively justified.
• Before implementing any restrictions, verify that they do not contravene the Geo-Blocking Regulation.

Adhering to these regulations not only ensures legal compliance but also enhances customer trust and opens opportunities in the broader EU market.

Cross-border parcel delivery services Regulation

Regulation (EU) 2018/644 on Cross-Border Parcel Delivery Services – Implications for E-Commerce

Regulation (EU) 2018/644, effective since 22 May 2018, aims to enhance transparency and regulatory oversight in the cross-border parcel delivery market within the EU. While primarily targeting logistics and postal service providers, the regulation indirectly impacts e-commerce businesses by influencing delivery costs and service standards, which are critical components of the online retail supply chain.

Scope of Application

The regulation applies to parcel delivery service providers engaged in at least one of the following stages: collection, sorting, transport, or distribution of parcels weighing up to 31.5 kg. Exemptions include providers operating solely within a single Member State and delivering goods personally under a sales contract.

Information Obligations

Parcel delivery service providers are required to submit the following information to their national regulatory authority (in Poland: the Office of Electronic Communications):

• Company identification details, including legal status, registration number, VAT number, registered address, and contact information for a responsible person.
• Description of the parcel delivery services offered, including, where possible, detailed characteristics.
• General terms and conditions of service, including complaint procedures and any limitations of liability.

Additionally, by 30 June each year, providers must report:

• Annual turnover from parcel delivery services, broken down by domestic, incoming, and outgoing cross-border services.
• Number of persons working in parcel delivery services, including employment status breakdowns.
• Number of parcels handled, categorized by domestic, incoming, and outgoing cross-border services.
• Names of subcontractors and information on the services they provide.
• Publicly accessible price lists applicable as of 1 January each year, where available.

Price Transparency

All cross-border parcel delivery service providers, except those exempted, must provide their national regulatory authority with public lists of tariffs applicable on 1 January each year for the delivery of single-piece postal items. This information must be submitted by 31 January annually. The national regulatory authorities then forward these lists to the European Commission by 28 February, which publishes them on a dedicated website by 31 March.

Assessment of Tariffs

National regulatory authorities are mandated to assess whether the cross-border tariffs of universal service providers are unreasonably high. This assessment considers factors such as domestic tariffs, transportation and handling costs, and service quality standards.

Platform to Business – P2B Regulation

Regulation (EU) 2019/1150, known as the P2B regulation, came into force on July 12, 2020. Its aim is to ensure transparency, fairness, and predictability in the relationships between online platforms and businesses offering goods or services to consumers.

Key Obligations for Online Platforms

1. Transparency of Terms and Conditions

Platforms must provide business users with clear and understandable terms of service, including information on:

• The criteria and methods used for rankings,
• The conditions for entering into and terminating agreements,
• Access to data generated by business users.

2. Non-discrimination

Platforms cannot treat business users less favorably compared to their own products or services, unless objectively justified.

3. Suspension, Restriction, or Termination of Services

In the event of a decision to suspend, restrict, or terminate services, platforms are required to:

• Provide the business user with a justification of this decision on a durable medium prior to its implementation,
• Inform them of available remedies.

4. Dispute Resolution Mechanisms

Platforms must ensure:

• An internal complaint mechanism,
• Access to alternative dispute resolution, including mediation.

5. Transparency of Rankings

Platforms must disclose the criteria and methods used in ranking products or services offered by business users.

6. Access to Data

Business users have the right to access data generated in connection with their activity on the platform, enabling them to analyze and optimize their operations.

Exceptions

The P2B regulation does not apply to:

• Purely B2B services,
• Peer-to-peer platforms with no business users,
• Advertising platforms that do not mediate transactions with consumers,
• SEO software and ad blockers.

Implementation in Poland

In Poland, the Office of Competition and Consumer Protection (UOKiK) oversees compliance with the P2B regulation.

Digital Content and Digital Services Directive

The Digital Content and Digital Services Directive (EU) 2019/770) introduces harmonized rules across the EU for contracts between businesses and consumers (B2C) involving digital content or digital services.

When Does It Apply?

The Directive governs B2C contracts for:

• Digital content (e.g. software, apps, music, video, e-books),
  Digital services (e.g. cloud storage, streaming platforms, social media),
• Goods with digital elements only to the extent that the digital component is updated (the rest is governed by the Sale of Goods Directive).

The rules apply regardless of whether the consumer pays with money or provides personal data in exchange for access (e.g. creating an account).

Key Obligations for E-Commerce Providers

• Conformity with contract: Digital content or services must match agreed characteristics, function properly, be compatible with devices, and remain secure.
• Update obligation: Providers must supply security and functionality updates for the duration of the contract – or a “reasonable time” for one-off deliveries.
• Remedies for non-conformity:
  • Right to bring into conformity (e.g. fixing a bug),
  • Price reduction or contract termination for persistent or serious issues.
• Burden of proof: During the first year, it is presumed that the defect existed at delivery unless proven otherwise.
• Contract termination: If the consumer ends the contract due to non-conformity, the provider must refund within 14 days.
• No unfair modification: Providers cannot downgrade features or restrict access during the contract unless explicitly agreed in advance.

DAC7

The DAC7 Directive introduces new reporting obligations for digital platform operators within the European Union. Effective from 1 January 2023, the directive aims to enhance tax transparency and combat tax evasion in the digital economy.

Scope of Application

DAC7 applies to digital platforms facilitating the following activities:

• Sale of goods
• Provision of personal services
• Rental of immovable property
• Rental of means of transport

Important note: Both EU-based and certain non-EU platform operators are subject to these obligations if they have reportable sellers or relevant activities within the EU

Reporting Obligations

Platform operators are required to collect and report the following information about reportable sellers:

• Identification details: Name, address, Tax Identification Number (TIN), and date of birth (for individuals) or business registration number (for entities).
• Financial details: Total consideration paid or credited per quarter, number of relevant activities, and any fees, commissions, or taxes withheld or charged by the platform.
• Property details: For rental activities, address of the property, land registration number, and number of rental days.

The reporting must be submitted to the competent tax authority by 31 January following the end of the reporting period.

Due Diligence Procedures

Platform operators must implement due diligence procedures to identify reportable sellers and verify the accuracy of the information collected. This includes obtaining valid TINs and confirming the seller’s residency status.

Penalties for Non-Compliance

Failure to comply with DAC7 obligations may result in significant penalties, including fines ranging PLN 5,000,000

Sale of Goods Directive

Directive (EU) 2019/771, known as the Sale of Goods Directive (SGD), establishes uniform rules across the European Union concerning contracts for the sale of goods between traders and consumers. Effective from 1 January 2022, the directive aims to enhance consumer protection and facilitate cross-border trade by harmonising key aspects of sales contracts.

Scope and Applicability

The directive applies to contracts between traders and consumers for the sale of goods, including goods with digital elements. It does not cover the supply of digital content or digital services unless these are incorporated or interconnected with the goods and are necessary for them to perform their functions.

Key Provisions

1. Conformity of Goods: Goods must conform to the contract, meeting both subjective requirements (as agreed upon by the parties) and objective requirements (such as fitness for purpose, quality, and durability).
2. Remedies for Lack of Conformity: Consumers have the right to have non-conforming goods brought into conformity through repair or replacement. If this is impossible or disproportionate, they may be entitled to a price reduction or contract termination.
3. Time Limits: The seller is liable for any lack of conformity that becomes apparent within two years from the time of delivery.
4. Burden of Proof: Any lack of conformity that becomes apparent within one year of delivery is presumed to have existed at the time of delivery, unless proven otherwise.

Summary

In the evolving landscape of digital markets, intermediary service providers, online intermediaries, and e-commerce platforms must navigate an increasingly complex legal environment. Compliance with EU legislation is essential to ensure legal certainty.

As cross-border e-commerce continues to grow and digital services become more interconnected, maintaining conformity with legal requirements protects not only third-party rights but also fundamental consumer interests.