If you read Part 1 of this series, you already know how tightly EU-wide regulations wrap around every business website targeting European customers. From GDPR to the E-Commerce Directive, the continent speaks with one legal voice on data, pricing, accessibility, and consumer rights.
But here’s the twist: each country also adds its own flavor of enforcement, extra requirements, and legacy rules that most international businesses don’t see coming until it’s too late. And no, these aren’t just edge-case technicalities. We’re talking mandatory disclosures, formatting regulations, local language laws, and even how your footer should be structured—rules that apply the moment you make your site available to customers in that market.
In this second installment, we’re zooming in some countries—Germany, Austria, Italy, the Netherlands, Belgium, Denmark, Slovenia, Switzerland, and the UK —to break down the unique legal demands that apply beyond the pan-European baseline.
Some of these rules are carryovers from national legislation predating the EU, others are modern updates layered on top of Brussels’ directives. All of them, though, carry legal force. Ignore them, and your “fully compliant EU site” might still be illegal in half the countries it serves.
Let’s get into it—country by country.
In This Article:
If there’s one country where legal compliance isn’t just a technicality—it’s a national pastime—it’s Germany. And nothing embodies that better than the Impressum, a legal disclosure page that’s not only required, but strictly enforced.
The obligation comes from the Telemediengesetz (TMG), recently modernized under the Digitale-Dienste-Gesetz (DDG), which implements parts of the EU’s Digital Services Act. In practical terms, if you're operating a commercial website accessible in Germany, you must provide an Impressum—essentially a legal notice page—that lists a very specific set of details about your business.
Here’s what that page must include:
The Impressum must be “easily, directly, and permanently accessible”—which usually means a clear link in the website footer labeled “Impressum” or “Legal Notice.” Don’t get creative with naming or bury it behind a privacy policy.
And yes, German courts have ruled on this—many times. Businesses have been hit with Abmahnungen (formal legal warnings with cost penalties) for even minor violations, such as missing a phone number or using a vague job title instead of a named person. Unlike other markets, where this might result in a slap on the wrist, Germany’s enforcement is procedural and aggressive.
One more thing: even social media profiles and mobile apps targeting the German market need to include an Impressum, or a direct link to one.
If your site is live in Germany and you don’t have a legally compliant Impressum, it’s not a matter of if you'll be targeted—it’s when. And the cost? Anywhere from €500 to €5,000 per violation, not to mention the legal fees to deal with it.
Austria shares a lot of legal DNA with Germany—but don’t assume that copying your German Impressum will get you across the compliance line. Austrian law has its own demands, and they’re enforced with a particular emphasis on transparency and public accountability.
The key regulation is the E-Commerce Act (ECG), which mirrors the EU’s E-Commerce Directive but goes a step further in several areas. If you run a commercial website accessible in Austria, you’re required to provide an Impressum (called an “Offenlegungspflicht”) that discloses:
That’s the baseline. But if your website also qualifies as a “media service” under Austrian law—which can include blogs, news sections, or even promotional content updated regularly—you’re additionally subject to the Media Act.
Under that act, you must publish a “Blattlinie,” or editorial line—a short public statement describing the general orientation or mission of your media content. It doesn’t have to be long or ideological, but it must reflect the purpose of your publication (e.g., “This website offers legal and business advice for Austrian SMEs”).
The idea behind the Blattlinie is simple: if you’re putting out regular public content that could influence public opinion, the audience deserves to know your angle.
Fines for non-compliance can be issued by the Austrian Communications Authority (KommAustria), and while not as aggressive as Germany’s Abmahnung culture, enforcement still happens—especially when competitors or watchdogs notice missing or misleading disclosures.
Italy might be famous for its design flair and lifestyle branding, but when it comes to legal compliance? It’s pure bureaucracy—and your website better reflect that.
The key requirement comes from Law 88/2009, which mandates that all companies registered in the Registro delle Imprese (Italian Companies Register) include specific information on their websites. This isn’t a soft guideline—it’s a hard legal obligation.
Here’s what you need to display, usually in the site footer or an “Informazioni Legali” page:
That share capital disclosure is one of the most unique requirements. You’re expected to state the exact amount and whether it’s been paid in full—for example: “Share capital €100,000 fully paid up.” This level of financial transparency isn’t common elsewhere in the EU, but in Italy, omitting it is considered a material violation.
Law 88/2009 also aligns with broader EU transparency obligations under the E-Commerce Directive, but Italian enforcement focuses especially on these company-specific identifiers. If your site is missing any of these elements, you could be fined by the Camera di Commercio or targeted in routine audits by financial or tax authorities.
It’s also worth noting that Italy tends to expect this information to appear in Italian—even on multilingual sites. If you’re targeting Italian consumers, consider duplicating your legal disclosures in both English and Italian to avoid misunderstandings or enforcement issues.
The paperwork might feel heavy, but the cost of skipping it is worse. In Italy, a beautifully branded site with no corporate identifiers isn’t clever—it’s illegal.
The Netherlands takes a pragmatic but firm stance on website compliance: clear company identity up front, and no tricks when it comes to cookies.
Let’s start with business identification. Dutch law requires every commercial website to clearly display its KvK (Kamer van Koophandel) number—your official Chamber of Commerce registration ID. This must be accompanied by your full company name and physical address, plus your BTW (VAT) number if you're VAT registered.
These disclosures are not optional. Under Dutch commercial law, any site offering goods or services must make this information “easily accessible and permanently available,” usually via a clearly labeled footer link or legal notice page. Omitting them not only violates Dutch civil code, but also makes it harder to enforce your contracts—which can get very messy if there's a dispute.
Then there's the Netherlands’ famously strict take on cookies.
While the country follows the EU's ePrivacy Directive—which requires prior consent for non-essential cookies—it enforces it through the Dutch Telecommunications Act (Telecommunicatiewet). The national regulator, the Autoriteit Consument & Markt (ACM), has consistently ruled that cookie banners must offer a real choice. That means:
In fact, the Netherlands was one of the first EU countries to crack down on “cookie walls”—those designs that block content until a user accepts tracking. Unless you can prove that the content or service can’t function without cookies, that wall is illegal.
Belgium is a multilingual country with a legal framework to match. If you’re targeting Belgian users, your site needs to do more than comply with EU law—it needs to speak the right language. Literally.
The first thing to know is that Belgium has three official languages: Dutch (Flemish), French, and German. According to national language legislation, commercial communications—including websites—must be available in the official language of the region where your business is based. If you operate from Brussels, you’ll need to cover both Dutch and French. In Wallonia, French is mandatory; in Flanders, it’s Dutch.
This applies to legal disclosures, terms and conditions, order confirmations, and customer service touchpoints. English versions are welcome, but not enough on their own. So if you’re running a multilingual site for Belgium, the best practice is to make all legal pages—privacy policies, cookie notices, terms of sale—available in at least the two most widely spoken languages: Dutch and French.
Another key distinction in Belgium is the age of digital consent. While GDPR allows EU member states to set this between 13 and 16, Belgium has opted for the lower end: 13 years old. That means if your site collects personal data or uses cookies tied to user profiling, you must obtain verifiable parental consent for users under 13.
As for compliance enforcement, the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données) has a strong track record of GDPR rulings, particularly around transparency and cookie design. It aligns with broader EU case law but has issued guidance specifically emphasizing the importance of multilingual consent and accessible disclosures.
Denmark may be known for minimalism, but when it comes to digital compliance, it’s all about precision—especially in how you present your privacy and company data.
Let’s start with cookies. While most EU countries rely on the broader ePrivacy Directive framework, Denmark has taken it a step further with its own Cookie Order (Bekendtgørelse om krav til information og samtykke ved lagring af og adgang til oplysninger i slutbrugeres terminaludstyr). Enforced by the Danish Business Authority (Erhvervsstyrelsen), this regulation requires websites to:
Cookie walls are heavily scrutinized in Denmark. If you’re blocking access to content until users click “accept,” you’ll need a legally solid reason—typically, that the service literally cannot function otherwise.
On the corporate transparency side, Danish law requires your website to prominently display your CVR number—your official business registration ID in the Danish Central Business Register. This should be listed alongside:
But there’s more: if your website targets Danish consumers, especially in e-commerce, you must include a direct link to the official Alternative Dispute Resolution (ADR) platform. This requirement stems from Denmark’s implementation of EU consumer protection law and is expected even for small online retailers.
Failing to meet these standards won’t just raise eyebrows—it can trigger formal investigations, fines, or consumer complaints. The Danish approach is methodical, not theatrical. But that makes it all the more unforgiving when your compliance slips.
In short, precision isn’t optional in Denmark. From your cookie banner to your business disclosures, everything must be clear, accurate, and accessible—down to the letter.
Slovenia has one local requirement that overshadows all others when it comes to website compliance: your website must be in Slovene—not optionally, not partially, and not “coming soon.”
This isn't a soft cultural expectation. It's a legal obligation grounded in the Public Use of the Slovene Language Act (ZJRS), which mandates that all business communications directed at the public must be in Slovene—including digital content. That means your homepage, product descriptions, checkout flow, legal pages (privacy, terms), and customer support details all need to be clearly and fully available in the national language.
This law applies whether you’re a local startup or a foreign company actively targeting the Slovenian market. And if your business is based in or operated from Slovenia, then it’s not just best practice—it’s mandatory. There are no carveouts for “English-speaking customers” or multilingual audience intent. If you’re selling or promoting in Slovenia, Slovene is legally required.
Enforcement comes from the Inspectorate for Culture and Media, and while they’re not issuing daily fines, they do act on complaints—especially when consumers or competitors notice a site that’s clearly non-compliant.
But that’s not all. Slovenia also enforces strict consumer pricing transparency rules, especially when it comes to discounts. In accordance with the amended Consumer Protection Act (ZVPot-1), any business advertising a price reduction must show the lowest price the product was offered at in the last 30 days. This rule was designed to prevent fake sales tactics (like raising prices before applying a discount), and it's enforced by the Market Inspectorate of the Republic of Slovenia.
This makes Slovenia a legal minefield for international e-commerce platforms like ASOS, Notino, or Zalando, which often run cross-market promotions. If you’re using a global pricing engine, you’ll need to ensure that your Slovenian storefront tracks and displays 30-day average pricing correctly—or risk regulatory action.
Yes, Slovenia also enforces the usual suspects: GDPR (via ZVOP-2), cookie laws, consumer protection (ZVPot), and e-commerce transparency.
To recap:
Switzerland may not be part of the EU, but if you think that exempts your website from tough legal requirements, think again. Swiss digital compliance law mirrors many EU standards—and in some cases, gets even more specific.
At the heart of it is the revised Federal Act on Data Protection (FADP), which came into force in September 2023. This law isn’t just a local copy of GDPR—it’s Switzerland’s own framework, with high standards and real teeth. If you process personal data from Swiss users—whether through cookies, contact forms, or checkout flows—you’re required to:
Like GDPR, the FADP emphasizes transparency, proportionality, and user rights. But Swiss regulators are particularly keen on how and when consent is gathered. That means your cookie banners and privacy policies need to stand up to real scrutiny—just as they would under EU law.
Then there’s business identification. Swiss law requires that your website clearly display:
Unlike the EU, there’s no Impressum requirement per se—but consumer protection laws enforced by the State Secretariat for Economic Affairs (SECO) still expect professional sellers to be fully identifiable and reachable. If you’re selling goods or services online, don’t think you can hide behind an anonymous storefront.
Switzerland also has unique e-commerce laws, like mandatory price transparency and the obligation to clearly identify whether you're acting as a private or commercial seller. If you're a foreign company targeting Swiss consumers, you'd be wise to ensure your disclosures are clear, accurate, and—ideally—available in German, French, or Italian depending on your target region.
In short, operating in or selling to Switzerland means playing by serious rules. You’re outside the EU—but not outside its shadow.
Brexit may have redrawn political borders, but when it comes to digital compliance, the UK remains tightly aligned with its former EU partners. If your site serves UK customers—or you’re based in Britain—you’re still navigating a web of overlapping regulations.
Let’s start with data protection. While the UK is no longer under GDPR, it has retained an almost identical law: the UK GDPR. Combined with the Data Protection Act 2018, this framework mirrors EU standards on consent, data subject rights, and controller obligations.
So, yes—you still need:
And enforcement is real. The UK’s Information Commissioner’s Office (ICO) remains one of the more active regulators in Europe, regularly issuing fines for violations—especially for improper tracking, vague consent mechanisms, or opaque data-sharing practices.
On the commercial side, the UK has preserved the core requirements of the E-Commerce Regulations 2002. These rules require that you disclose:
For ecommerce sites, the Consumer Contracts Regulations 2013 enforce the usual suspects: cooling-off periods, pre-contractual information, refund rights, and total price disclosure. These laws are near-identical to their EU counterparts, so don’t expect a Brexit loophole here.
Finally, the UK has also adopted the Alternative Dispute Resolution for Consumer Disputes Regulations, which require you to inform consumers about accessible ADR options—even if you don’t use them. And if you’re targeting EU markets from the UK, you’re subject to both UK and EU frameworks.
Bottom line: Brexit hasn’t freed UK websites from strict compliance—it’s duplicated the workload. If you’re operating across both UK and EU markets, you need to ensure your site satisfies both regulatory regimes. There’s overlap, yes—but double-check everything.
