eCommerceShopifyWooCommerceADA complianceGDPRFTC

eCommerce Legal Compliance Checklist 2025: Protect Your Online Store

A practical compliance checklist for Shopify, WooCommerce, and custom eCommerce stores. Cover ADA accessibility, GDPR/CCPA, return policies, subscription disclosures, and FTC requirements.

By ComplixAI Team··5 min read

The Legal Exposure Most eCommerce Stores Don't Know About

Running an online store in 2025 means navigating overlapping legal requirements that most business owners discover only after receiving a demand letter. ADA lawsuits targeting eCommerce sites have grown steadily — Domino's Pizza's Supreme Court loss was a turning point that opened the floodgates. Meanwhile, the FTC has significantly expanded its enforcement against dark patterns, hidden fees, and subscription traps.

This checklist covers the legal requirements most likely to affect your store and how to fix them before they cost you.

ADA Accessibility for eCommerce

What Must Be Accessible

Every customer-facing page must meet WCAG 2.1 Level AA:

  • Product pages: All images need descriptive alt text. Color alone cannot convey product variants (e.g., "Red" must be labeled, not just shown as a red swatch).
  • Add to Cart / Checkout flow: All interactive elements — buttons, dropdowns, quantity selectors — must be keyboard-accessible. Screen readers must announce state changes (cart updated, item removed).
  • Forms: Every input in your checkout flow needs a properly associated label. Placeholder text alone does not comply.
  • PDFs: Product manuals, terms documents, and warranty PDFs linked from your store must also be accessible.

Shopify-Specific Issues

Shopify handles some accessibility automatically (basic ARIA roles, landmark structure) but leaves much to the theme and app layer. Common failures:

  • Quick-view modals that trap keyboard focus
  • App-injected widgets (review apps, chat widgets, loyalty programs) that introduce their own violations
  • Theme editor images added without alt text
  • Color swatches with no text label for screen readers

WooCommerce-Specific Issues

WooCommerce themes are even more variable. Common failures include missing skip navigation links, non-semantic heading structure on product listing pages, and checkout forms that fail keyboard navigation tests.

Return and Refund Policy Requirements

EU Consumers: 14-Day Right of Withdrawal

Under the EU Consumer Rights Directive, customers purchasing from EU-based sellers (or sellers targeting EU customers) have an unconditional 14-day right to return most goods for any reason. Your policy must:

  • State this right explicitly
  • Explain who pays return shipping
  • Describe the refund timeline (14 days from receipt of returned goods)
  • List any exceptions (perishables, custom-made items, digital downloads once accessed)

US Requirements

The FTC does not mandate a minimum return window, but it does require that your return policy be clearly disclosed before purchase. Burying it in a footer link that appears only after checkout is not sufficient. Link to your return policy from:

  • The product page
  • The cart
  • The checkout confirmation page
  • Your footer

Subscription and Recurring Billing Disclosures

If your store sells subscriptions (subscription boxes, replenishment programs, SaaS bundled with physical products), ROSCA (Restore Online Shoppers' Confidence Act) and the FTC's updated rules require:

  1. Clear and conspicuous disclosure of the recurring charge amount, frequency, and cancellation terms before the customer subscribes
  2. Explicit affirmative consent — a pre-checked "I agree to recurring billing" checkbox does not satisfy this requirement
  3. Easy cancellation — the same number of clicks to cancel as to subscribe (FTC Click-to-Cancel rule, 2024)
  4. Confirmation email with all material terms and a direct cancellation link

Platforms like Shopify and WooCommerce do not enforce these requirements by default. You must configure your subscription app and checkout copy to meet them.

FTC Junk Fee Prohibition

The FTC's Junk Fees Rule (finalized 2024) is now in effect. It prohibits:

  • Revealing mandatory fees (processing fees, convenience fees) only at the final checkout step
  • Using "drip pricing" to show a low base price and add fees progressively
  • Charging fees not disclosed before the customer initiated checkout

Your product listing price, ads, and search engine listings must reflect the total cost — or the additional fees must be disclosed immediately next to the advertised price.

Your eCommerce Compliance Checklist

ADA / Accessibility

  • All product images have meaningful alt text
  • Checkout form inputs have associated labels (not just placeholders)
  • Color is not the only way to distinguish product variants
  • All interactive elements are keyboard-accessible
  • Page has a skip navigation link for screen reader users
  • Color contrast meets 4.5:1 ratio for text elements

Legal Pages

  • Return / Refund Policy exists and is linked from product pages, cart, and checkout
  • Privacy Policy names all analytics and advertising tools
  • Terms of Service defines dispute resolution and governing law
  • If selling to EU customers: GDPR-compliant cookie consent implemented

Subscription / Recurring Billing

  • Billing amount, frequency, and next charge date clearly disclosed before subscription
  • Customer must take affirmative action to subscribe (no pre-checked boxes)
  • Self-service cancellation available in account dashboard
  • Confirmation email includes cancellation instructions

Pricing Transparency

  • All mandatory fees disclosed before checkout
  • Advertised price matches the price shown at checkout (before optional add-ons)

Run a free eCommerce compliance scan on your store →

How to Audit Your Store

ComplixAI scans your live store URL and checks for ADA violations, missing legal pages, subscription disclosure failures, and hidden fee patterns. The Business plan covers your full homepage, checkout, and up to 8 pages of your choosing — giving you a complete picture of your compliance exposure.

Start your free scan at complixai.org →

Check Your Website Now — It's Free

Scan for the issues described in this article in under 3 minutes.

Run a Free Scan →

Frequently Asked Questions

Is Shopify ADA compliant out of the box?

No. Shopify themes vary widely in accessibility. Common failures include insufficient color contrast in theme defaults, missing alt text on product images added via the theme editor, and keyboard navigation issues in quick-view modals and cart drawers. You need to audit your specific theme and customizations — not just the default Shopify platform.

Do online stores need a refund policy?

Yes. EU consumers have a statutory 14-day right of withdrawal under the Consumer Rights Directive — no exceptions for digital goods sold after 2014. In the US, the FTC requires that return policies be clearly disclosed before purchase. Without a visible return policy, you face higher chargeback rates and may lose payment processor disputes.

What does the FTC Click-to-Cancel rule require?

The FTC's 2024 Click-to-Cancel rule requires that cancellation of a subscription must be at least as easy as signing up. If a customer can subscribe online in three clicks, they must be able to cancel online in three clicks. Requiring a phone call or chat to cancel is now explicitly prohibited.

What are 'junk fees' under FTC rules?

The FTC's Junk Fees Rule (finalized 2024) prohibits businesses from disclosing fees only at checkout after the customer has invested time in the purchase process. All mandatory fees — processing fees, convenience fees, service charges — must be disclosed upfront in the advertised price or immediately next to it.

How do I check if my Shopify store is ADA compliant?

Run a ComplixAI scan on your store URL. The scan audits your live theme (including any customizations, apps, and product pages) using axe-core and checks for the 50+ WCAG 2.1 AA success criteria most commonly violated by eCommerce sites. You get a report with specific elements to fix and code examples.