KG LEGAL \ INFO
BLOG

Is Your Online Store Ready for the New Era of Control? A Practical Guide to E-Commerce Responsibilities in 2026

Publication date: July 07, 2026

Just a few years ago, online store owners primarily had to ensure terms and conditions, privacy policies, and efficient order processing. Today, this is clearly not enough. EU regulations such as the Omnibus Directive and the Digital Services Act (DSA), as well as the increasing role of artificial intelligence in assessing store credibility, force businesses to consider their platforms much more broadly. It is no longer just about regulatory compliance, but also about building digital trust, which influences a store’s visibility, legal security, and customer purchasing decisions. Below, we present a practical checklist of the most important actions to implement to reduce the risk of sanctions and increase the credibility of an online store.

Practical guidelines for online store owners

I.            Avoiding UOKiK fines and compliance with the Omnibus Directive

a. Implement transactional verification: You should configure your feedback system so that each review you post is technically linked to the unique order number and email address of the customer who actually completed the purchase.

b. Updating the content of the regulations: In the “Rules for publishing opinions” section, the verification procedure should be described in detail, whether all opinions (including critical ones) are published and how the average product rating is calculated.

c. Transparent labeling: Each review should have a clear status indication (e.g., “Purchase confirmed”). If a benefit is provided in exchange for reviews (e.g., a discount code), this information must be clearly and prominently displayed within the review text.

d. Lowest price mechanism: In accordance with the requirements of price transparency, each discount must display the lowest price of the product that was valid in the 30 days prior to the introduction of the discount.

Legal basis: Act of 30 May 2014 on consumer rights ( Journal of Laws of 2024, item 1796, as amended); Directive (EU) 2019/2161 of the European Parliament and of the Council of 27 November 2019 amending Council Directive 93/13/EEC and Directives 98/6/EC, 2005/29/EC and 2011/83/EU of the European Parliament and of the Council as regards the better enforcement and modernisation of Union consumer protection rules (OJ EU L 328 of 2019, No. 328, p. 7, as amended); Act of 23 August 2007 on counteracting unfair market practices ( i.e. Journal of Laws of 2023, item 845).

II.            Ensuring compliance with the Digital Services Act (DSA)

a. Implementing a “report content” mechanism: Every review or user-generated content must have an easily accessible button to report suspected illegality or manipulation of the content.

b. Procedure for justifying decisions: In the event of deletion of an opinion or blocking of a user account, the platform is obliged to send the author a detailed justification indicating a specific violation of the regulations or legal provisions.

c. Internal Complaints Process: Users must be able to appeal moderation decisions for a period of at least 6 months from the date the platform takes action.

d. Designation of a contact point: The entrepreneur must designate an electronic contact point for supervisory authorities and users, enabling efficient communication on matters relating to digital security.

Legal basis: Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L 277, 2022, No. 277, p. 1, as amended), in particular Articles 16, 17 and 20.

III.            Reducing the risk of “algorithmic exclusion”

a. Design Patterns (UX) Audit: Eliminate so-called dark patterns, such as asymmetric selector buttons, hard-to-close pop-ups, or mechanisms that make it difficult to unsubscribe. Supervisory algorithms treat such practices as signals of poor interface quality.

b. Data Certification for AI: Ensure structured review data is provided, allowing shopping assistants and crawlers to properly verify the “digital provenance” of the data.

c. Filtering synthetically generated content: It is worth implementing tools that monitor review language for bot-like patterns (unnatural correctness, lack of detail) to avoid indexing false enthusiasm that results in lower trust rankings.

Legal basis: REGULATION (EU) 2022/2065 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L 277, 2022, p. 1, as amended) – Article 25 (prohibition of deceptive interfaces)

IV.            Proper management of data and opinions (CaaS model)

a. Digital Audit Trail: It is recommended to store logs containing transaction metadata related to opinions for a period enabling verification of data reliability (e.g. 12-24 months).

b. Active mediation systems: Instead of deleting negative feedback, use complaint management systems that document the process of resolving customer disputes. Resolving a problem is treated by ranking systems as evidence of high-quality service.

c.       “Know Your Business Customer” principle: When running a marketplace model, it is essential to verify the identity of sellers before allowing them to offer goods, collecting registration numbers and contact details.

Legal basis: REGULATION (EU) 2022/2065 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Act) (OJ EU L of 2022, No. 277, p. 1, as amended) – Article 30; Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ EU L of 2016, No. 119, p. 1, as amended).

 

UP