Legal Services for E-Commerce Businesses in Lithuania

AT A GLANCE

EU consumer protection law is among the most protective in the world — terms and conditions, returns policies, and pre-contractual information that do not comply are unenforceable and expose the company to regulatory enforcement.
Every e-commerce website selling to EU consumers must have a GDPR-compliant privacy policy, a cookie consent mechanism, and data processing agreements with third-party service providers.
We provide fixed-fee legal services for e-commerce businesses — from terms and conditions and supplier agreements through to GDPR documentation and subscription billing compliance.
All documents are drafted specifically for Lithuanian and EU legal requirements — not adapted from UK or US templates that do not reflect the applicable law.
E-commerce legal work is available on a per-document basis or as bundled packages for a complete website launch documentation set.

Legal services for a Lithuanian e-commerce business cover the documents that govern the relationship with consumers, suppliers, and payment providers — and ensure the business complies with EU consumer law, GDPR, and the Digital Services Act. The most critical documents are terms and conditions, a returns policy, a privacy policy, cookie consent implementation, supplier agreements, and payment gateway legal review. We prepare all of these at fixed fees, in English, with Lithuanian versions where required. A complete e-commerce legal documentation package is available as a bundle for companies launching or auditing their current documentation.

The Legal Framework for E-Commerce in the EU

Selling online to EU consumers is not the same as selling offline. The legal framework that governs e-commerce transactions in the EU is substantially more protective of consumers than the rules that apply to physical retail — and it applies to every company that sells to EU consumers, regardless of where the company is based.

The EU Consumer Rights Directive — the foundation

The EU Consumer Rights Directive (2011/83/EU), implemented in Lithuania through the Law on Consumer Rights Protection, establishes the mandatory minimum legal framework for distance selling. It requires specific pre-contractual information to be provided before purchase, grants consumers a 14-day right of withdrawal from most online purchases, and imposes obligations on refund timelines and returns procedures. Terms and conditions that contradict or limit these rights are void — the statutory minimum applies regardless. Terms that are misleading, written in obscure language, or hidden behind multiple links are unenforceable under the Unfair Contract Terms Directive.

GDPR — the data dimension

Every e-commerce website that places a cookie, collects an email address, processes a payment, or records a browsing session is processing personal data of EU consumers and is subject to GDPR. The practical implications are: a privacy policy that accurately describes all data processing activities; a cookie banner that obtains valid consent before non-essential cookies are set; data processing agreements with all third-party processors (payment providers, email platforms, analytics tools); and a data breach notification procedure. GDPR enforcement against e-commerce businesses is active across the EU — fines for non-compliant cookie banners alone have reached the millions in France, Spain, and Germany.

The Digital Services Act — platform obligations

The EU Digital Services Act (DSA) applies to online intermediaries and platforms operating in the EU from February 2024. For most e-commerce businesses — those that sell their own products directly to consumers — the DSA requirements are relatively light. For marketplaces that allow third-party sellers to list products, the DSA imposes trader verification obligations, notice-and-action procedures for illegal content, and transparency reporting requirements. We advise on DSA applicability and the specific steps required for each business model.

Legal Services We Provide for E-Commerce Companies

Our e-commerce legal service covers six areas — each corresponding to a specific layer of the legal framework that governs online retail in Lithuania and the EU.

Terms and Conditions

The terms and conditions are the contract between the e-commerce business and the consumer. Under EU law, they must contain specific mandatory information, be written in plain and intelligible language, and be accessible before the consumer completes the purchase. Terms that are buried, incomplete, or written in legalese create enforceability problems — and terms that fail to include mandatory content are supplemented by the least favourable statutory default. We draft terms and conditions that are fully compliant, readable, and practically enforceable.

Company identification — full legal name, registered address, VAT number, and contact details as required by the E-Commerce Directive
Product and pricing information — clear description of goods or services, total price including VAT and delivery, and any additional charges
Order process — how the contract is formed, the order confirmation mechanism, and the conditions for acceptance or refusal
Delivery terms — estimated delivery timelines, risk of loss transfer, and what happens when delivery fails
Right of withdrawal — the 14-day right, how to exercise it, and the excluded categories where the right does not apply
Returns procedure — the practical process for returning goods, who bears return shipping costs, and refund timeline
Liability limitations — disclaimers proportionate to the product type and legally enforceable under Lithuanian law
Governing law and jurisdiction — Lithuanian law and Lithuanian courts, with EU consumer protection minimum standards preserved
Dispute resolution — reference to alternative dispute resolution mechanisms as required by EU ODR Regulation

What makes terms and conditions enforceable

Lithuanian and EU courts regularly refuse to enforce terms and conditions that: use unfair terms listed in the Annex of the Unfair Contract Terms Directive (e.g., limiting liability to an amount lower than the purchase price); are not accessible before the purchase; are presented in a font size or colour that makes them difficult to read; or that contradict the statutory minimum consumer rights. We draft terms that are commercially reasonable within the boundaries that EU law permits — not maximum protection for the seller, but maximum protection that courts will actually uphold.

Returns and Refund Policy

The returns policy is, in practice, more read by consumers than the terms and conditions. It must accurately reflect the statutory 14-day right of withdrawal and clearly communicate the practical process for returning goods. A returns policy that restricts the statutory right — for example, by imposing a 7-day return window, charging restocking fees, or requiring original packaging as a condition of return — is unenforceable, and the customer is entitled to exercise the full statutory right regardless of what the policy says.

Statutory 14-day right of withdrawal — accurately stated, with the correct start date (day of receipt for goods; day of contract for services)
How to exercise the right — a clear withdrawal form or process, contact details, and confirmation of receipt mechanism
Return shipping responsibilities — who pays for return shipping (seller bears cost for faulty goods; consumer bears cost for withdrawal returns unless seller agrees otherwise)
Refund timeline and method — 14-day refund obligation from receipt of return; refund to original payment method
Excluded products — specific categories where the withdrawal right does not apply; correctly and narrowly stated
Faulty goods procedure — separate from withdrawal; 2-year statutory guarantee under the Sale of Goods Directive
International returns — practical guidance for non-Lithuanian consumers on how to return to a Lithuanian address

Privacy Policy and GDPR Documentation

A GDPR-compliant privacy policy is a legal requirement for every e-commerce website that processes personal data of EU consumers — which means every e-commerce website without exception. The privacy policy must describe all processing activities, their legal basis, the data subjects' rights, and how to contact the data controller and any applicable supervisory authority. Cookie consent must be obtained before non-essential cookies are set. We prepare the full GDPR documentation suite for e-commerce businesses.

Privacy policy — specific to the e-commerce context; covering purchase data, email marketing, analytics, and third-party processors
Cookie policy — describing all cookies used, their purpose and duration, and the consent mechanism
Cookie consent banner implementation guidance — technical specification for GDPR-compliant consent (opt-in for non-essential; no pre-ticked boxes)
Data processing agreements (DPAs) — for payment processors, email marketing platforms, analytics tools, and shipping providers
Records of processing activities (ROPA) — internal data map required under GDPR Article 30
Data breach notification procedure — 72-hour notification to the State Data Protection Inspectorate (SDPI) when required
Data subject rights procedures — handling access, erasure, portability, and objection requests within GDPR timeframes
Email marketing consent documentation — double opt-in procedure and consent records for GDPR-compliant marketing lists

Cookie consent — what is required

Valid GDPR cookie consent requires: active opt-in (no pre-ticked boxes, no consent inferred from continued browsing); separate consent for each category of non-essential cookie (analytics, advertising, social media); the ability to refuse consent as easily as to give it; and granular consent records that can be produced on request to a supervisory authority. Cookie banners that hide the 'reject' button, use dark patterns to nudge acceptance, or bundle consent with acceptance of the terms and conditions do not constitute valid consent under GDPR. We specify the technical requirements for a compliant cookie consent implementation alongside the legal documentation.

Supplier and Manufacturer Agreements

An e-commerce business is only as reliable as its supply chain — and the legal agreements with suppliers determine what recourse the business has when goods are defective, deliveries are late, or quality standards are not met. Supplier agreements for e-commerce differ from standard commercial contracts in one important respect: the e-commerce seller has direct consumer-facing liability under the EU Sale of Goods Directive for the quality of the products it sells, regardless of who manufactured them. The supplier agreement must allocate the resulting exposure correctly.

Product quality standards — specific requirements, testing obligations, and the consequences of non-conforming goods
Delivery terms and risk transfer — Incoterms, lead times, delivery failure consequences, and risk of loss during transit
Warranty and indemnity provisions — supplier's warranty for product conformity; indemnity for consumer claims arising from defects
Intellectual property — ownership of product images, descriptions, and packaging created for the e-commerce listing
Product liability allocation — indemnification provisions for EU product liability claims arising from the supplied goods
Exclusivity and territory — restrictions on the supplier selling the same products to competitors in the same market
Minimum order quantities and pricing — flexibility provisions for scaling up or down; most-favoured customer clauses
Termination and exit — notice periods, return of unsold stock, and continuity obligations during a wind-down period

Marketplace and Platform Agreement Review

Selling through Amazon, Zalando, eBay, or other EU marketplaces means accepting their standard seller agreements — documents of 40–80 pages that are non-negotiable in their core terms but which contain provisions that many sellers do not read until they need them: suspension procedures, payment withholding rights, liability for buyer claims, and intellectual property assignment clauses. We review marketplace seller agreements, advise on the key risk provisions, and confirm what obligations the seller is taking on before they begin selling.

Amazon Seller Agreement review — identifying liability exposure, inventory forfeiture risk, and suspension appeal rights
Zalando, eBay, and other EU marketplace agreement review — key risk provisions and seller obligations
Brand registry requirements — advising on Amazon Brand Registry, trademark requirements, and counterfeit claim procedures
Marketplace FBA terms — fulfilment by Amazon legal obligations, storage fee structures, and removal order rights
Intellectual property provisions — what rights the marketplace claims to product images, content, and reviews
Suspension and reinstatement — understanding the grounds for account suspension and the appeal process
Payment withholding provisions — conditions under which the marketplace can withhold seller payments

Subscription Billing and Digital Product Compliance

E-commerce businesses that sell subscription products — recurring billing, SaaS, digital content, membership programmes — face additional legal requirements beyond standard one-off purchase terms. EU consumer law imposes specific obligations on subscription contracts: clear disclosure of the recurring nature, the billing interval, and how to cancel. Automatic renewal clauses must be separately highlighted. We draft subscription terms that comply with EU consumer protection requirements while remaining commercially operable.

Subscription terms — clear disclosure of the recurring nature, billing frequency, and total cost over the subscription period
Automatic renewal provisions — compliant with EU requirements for separate prominent disclosure of auto-renewal
Cancellation procedure — how the consumer exercises the right to cancel; the 14-day withdrawal right for subscription services
Digital content terms — terms for digital downloads, streaming access, or app subscriptions; withdrawal right waiver mechanism
Free trial terms — conditions of the free period, automatic conversion mechanism, and consumer notification obligations
Price increase provisions — advance notice requirements and the consumer's right to terminate if price increases
Payment failure handling — what happens when a recurring payment fails; retry logic and service suspension

EU Consumer Law Requirements: What Must Be on Your Website

The following table summarises the mandatory disclosures required by EU consumer law for an e-commerce website. These requirements apply to every sale to an EU consumer — failure to include them makes the contract unenforceable in specific ways or extends the consumer’s withdrawal right up to 12 months.

Requirement	Legal Basis	Consequence of Non-Compliance
Seller’s full legal name and registered address	E-Commerce Directive / CRD	Consumer may void contract; regulatory action by consumer protection authority
Total price including VAT and all additional charges before purchase	Consumer Rights Directive	Consumer not bound by any charges not disclosed before purchase
Estimated delivery date or period	Consumer Rights Directive	Consumer can terminate contract if delivery does not occur within 30 days
14-day right of withdrawal — statement and withdrawal form	Consumer Rights Directive	Withdrawal period extended to 12 months if information not provided
Exclusions from the right of withdrawal — clearly stated	Consumer Rights Directive	Cannot rely on exclusion if not clearly disclosed before purchase
2-year statutory guarantee for goods	Sale of Goods Directive	Consumer entitled to repair, replacement, or refund regardless of what T&Cs say
Payment confirmation mechanism before order	Consumer Rights Directive	Consumer not bound by order if ‘order with obligation to pay’ is not clear
Alternative dispute resolution information	ODR Regulation	Fine from consumer protection authority for non-compliance
Privacy policy and cookie consent	GDPR	Fines up to 4% of global annual revenue; enforcement active across EU
Contact details for queries and complaints	E-Commerce Directive	Regulatory enforcement; consumer disputes more likely to escalate

Legal Services Pricing for E-Commerce

Defined e-commerce legal engagements are priced at fixed fees. Complex or bespoke work — multi-jurisdiction compliance reviews, platform-specific legal audits, and custom supplier framework agreements — is quoted on request after an initial scoping call.

Service	Price
Terms and conditions — standard e-commerce Full B2C terms compliant with EU Consumer Rights Directive; English + Lithuanian	€700
Terms and conditions — subscription / recurring billing Includes auto-renewal disclosure, cancellation procedure, and digital content provisions	€850
Returns and refund policy 14-day withdrawal right; faulty goods procedure; international returns	€350
Pre-contractual information disclosure page Stand-alone disclosure page for mandatory CRD pre-contractual information	€300
Privacy policy (e-commerce) Covers purchase data, email marketing, analytics, and all third-party processors	€450
Cookie policy + consent banner specification Policy + technical spec for GDPR-compliant consent implementation	€350
Data processing agreement (DPA) template Master DPA for use with payment processors, email platforms, and analytics tools	€350
Full GDPR documentation package Privacy policy + cookie policy + DPA template + data breach procedure — bundled	€1,100
Email marketing consent documentation Double opt-in procedure and consent record template for GDPR-compliant lists	€250
Standard supplier / manufacturer agreement Product quality, delivery, warranty, IP, and liability; English	€600
Dropshipping agreement Supplier direct-to-consumer fulfilment; liability allocation and IP ownership	€550
Marketplace seller agreement review Amazon, Zalando, eBay — key risk provision analysis and written summary	€400
Brand distribution / exclusivity agreement Exclusive distribution in specific territory; brand standards and minimum purchases	On request
Digital product terms (downloads, software, streaming) Including withdrawal right waiver mechanism for digital content	€500
Free trial conversion terms Trial period conditions, automatic conversion, and consumer notification	€300
E-commerce website launch package (T&Cs + Returns + Privacy + Cookie policy + DPA) Five core documents for a compliant EU e-commerce website launch — saving of €450 vs. individual prices	€1,800
Ongoing legal retainer Monthly advisory covering regulatory changes, new supplier agreements, and ad hoc legal queries	On request

Website launch package — what’s includedThe €1,800 e-commerce website launch package covers the five documents every EU-compliant e-commerce website needs from day one: full terms and conditions (B2C, English + Lithuanian), a returns and refund policy, a GDPR-compliant privacy policy, a cookie policy with consent banner specification, and a master data processing agreement template for third-party processors. Commissioning these separately costs €2,250. The package saves €450 and ensures all five documents are internally consistent — referencing the same legal entities, the same contact details, and the same processes.

Frequently Asked Questions

Free template generators produce documents that satisfy the surface requirement of having terms and conditions — but they typically do not comply with Lithuanian and EU law in their specific requirements. Most are written for UK or US law, reference consumer rights frameworks that do not apply in Lithuania, omit mandatory EU pre-contractual information disclosures, and use unfair terms that are void under the Unfair Contract Terms Directive. The practical consequence is not just that the terms are non-compliant — it is that they do not actually protect the seller in the situations where terms and conditions matter: when a consumer disputes a charge, refuses to return goods properly, or claims a refund the seller believes they are not entitled to. We draft terms that are both compliant and commercially protective within the limits EU law allows.

Terms and conditions for a Lithuanian-registered e-commerce business must be accessible in Lithuanian to Lithuanian consumers — this is a requirement under Lithuanian consumer protection law. For businesses selling primarily to international consumers in English, providing terms in English is generally acceptable for non-Lithuanian consumers. The most practical approach is to publish the terms in both English and Lithuanian, with the Lithuanian version being the legally controlling version for Lithuanian consumers. We provide terms in both languages as standard.

The 14-day right of withdrawal is a statutory minimum right granted to every EU consumer who purchases goods or digital services online. The consumer can withdraw from the contract within 14 days of receiving the goods without giving any reason and without penalty — the seller must refund the full purchase price, including original delivery costs, within 14 days of receiving the returned goods. This right cannot be limited, reduced, or made conditional. However, it does not apply to certain product categories: goods made to the consumer’s specification, perishable goods, sealed audio/video recordings once unsealed, digital content downloaded with express consent and acknowledgement, and accommodation or travel bookings for specific dates. These exclusions must be clearly disclosed before purchase.

Yes. GDPR applies to all personal data — any information that identifies or can identify a living individual. Names and email addresses are personal data. So is a delivery address, an IP address logged by your website analytics, a cookie identifier, or a purchase history associated with an account. There is no de minimis threshold for the volume or sensitivity of data below which GDPR does not apply. The obligations — privacy policy, lawful basis for processing, data subject rights, processor agreements — apply from the first data point collected.

The right of withdrawal applies to digital content delivered online, but it can be waived by the consumer before the download begins — provided specific conditions are met. The consumer must expressly consent to the download beginning before the 14-day period expires and acknowledge that they are waiving their right of withdrawal. If these conditions are satisfied correctly, the consumer loses the right of withdrawal once the download starts. If not — if the waiver is not explicit, if it is bundled into the general terms acceptance, or if the download begins without the consumer’s express request — the withdrawal right applies and the consumer can return the product and demand a refund. We draft the waiver mechanism into the checkout flow specification as part of the digital product terms.

For a standard e-commerce business that sells its own products directly to consumers, the Digital Services Act obligations are relatively limited — primarily the requirement to have accessible complaint handling procedures and to cooperate with competent authorities on illegal content notices. More significant DSA obligations apply to ‘online platforms’ — businesses that allow third-party sellers to offer products or services on their platform. If you operate a marketplace where third parties list and sell products, you must implement trader verification, maintain a register of illegal content notices, and publish transparency reports. We advise on DSA applicability and the specific steps required for each business model.

Legal documents for e-commerce businesses require review when: the law changes (EU consumer protection law, GDPR implementing guidance, DSA); your business model changes (adding subscription products, launching in a new country, switching payment providers); or a regulatory authority issues guidance that affects your practices. At a minimum, we recommend an annual review of all consumer-facing and GDPR documentation. For e-commerce businesses on our legal retainer, we proactively flag when a regulatory change requires a document update and handle the revision. For standalone engagement clients, we provide an annual document review service at a fixed fee per document.

Ready to get your e-commerce legal documentation in order?

Contact us to discuss your website, product categories, and target markets. We will confirm which documents are required, provide fixed-fee quotes, and begin drafting within 24 hours of your instruction. The e-commerce website launch package — five core documents — is available at €1,800.