1. Compliances and registration for all NPs providing services and gift cards
A. Consumer Protection Act and the rules/ guidelines issued thereunder
1.1 Compliances under E-commerce Rules
All e-commerce entities must comply with the E-Commerce Rules, including:
Nodal Officer: Appoint a nodal officer or alternate senior functionary residing in India.
Information Disclosure: Clearly and prominently display on its platform:
Legal Name
Principal and branch addresses
Name and details of the website
Contract information of customer care and grievance officer.
Grievance Redressal: Set up a grievance mechanism and appoint a grievance officer. Display their name, contact, and designation of such officer on its platform. Grievances must be acknowledged in 48 hours and resolved within 1 month.
Imported Goods: If offering imported goods/services, mention importer details.
Cancellation Charges: No cancellation charges unless the platform bears similar charges if they cancel the purchase order unilaterally.
Consent: Obtain a consumer’s consent for any purchase through explicit and affirmative action.
Refunds: Process refunds as prescribed under applicable law.
Obligations for Marketplace E-Commerce Entities
Marketplace entities must additionally:
Seller Undertaking: Require sellers through an undertaking to ensure that descriptions, images, and other content pertaining to goods or services on their platform is accurate and corresponds directly with features of such goods or services.
Differentiated Treatment: Include in terms and conditions, a description of any differentiated treatment which it gives or might give between goods or services or sellers of the same category.
Disclosures: Display all required information including that may be required by consumers to make informed choices: contractual terms, mandatory notices, expiry, seller/importer details, country of origin, return/exchange/refund/delivery terms, warranties, payment modes, grievance mechanism.
Seller Details: Show seller name, registration status, address, customer care number, and ratings, if any.
Complaint Tracking: Provide ticket numbers to track complaints.
Ranking Parameters: Explain in plain language the key parameters affecting product/seller rankings.
Obligations for Inventory E-Commerce Entities
Inventory-based entities must:
No False Representation: Not misrepresent themselves as consumers.
Return and Refunds: Must not deny return, refund, or cancellation if goods/services are defective, deficient, spurious, or delivered late.
Disclosures: Same disclosure obligations as marketplaces.
Price Transparency: Show total price as a single figure, with breakup and applicable taxes.
Complaint Tracking: Provide ticket numbers for consumer complaints that enables consumers to track status of their complaint.
Obligations for Sellers on Marketplaces
Sellers on marketplaces must:
No Fake Reviews: Not falsely pose as consumers or post fake reviews.
Return and Refunds: Must not deny return, refund, or cancellation for defective, deficient, spurious, or delayed goods/services.
Written Contract: Must have a prior written contract with the platform and share details (name, address, GSTIN, PAN, website).
Grievance Officer: Appoint and display grievance officer's name and contact. Acknowledge complaints in 48 hours, resolve within 1 month.
Disclosures: Display all legally required info (e.g., expiry date, seller/importer details, country of origin, return/exchange/delivery terms, warranties).
Price Transparency: Show total price and breakup with all charges and taxes.
Grievance Officer Info: Display name, contact number, and designation.
Annexure E details compliances required under the E-Commerce Rules.
1.2 Guidelines on Misleading Advertisements
As per the Guidelines, advertisement is valid and not misleading if it:
Is truthful and honest in its representation.
Does not exaggerate the product’s performance, accuracy, scientific basis, or usefulness.
Does not mislead by presenting legal consumer rights as unique benefits offered by the advertiser.
Does not claim universal acceptance of a claim where significant scientific or expert disagreement exists.
Does not exploit fear, i.e., doesn’t suggest that personal or family safety is at risk if the product is not purchased.
Does not mislead by citing publications or sources that haven’t been independently verified.
Complies with all applicable sector-specific laws and regulations.
In addition, the Guidelines also details conditions for bait advertisements, surrogate advertisements, free claims advertisements, and child targeted advertisements among others.
Please refer to Annexure F for the compliances to be followed under these guidelines by an entity advertising goods or services offered by it to consumers. The Guidelines are available here: https://consumeraffairs.nic.in/acts-and-rules/consumer-protection
1.3 Guidelines on Dark Patterns
An entity advertising goods or services offered by it to consumers must comply with the Guidelines on Dark Patterns. The Guidelines defines Dark Patterns to mean any practices or deceptive design pattern using user interface or user experience interactions on any platform that is designed to mislead or trick users to do something they originally did not intend or want to do, by subverting or impairing the consumer autonomy, decision making or choice, amounting to misleading advertisement or unfair trade practice or violation of consumer rights. The Guidelines prohibits any person, including any platform, from engaging in any dark pattern practice. The Guidelines are available here: https://consumeraffairs.nic.in/acts-and-rules/consumer-protection
1.4 Greenwashing Guidelines
Please refer to Annexure G for the compliances to be followed under these guidelines by an entity advertising goods or services offered by it to consumers.
B. Data protection laws
The IT Act read with the SPDI Rules are the primary legislations in India governing data privacy and protection on a sector-neutral basis. To the extent the NPs will collect/handle personal data falling under the category of SPDI, it is required to be compliant with the obligations specified under the SPDI Rules. A summary of the key obligations under the SPDI Rules of an entity, inter alia, for collecting, processing and transferring of SPDI, has been set out in Annexure H.
Please note that once the DPDP Act is enforced, all entities collecting, handling, or processing personal data will be required to comply with the obligations prescribed under the DPDP Act.
C. Compliance with IT Rules
An intermediary as defined under Section 2(w) of the IT Act, with respect to an electronic record, means any person who “receives, stores or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web-hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes”. To the extent, the NP qualifies as an intermediary, it will be required to implement the due diligence obligations (depending on the category of intermediary) as has been set out in Annexure I, if it seeks to avail the exemption from liability in accordance with Section 79 of the IT Act.
2. Compliances and registration for sellers of gift cards
A. Compliance with PPI
1.1 Licensing or registration requirement
Banks and authorised non-bank Prepaid Payment Instrument (“PPI”) issuers may issue PPIs, including in the nature of gift cards.
(i) Approval for banks – Banks that comply with the eligibility requirements prescribed under the Master Directions on PPIs, issued by the RBI dated 27 August 2021 (“PPI Master Directions”) may issue gift card PPIs after obtaining approval from the RBI under the Payment and Settlement Systems Act, 2007 (“PSS Act”).
(ii) Authorisation for non-bank PPI issuers – Non-bank entities are required to obtain authorisation from the RBI to operate as a PPI issuer (and thereby a payment system operator) under the PSS Act.
1.2 Compliance in relation to issuance of gift PPIs
The PPI Master Directions are applicable to all bank and non-bank PPI issuers. It prescribed various compliances, in relation to eligibility requirements; safeguards against money laundering; issuance, loading and reloading of the PPI; co-branding of PPIs; interoperability; validity and redemption; customer protection and grievance redressal, etc. Please refer to Annexure Q for compliances in relation to the PPI Master Directions.
Gift PPIs in specific are subject to certain additional compliance requirements, which have been detailed in Para 1.5 of Annexure Q.