International e-commerce is the online sale of goods or services to customers in other countries. At Musch Legal, we assist Dutch webshops with their rollout into EU countries. E-commerce touches upon consumer law, VAT, DSA, GDPR, and payment regulations simultaneously. Those who expand without structure face mandatory local rules that override the original terms and conditions — often resulting in fines.

What is the legal issue? (What is different about cross-border e-commerce?)

International e-commerce requires compliance with the consumer law of the country where the consumer resides. Under Article 6 of Rome I, the consumer law of the country of residence applies mandatorily, regardless of choice of law. VAT obligations vary by country, simplified via the OSS scheme. GDPR applies to all data transfers. DSA imposes transparency requirements on platforms and larger webshops. Plus customs, geo-blocking, and local language requirements.

What does the law say? (Which rules apply?)

Consumer law: Directive 2011/83/EU enshrined in Article 6:230g et seq. of the Dutch Civil Code (consumer rights); 14-day withdrawal period under Article 6:230o of the Dutch Civil Code. Geo-blocking: Regulation (EU) 2018/302 prohibits unjustified geo-blocking within the EU. VAT: One Stop Shop scheme since 1 July 2021 under Regulation 904/2010 simplifies B2C declarations. DSA: Regulation (EU) 2022/2065 since 17 February 2024. GDPR for data.

For digital content and services: Directive (EU) 2019/770, in the Netherlands Articles 7:50aa et seq. of the Dutch Civil Code.

Subject matter

Legislation

Core obligation

Consumer rights

Directive 2011/83/EU + Art 6:230g of the Dutch Civil Code

14-day right of withdrawal

Geo-blocking

Regulation 2018/302

Prohibition unjustified discrimination

VAT B2C

OSS scheme since 1 July 2021

Single EU return above 10,000 euro threshold

DSA

Regulation 2022/2065 since 2024

Transparency, notice-and-action

GDPR

Regulation 2016/679

Privacy compliance + cookies

Subject

Legislation

Core obligation

Consumer rights

Directive 2011/83/EU + Art 6:230g Dutch Civil Code

14-day right of withdrawal

Geo-blocking

Regulation 2018/302

Prohibition of unjustified discrimination

VAT B2C

OSS scheme since 1 July 2021

Single EU return above the 10,000 euro threshold

DSA

Regulation 2022/2065 since 2024

Transparency, notice-and-action

GDPR

Regulation 2016/679

Privacy compliance + cookies

What risks do companies face? (What goes wrong online?)

Non-compliance with consumer rights leads to fines imposed by authorities (ACM in the Netherlands, similar in other EU countries). VAT negligence leads to additional assessments plus fines. DSA violations run up to 6 percent of turnover under Section 74 DSA. GDPR fines up to 4 percent. Reputational damage from negative reviews or consumer complaints. Additional DSA requirements for large platforms (VLOP).

Practical example from our practice (How did we scale webshop to 8 EU countries?)

Musch Legal assisted a Dutch webshop with its rollout to 8 EU countries. We drafted locally compliant terms and conditions (translation, 14-day right of withdrawal, GDPR), registered OSS for VAT reporting, and implemented DSA-compliant complaint handling and geo-blocking compliance. Total setup €35,000 versus estimated €120,000 with a segregated country approach. The client avoids regulatory fines and significantly accelerates time-to-market.

What can you do? (What steps do you take?)

Align terms and conditions with consumer law per country (Netherlands: 14-day right of withdrawal, no return costs over €50). Register OSS for VAT reporting above the €10,000 threshold via the Tax and Customs Administration. Implement DSA-compliant complaint handling and transparency. For cookies and marketing: GDPR-compliant consent banners. Assess product safety (CE, REACH). Engage Musch Legal for an e-commerce compliance package.

GDPR and international data transfer

When are general terms and conditions internationally valid?

SaaS agreements: legal considerations