Marketing Law in the UK: Key Rules and Compliance Tips

Smart marketing can put your business on the map. But if your ads, emails or social posts don’t follow UK marketing law, you could face complaints, fines or reputational damage.

The good news? With a bit of structure and the right legal foundations, you can promote your products confidently and stay compliant from day one.

In this guide, we’ll unpack the key UK marketing laws that affect small businesses, common pitfalls to avoid, and the contracts, policies and processes that will keep your campaigns compliant as you grow.

What Is “Marketing Law” And Why Does It Matter?

Marketing law is the set of rules that governs how you promote your business and communicate with customers. It covers everything from what you can say in an advert to how you collect email addresses, run promotions, work with influencers and use customer data.

For small businesses, the key aims of marketing law are simple:

• Don’t mislead customers (on price, performance, or savings).
• Treat customers fairly and avoid aggressive tactics.
• Respect privacy rules when sending emails, texts or using cookies.
• Be transparent about paid promotions and endorsements.
• Protect your brand and respect others’ intellectual property.

Following these rules isn’t just about avoiding ASA (Advertising Standards Authority) rulings or regulator action. It builds trust. Clear, honest, compliant marketing tends to convert better and reduces disputes and chargebacks. Think of compliance as a growth enabler, not a blocker.

Key UK Laws And Codes That Affect Your Marketing

Several laws and industry codes work together to regulate marketing in the UK. Here are the core ones to have on your radar.

Consumer Protection And Advertising Rules

• Consumer Protection from Unfair Trading Regulations 2008 (CPRs): Prohibits misleading actions/omissions and aggressive sales practices. Claims must be accurate and not likely to deceive the average consumer.
• Business Protection from Misleading Marketing Regulations 2008 (BPRs): Similar protections in B2B contexts, especially for comparative advertising.
• CAP and BCAP Codes (ASA): The rulebooks for non-broadcast and broadcast advertising. They cover substantiation of claims, pricing statements, promotions, endorsements and “#ad” labelling.
• Competition and Markets Authority (CMA): Enforces fair trading, including the Green Claims Code for environmental marketing and rules for pricing and promotions.

If you’re selling to consumers, you must also follow general consumer law (e.g. refund and cancellation rights, fair terms, and clear pre-contract information).

Data And Privacy Rules

• UK GDPR and the Data Protection Act 2018: Govern how you collect and use personal data (e.g. names, emails, behavioural data). You need a lawful basis, transparency, and appropriate security.
• Privacy and Electronic Communications Regulations 2003 (PECR): Specific rules for electronic marketing (email/SMS), cookies and similar technologies.

If you send newsletters or run ad retargeting, you’ll interact with both UK GDPR and PECR. We break down email compliance below.

Pricing, Claims And Sales

• Price Marking Order 2004: Prices must be clear and unambiguous.
• CAP Code pricing rules: “Was/now” and savings claims require a genuine, recent reference price and evidence.
• Consumer Contracts Regulations 2013: Pre-contract information and cancellation rights for distance selling.

Equality, IP And Sector-Specific Rules

• Equality Act 2010: Marketing must avoid discriminatory content.
• Trade Marks Act 1994 and copyright law: Don’t use third-party logos, images, videos or music without permission or a licence.
• Sector rules: Alcohol, financial services, health/medical claims, and promotions to children have stricter standards.

It can feel like a lot, but you don’t need to become an expert overnight. The sections below translate these rules into practical actions for your day-to-day marketing.

Email, SMS, Cookies And Retargeting: What Do I Need To Do?

Most compliance issues we see arise in three areas: email and SMS marketing, cookie use, and ad retargeting. Here’s how to stay on the right side of the rules.

Email And SMS Marketing (PECR + UK GDPR)

For unsolicited marketing emails or texts to individuals, you generally need prior consent that meets UK GDPR standards. There’s a narrow “soft opt-in” for your own similar products/services if you collected the contact details during a sale (or sale negotiations) and offered an opt-out at the time and in every subsequent message.

If you rely on consent, it must be freely given, specific, informed and unambiguous (no pre-ticked boxes). Keep records of when, how and what exactly someone consented to.

• Always identify your business clearly in the message.
• Include an easy, free opt-out in every communication.
• Keep your contact lists clean and promptly honour opt-outs.
• Have a lawful basis under UK GDPR (consent or, in limited cases, legitimate interests supported by a balancing test).

For a deeper dive on rules and exceptions, see our guide to email marketing laws and how the soft opt-in works in practice.

Cookie Notices And Ad Retargeting

Non-essential cookies (analytics, personalisation, advertising) require consent under PECR before they’re set. That means a compliant banner that blocks non-essential cookies until the user chooses to accept them. “By continuing to use this site you agree…” banners and pre-ticked options won’t cut it.

• Provide granular choices (e.g. “Accept All”, “Reject Non-Essential”, and “Manage Preferences”).
• Offer clear, plain-English explanations of each cookie type and purpose.
• Log the user’s consent, and honour it across pages and visits for a reasonable period.
• Update your policies when you add new trackers or vendors (e.g. a new analytics tool).

If you’re unsure whether your pop-up is compliant, our practical guide to cookie banners explains what regulators and the ICO expect to see. You should also maintain a clear, accessible Privacy Policy that sets out how you collect and use personal data.

Advertising Claims, Promotions And Websites: Common Legal Traps

Most ASA rulings stem from familiar mistakes. Use this checklist to sense-check your campaigns before they go live.

Pricing Statements And “Was/Now” Claims

• Reference prices must be genuine. If you say “was £50, now £30,” the item should have been sold at £50 recently and for a meaningful period.
• Include all unavoidable fees in the headline price (or disclose them prominently). Hidden charges can be misleading.
• Use “from” and “up to” responsibly. The proportion of products at the headline price should be significant, not token.

Performance And Superiority Claims

• Substantiate all objective claims. Have evidence ready for “fastest,” “lasts 2x longer,” or “number 1” statements.
• Comparative ads must compare like for like, be verifiable, and not denigrate competitors unfairly.

Environmental (“Green”) Claims

• Avoid vague terms like “eco-friendly” unless you can explain what you mean and prove it.
• Don’t cherry-pick benefits. Present the full lifecycle impact where relevant (e.g. recyclability versus energy-intensive production).

Promotions, Discounts And Competitions

• Publish full terms and conditions for promotions before they start. Cover start/end dates, eligibility, prize details, selection method and how to claim.
• Manage stock and staff so you can meet demand. If you run out, say so clearly and fairly.
• Keep selection processes transparent and auditable for prize draws.

For a practical overview of the most frequent issues and how to avoid them, we’ve summarised the pitfalls of false advertising under UK rules.

Working With Agencies, Creators And Affiliates

If you use agencies, creators or affiliates, you’re still responsible for what’s said about your brand. Contracts and briefing are your first line of defence.

Influencers And Creators

• Disclosure: Paid or incentivised content must be clearly labelled (e.g. “Ad” or “#ad”) and must be obvious at a glance. Gifted items, affiliate links and discount codes may trigger disclosure obligations.
• Substantiation: Influencers must only make claims they can prove. Provide them with approved copy and clear do/don’t lists.
• Usage rights: Agree who owns the content and how you can use it (e.g. whitelisting, paid ads, duration, platforms, territorial scope).
• Compliance and indemnities: Include warranties that posts will comply with law and the CAP Code, with remedies if they don’t.

If social campaigns are core to your strategy, read our practical guide to influencer marketing and make sure your creator contracts reflect these requirements.

Agencies, Affiliates And Lead Generators

• Scope and KPIs: Be specific about deliverables, channels and performance metrics.
• Compliance: Require adherence to ASA/CAP rules, privacy laws and platform terms. You’re the advertiser, so you carry risk.
• Data sharing: If customer data will be processed, set out roles (controller/processor), lawful basis, and security standards. Include a data processing schedule if needed.
• Payment and clawbacks: Consider clawbacks for low-quality leads, invalid traffic or non-compliant activity.

Protecting Your Brand And Reducing Disputes

Good marketing goes hand-in-hand with brand protection and tidy paperwork. A few proactive steps will prevent common headaches.

Trade Marks, Copyright And Third-Party Content

• Register your brand name and logo as trade marks to deter copycats and secure enforceable rights.
• Use licensed images, fonts, sound and video. Keep proof of licences or supplier warranties.
• If you commission creative work (logos, photos, videos), ensure ownership transfers to you in writing or you receive a broad, perpetual licence.

Website And Sales Journey

• Be transparent about pricing, delivery, returns, auto-renewals and cancellations. Don’t hide key terms deep in footers.
• Display key pre-contract information for online sales (e.g. features, total price, delivery charges, right to cancel where applicable).
• Use clear checkouts with no dark patterns that nudge customers into unwanted purchases.

Internal Processes And Training

• Sign-off workflow: Have a simple checklist for claim substantiation, pricing checks and legal review for higher-risk campaigns.
• Evidence files: Keep substantiation documents (tests, surveys, supplier assurances) organised for quick access if challenged.
• Incident response: Decide how you’ll handle an ASA complaint, negative press or a data incident-who leads, timelines, and comms.

Essential Legal Documents For Marketing Teams

Templates you find online won’t reflect your channels, risk profile, or data flows. Having tailored documents will save time and protect your business if something goes wrong.

• Marketing/Services Agreement: Sets deliverables, timelines, IP ownership, confidentiality, compliance warranties and indemnities.
• Influencer/Creator Agreement: Covers disclosure obligations, content approvals, usage rights, exclusivity, fees and take-downs.
• Affiliate Terms: Clarify acceptable promotion methods, brand guidelines, commission logic, cookies, and quality thresholds.
• Data Processing Agreement/Schedule: Required when a supplier processes personal data for you-defines roles, security and sub-processing.
• Website Terms and Conditions: Cover acceptable use, user-generated content, liability caps and IP notices.
• Privacy and Cookies Documentation: Keep your Privacy Policy up to date, and ensure your cookie notices match what your site actually uses.

If you’re building your channel mix around newsletters and social, it’s worth reviewing your approach to email marketing laws, soft opt-in practices and creator collaboration rules in one sitting so your documents align end-to-end.

A Step-By-Step Compliance Checklist For Your Next Campaign

1) Plan Your Claims

• List every objective claim (savings, performance, “#1”, sustainability) and attach the evidence you’ll rely on.
• Sense-check competitor or “market-leading” comparisons for fairness and verifiability.

2) Check Your Pricing And Offers

• Confirm reference prices and savings are genuine and recent. Avoid small-print caveats that undermine the headline impression.
• Write clear terms for discounts, time limits, bundles and stock limitations.

3) Confirm Privacy And Cookie Compliance

• Decide your lawful basis for emails/SMS. If using soft opt-in, ensure eligibility and opt-outs are in place.
• Test your cookie banner and preference centre. Non-essential cookies should not fire before consent.

4) Review Creative For CAP/ASA Rules

• Keep endorsements authentic and labelled. Avoid irresponsible content (e.g. unsafe practices, unverified health claims).
• Use accessible, non-discriminatory language and imagery.

5) Contract And Brief Your Partners

• Issue written agreements to agencies, affiliates and creators with compliance obligations and clear deliverables.
• Provide a brand and claims guide-what’s allowed, substantiation, and any restricted statements.

6) Launch And Monitor

• Monitor comments and user-generated content; remove unlawful or infringing material quickly.
• Track complaints and unsubscribe rates; be ready to tweak copy or targeting if concerns arise.

7) Post-Campaign Audit

• Archive landing pages, creative, metrics and evidence packs. This helps with ASA queries and future learning.
• Update policies or processes based on what you learned.

Frequently Asked Questions About Marketing Law (Quick Answers)

Do I Need Consent To Send Marketing Emails?

Usually yes-unless you meet PECR’s “soft opt-in” criteria for your own similar products and provide an easy opt-out in every message. Always keep records of consent and opt-outs.

Can I Use Competitor Names In Ads?

Comparative ads are allowed if they’re objective, verifiable and not misleading or denigratory. Avoid using a competitor’s logo or trade mark without permission.

What Counts As “Misleading” Pricing?

Anything likely to deceive a typical customer about total cost, savings, or the nature of the offer. Reference prices must be genuine and recent, and unavoidable fees should be included or made prominent.

Do Influencers Have To Use “#ad”?

Yes, where content is paid for or otherwise incentivised by you. The disclosure must be clear and upfront-burying it at the end of a caption or using ambiguous tags is unlikely to be sufficient.

Can I Retarget Visitors Without Consent?

Not for non-essential cookies or similar tracking. PECR requires consent before setting most advertising cookies. Use a compliant banner and preference tools, and respect choices.

Key Takeaways

• Build your marketing on clear, honest claims you can prove-UK rules prohibit misleading or aggressive tactics and the ASA enforces the CAP Code.
• If you market to consumers, you must follow core consumer law and present pricing, promotions and key terms clearly across your site and ads.
• Email and SMS campaigns need a lawful basis under PECR and UK GDPR. Understand the rules around consent and the soft opt-in, and always provide a simple opt-out.
• Get your cookie consent right. Use a proper banner that blocks non-essential cookies until acceptance and keep your Privacy Policy and notices up to date.
• When working with creators or affiliates, use clear contracts and ensure transparent labelling of sponsored content-our overview of influencer marketing sets out best practice.
• Watch out for pricing and claim pitfalls. Our guide to false advertising explains how to keep offers and comparisons compliant.
• A few tailored documents-services agreements, creator contracts, website terms, and compliant cookie and privacy notices-will protect your business as you scale campaigns.

If you’d like help reviewing your marketing, setting up compliant policies, or drafting agreements for agencies and creators, you can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no-obligations chat.