Which product safety and labelling rules must marketplace sellers follow?
Marketplace sellers must ensure every product they list meets the safety standards and labelling requirements of the country where it is sold. In the EU, this means compliance with the General Product Safety Regulation (GPSR), which came into full effect in 2024 and places direct obligations on sellers, not just manufacturers. Products must be safe, traceable, and correctly labelled before they reach consumers.
Practically speaking, this covers several areas:
- CE marking for product categories such as electronics, toys, and personal protective equipment
- Language requirements on labels, including instructions for use in the local language of the target market
- Ingredient or material disclosure for food, cosmetics, and textiles
- Country of origin labelling where required by category-specific legislation
- Responsible person designation in the EU if you are importing from outside the bloc
For sellers using Amazon FBA or similar fulfilment programmes, it is worth noting that the platform may handle storage and shipping, but it does not assume responsibility for product compliance. That obligation remains with the seller. If your product is found to be non-compliant, your listings can be removed regardless of your fulfilment method.
How does VAT work when selling products on a marketplace?
VAT obligations for marketplace sellers depend on where your customers are located, where your goods are stored, and the volume of cross-border sales you make. Since the EU’s OSS (One Stop Shop) reform in 2021, sellers crossing the EU-wide threshold of 10,000 euros in cross-border B2C sales per year must charge VAT at the rate of the buyer’s country, not their own.
There are a few key principles to understand:
- Local VAT registration may still be required if you store goods in another EU country, for example through Amazon FBA warehouses in Germany, France, or Poland
- OSS registration allows you to report and pay VAT for multiple EU countries through a single return in your home country
- Marketplace facilitation rules mean that in some cases, platforms like Amazon are deemed the supplier for VAT purposes on certain transactions, but this does not eliminate all your VAT obligations
- UK VAT operates separately post-Brexit, with its own registration thresholds and rules for overseas sellers
VAT compliance is one of the most common areas where marketplace sellers run into problems during international expansion. Working with a tax adviser who understands cross-border e-commerce is strongly recommended before scaling into new markets.
What consumer protection laws apply to marketplace sellers?
Marketplace sellers are bound by consumer protection legislation in every country where they sell to consumers. In the EU, the key frameworks include the Consumer Rights Directive, which governs the right of withdrawal, and the Sale of Goods Directive, which sets out minimum warranty obligations. These rules apply regardless of whether you sell through your own webshop or a third-party marketplace.
The most important obligations include:
- 14-day right of withdrawal for online purchases, during which consumers can return goods without giving a reason
- Two-year legal guarantee on all goods sold to consumers in the EU
- Clear pre-contractual information, including pricing, delivery times, and seller identity, displayed before the consumer completes a purchase
- Prohibition on unfair commercial practices, such as fake reviews, misleading pricing, or false urgency claims
The EU’s Digital Services Act (DSA), which applies to large platforms, also creates indirect obligations for sellers by requiring marketplaces to verify trader information. As a seller, you may be asked to provide business registration details, VAT numbers, and bank account information to remain listed.
What are the GDPR obligations for marketplace sellers?
GDPR applies to marketplace sellers whenever they process personal data about EU-based customers, even if the seller is based outside the EU. Collecting a customer’s name and delivery address counts as processing personal data, which means GDPR obligations are triggered from the moment you receive an order.
Key GDPR requirements for marketplace sellers include:
- Lawful basis for processing: you need a valid legal reason to use customer data, such as contract performance for order fulfilment
- Data minimisation: only collect and store the data you actually need
- Retention limits: do not keep personal data longer than necessary for the purpose it was collected
- Data subject rights: customers can request access to, correction of, or deletion of their data
- Third-party data sharing: if you share customer data with logistics partners or other processors, you need data processing agreements in place
Marketplace platforms typically handle their own GDPR compliance for the data they collect directly. However, any data that flows to you as a seller, such as order details or customer communications, falls under your own GDPR responsibilities.
How do marketplace platform rules add to legal obligations?
Beyond national and EU law, marketplace platforms impose their own seller policies that carry contractual weight. Violating these rules can result in listing removal, account suspension, or permanent bans, making platform compliance just as important as legal compliance in practice.
Common platform-specific requirements include:
- Restricted and prohibited product lists: each platform maintains its own catalogue of items that cannot be sold, which often goes beyond what is legally prohibited
- Listing accuracy standards: product titles, descriptions, and images must meet specific formatting and content rules
- Performance metrics: sellers on Amazon FBA, for example, are monitored on order defect rate, late shipment rate, and cancellation rate, with account health consequences for poor performance
- Intellectual property policies: platforms have brand registry and IP complaint mechanisms that can result in listings being taken down if rights holders raise objections
- Seller verification requirements: platforms increasingly require identity verification, business documentation, and proof of product authorisation before allowing certain categories
It is important to read the seller agreement and policy documentation for each platform you use, and to monitor policy updates regularly. Platforms update their rules frequently, and ignorance of a change is not accepted as a defence when enforcement action is taken.
How Distrilink helps you navigate marketplace legal requirements
Managing legal compliance across multiple marketplaces is complex, especially when you are scaling into new European markets at the same time. At Distrilink, we help brands grow quickly and in a controlled way on online marketplaces, without having to build their own marketplace team, IT infrastructure, or logistics operation from scratch.
Here is how we support brands in handling the operational and compliance side of marketplace selling:
- Fast activation on all major European marketplaces, with compliant listings from day one
- Centralised product management through our own platform, giving you full visibility and control across all channels
- End-to-end fulfilment from our in-house warehouse, so delivery and returns are handled correctly and consistently
- Ongoing optimisation of listings, advertising, and logistics based on real performance data
- Customer service management, ensuring consumer protection obligations are met at every touchpoint
We represent more than 25 brands and are connected to all major European marketplaces. Brands work with us to expand their e-commerce presence without added complexity, with speed, control, and clear insight into their performance. If you want to scale on marketplaces without getting tangled in operational and legal complexity, get in touch with Distrilink and let us show you how we can help.
Frequently Asked Questions
I sell in just one EU country — do all these legal requirements still apply to me?
Yes, even if you only sell to customers in a single EU country, you are still subject to that country's implementation of EU-wide legislation, including the GPSR, consumer protection directives, and GDPR. The scale of your operation does not reduce your legal obligations, though some thresholds — such as the €10,000 OSS trigger for cross-border VAT — only activate once you exceed certain volumes. Starting with a clear compliance baseline from day one is far easier than retrofitting it later when you begin to scale.
What happens if a customer files a complaint about my product through the marketplace — am I liable?
Yes, as the seller of record you remain legally liable for product safety and consumer rights obligations regardless of how the complaint is routed. Marketplaces may handle the initial communication, but the legal responsibility for resolving warranty claims, processing returns within the 14-day withdrawal window, and addressing safety issues rests with you. Keeping thorough records of product documentation, supplier agreements, and customer communications is essential in case a dispute escalates.
How do I know if my product needs CE marking before I can list it on a European marketplace?
CE marking is required for specific product categories defined by EU legislation, including electronics, toys, machinery, personal protective equipment, and medical devices, among others. The best starting point is to identify which EU directives or regulations apply to your product category and check whether they mandate CE marking as a condition of placing the product on the EU market. If you are unsure, consulting a product compliance specialist or a notified body before listing is strongly recommended, as platforms like Amazon increasingly request compliance documentation at the point of listing.
Can I use customer order data from the marketplace to send marketing emails to buyers?
Generally, no — not without a separate and explicit legal basis for doing so. Order data received through a marketplace is provided for the purpose of fulfilling that specific transaction, which means using it for direct marketing would typically require the customer's prior consent under both GDPR and e-privacy rules. Most marketplace seller agreements also explicitly prohibit using customer contact details for off-platform marketing. If you want to build a direct marketing relationship with customers, focus on legitimate opt-in mechanisms through your own channels.
What is the biggest compliance mistake new marketplace sellers make when expanding into new EU markets?
The most common mistake is assuming that being compliant in your home market automatically means you are compliant everywhere else. Each EU country can have additional national requirements on top of harmonised EU rules — for example, specific language requirements on packaging, country-specific consumer protection rules, or local VAT registration obligations triggered by FBA warehouse storage. Sellers who expand into Germany, France, or the Netherlands without reviewing those country-specific layers often face listing removals or tax issues that could have been avoided with upfront due diligence.
How often do marketplace platform policies change, and what is the best way to stay on top of updates?
Major platforms like Amazon and Bol update their seller policies multiple times per year, with significant changes often rolled out with relatively short notice periods. The most reliable approach is to subscribe to official seller news feeds and policy update notifications from each platform's seller central, and to schedule a regular internal review — monthly or quarterly — of the policies relevant to your product categories. Working with a marketplace partner or specialist who monitors these changes professionally can also significantly reduce the risk of being caught off guard by a policy shift.
Do I need a separate data processing agreement with every logistics partner I use for marketplace fulfilment?
Yes, under GDPR, if you share personal data — such as customer names and delivery addresses — with any third-party logistics provider, that provider qualifies as a data processor and a Data Processing Agreement (DPA) must be in place. This applies whether you use a large carrier like DHL or a smaller regional fulfilment partner. Many established logistics providers have standard DPAs available on request, so in practice this is a straightforward step, but it is one that is frequently overlooked by sellers who focus on operational setup without reviewing the data flow implications.
