how to sell your business

How to Sell Your Business: 6 Mistakes to Avoid When Selling Your Online Business

Did your online business receive success, and now major corporations want to buy your business? Before you agree, know how to sell your business and avoid these 6 mistakes.

Do you own an online business that’s turned into a massive success over time?

If so, you might currently be fielding offers from major corporations that want to purchase your business and make it even bigger than it already is. Many of those offers might be very lucrative and could potentially change your financial situation and, to a larger degree, your life.

But before you decide to accept an offer from a buyer, you need to know how to sell your business. More specifically, you need to know how to avoid making a costly mistake that could come back to bite you later.

Here are 6 common mistakes that you’ll want to avoid when selling your online business.

1. Failing to Plan Ahead for a Future Sale

Many online business owners make a very crucial mistake long before they ever agree to sell their businesses. They fail to plan ahead for the possibility of a sale and end up paying the price for it.

From the moment you start running your business, keep accurate records and organize all the files related to your business. Consider what you might need at some point down the line if you ever decide to sell your business.

Selling an online business is a long process that involves digging through records and taking a good, long look at a business’ history. If your files are disorganized and all over the place, it could delay a sale or even put the kibosh on it.

2. Waiting Entirely Too Long to Sell

Your online business is your baby. You don’t want to sell it to just anyone, and you also don’t want to sell it when there’s still a chance for it to grow and become so much more profitable.

That’s all very understandable. But at the same time, you also don’t want to wait too long and miss out on the chance to sell your online business for top dollar.

You could end up missing out on a big payday if you put off selling your online business because you’re too attached to it. That doesn’t mean you need to jump at the first offer you receive. But it does mean you should carefully consider any offers that come in on it, even if it’s not technically on the market.

By taking this approach, you’ll avoid missing out on a small window of opportunity that could net you hundreds of thousands, if not millions, of dollars.

3. Picking the Wrong Broker to Handle a Sale

If you’ve never gone through the process of selling an online business on your own, you probably don’t have the first clue about how to sell your business.

You will, therefore, need to bring in a broker or a consultant who can help you walk through everything. For a fee, they’ll help sell your business to the highest bidder and get you a great return on the original investment you made in your company.

At least, that’s how things should work out. But unfortunately, far too many online business owners choose the wrong broker to handle a sale and end up losing out on money in the end.

Find an experienced broker with a clear plan in place for getting you maximum value for your online business. They should be prepared to do whatever it takes to ensure you’re happy with the entire selling process.

4. Choosing Not to Market Your Online Business to Buyers Yourself

While your broker or consultant should technically work on your behalf to promote your business to buyers, that doesn’t mean you should just hang back and do nothing.

No one–and we do mean no one–knows your online business like you do! So get out there and help sell it to anyone who might be interested in buying it. Allow the passion you have for your business to drive you as you work to make a sale.

This doesn’t mean you should step on your broker’s toes or go overboard when it comes to marketing your business. You could actually bring the value of your business down if you come across as looking desperate to sell.

But this is your business, after all. Do whatever you can to encourage buyers to make better offers than the ones that are coming in.

5. Putting a Price Tag on Your Business That’s Too High or Too Low

How much is your online business actually worth at the moment?

That’s a tough question to answer. But it’s a question you have to contemplate as you prepare to sell. If you attach a price tag to your business that’s too high, companies won’t be interested in it, and if it’s too low, you’ll miss out on making as much money on it as you should.

Use your broker’s knowledge and your own research to generate a price that falls somewhere in the sweet spot. You want to come up with a price you’re happy with for your business.

6. Agreeing to Sell Your Business to an Inexperienced Buyer

Once you sell your online business, it’ll be out of your hands.

But you will always have a connection to it. And in some cases, people might even associate the business with you.

That means you shouldn’t just sell your business to anyone. Look for a qualified buyer who has the experience it takes to move your business up in the world.

Try talking to those interested in buying your online business so that you can get a sense of what they plan to do with it. You won’t have much say in how they actually move forward. But it’ll be nice to gauge how you’re business is going to grow once it’s under new ownership.

Learn More About How to Sell Your Business Today

The only real way to learn how to sell your business is by actually doing it. You’re inevitably going to make a few small mistakes along the way. But it’s important to avoid the big ones that could cost you.

If you need help selling your business, obtain services that are designed to make online business sales a breeze. You’ll feel more confident in the decisions you make when you have a helping hand. Contact Revision Legal’s attorneys with the contact form on this page, or call us at 855-473-8474.

ecommerce fraud

How to Prevent eCommerce Fraud and Protect Your Online Store

Half of eCommerce businesses fall victim to eCommerce fraud, costing up to hundreds of thousands of dollars. Here’s how to protect your business.

You think your e-commerce business is going well. You watch the sales roll in, your shipping process is running well, and you’re excited to check your bank account. When you do, though, you realize you’ve made far less than you thought you had. As you investigate, you find out that chargebacks from credit card companies are the problem.

This story is all too common among e-commerce businesses. E-commerce fraud takes a chunk out of their profits without them realizing it. On top of your bottom line, a high chargeback rate also discourages credit card companies from working with you.

If you’re ready to step up your business’ protection, get the lowdown on e-commerce fraud here.

What is E-Commerce Fraud?

The term “ecommerce fraud” can describe a few different things.

One type of ecommerce fraud occurs when someone uses a different person’s account or credit card to make a purchase on your site.

Sometimes this happens when the person gets access to the victim’s account on your site so they don’t need to enter credit card information. Another type of e-commerce fraud is a data breach, which is when someone hacks into your database to steal your customers’ data.

In this article, we’re referring to the first type of e-commerce fraud. In many cases, the customer notices the fraudulent charge and alerts their credit card company. The credit card company reverses the charge, and you lose the money they paid you.

Customers often don’t notice fraudulent charges until weeks or months later. If you’ve already shipped a product when the chargeback occurs, you’re out the cost of the product.

Tips to Prevent E-Commerce Fraud

If you aren’t careful, even small e-commerce fraud purchases can add up and cost you a bundle. To protect your business, follow these tips:

1. Adhere to PCI Standards

You should already be doing this, but it’s so important that it’s worth stating. The Payment Card Industry, or PCI, has security standards for every e-commerce company to follow.

These standards will also go a long way toward making your transactions more secure. They also have direct consequences, though. If you don’t adhere to PCI security standards, you’re vulnerable to lawsuits. Credit card companies may also decline to work with you, bringing your business to a fast halt.

2. Use the Address Verification System

The Address Verification System, or AVS, is an existing tool to help you secure your business. The AVS verifies that the customer’s billing address matches the one their credit card company has on file.

Running a customer’s payment information through the AVS is one more safeguard against e-commerce fraud. The system is already in place, so you can give big rewards from the minimal effort it requires.

3. Require CVV Codes for Purchases

A credit card’s three-digit or four-digit CVV code is an important part of e-commerce security. While online databases can store a customer’s credit card number and billing address, they can’t store the CVV code.

If you require the CVV code for online purchases, it’s unlikely that the data is stolen. It seems like a small addition to your payment process and it is, but it goes a long way in preventing fraud.

4. Set Tight Password Requirements

We’ve all set up an online account and become frustrated with restrictive password requirements. At the cost of a small inconvenience, though, you’re cutting down on your risk of e-commerce fraud.

Tightening your password policy protects your customers as well as your business. A smart password policy can require certain types of characters in your customers’ passwords so the passwords are harder to hack.

5. Look for Red Flags

There are certain red flags that a purchase might be fraudulent. Keeping an eye out for these red flags can help you detect fraud and block the transaction. The key signals include:

  • Inconsistent billing or shipping information
  • Unusual spending patterns
  • Purchases from unusual IP addresses (like an IP address in a different country than the customer’s typical location)

It’s not reasonable to comb through every purchase for these risk factors. Instead, set up automated alerts in your system to detect these red flags. You can instruct the system to decline the transaction or to alert you so you can verify the purchase before shipping the merchandise.

6. Don’t Ignore Software Updates

Most e-commerce sites use various types of purchased software instead of a customized system. If you’re using plug-ins or any other type of software, keep up with updates promptly.

In many cases, these updates are how the developer patches security holes. Even if security isn’t noted in the update description, it may be a part of the update, so install it as soon as possible.

7. Monitor for Chargebacks When They Happen

You can’t prevent 100% of ecommerce fraud. You can, however, minimize the damage it can do.

Set up your system to alert you in the case of a chargeback. If the chargeback applies to a purchase you haven’t shipped yet, put a hold on the shipment until you resolve the issue. If the purchase is, in fact, fraudulent, you can cancel the order.

8. Hire a Law Firm That Knows eCommerce

If you’re struggling with ecommerce fraud, it may be time to bring in some professionals. Look for a lawyer who can advise you about preventing fraud and about your options for legal recourse.

Remember that not all lawyers are experienced in the area of e-commerce law, so look for someone with this area of expertise.

Keeping Your E-Commerce Fraud to a Minimum

Running a successful e-commerce business is a complex endeavor, and it gets more complicated when you take criminals into account. Between chargebacks and a damaged reputation, e-commerce fraud takes down even an established online business.

Keeping up with Internet laws can lower your costs and protect you from larger problems down the line. The fraud prevention tips above are a start. For more tips for your e-commerce business, check out our legal tips blog.

If your online store has been a victim of e-commerce fraud, it’s time to talk to attorneys that can advise you about preventing fraud and about your options for legal recourse. Contact Revision Legal’s attorneys with the contact form on this page, or call us at 855-473-8474.

Is Someone Illegally Using Your Trademark? The 8 Factor Trademark Infringement Test

A court will apply the “likelihood of confusion” test in a trademark infringement suit. This is actually an umbrella term for several tests employed by the various federal circuits. However, most courts use a group of similar factors to assess confusion. The court will analyze and weigh each factor to determine if a consumer, in the marketplace context, is likely to be confused by the two marks. For this reason, the trademark infringement test is highly fact-intensive and each factor may be accorded different treatment depending on the case. Here is a look into the eight-factor test applied by the 6th Circuit.



The senior trademark is the one that was registered first or used first. The more distinctive is the senior mark, the more protected it is. A court will measure distinctiveness along the following spectrum:

A). Generic

  • Definition: Words or symbols that describe the product itself, rather than distinguish between competing versions of the product. A trademark can be rendered generic if consumers begin to use the mark as the generic name of the entire product group (like “aspirin”)
  • Strength: Never distinctive
  • Example: E-mail (no trademark)

B). Descriptive

  • Definition: Words or symbols that merely describe the ingredients, qualities, features, purpose or characteristics of a product.
  • Strength: Distinctive only if the mark has acquired secondary meaning. Secondary meaning indicates that although the mark is on its face descriptive of the product, consumers recognize the mark as having a unique source. Registered marks with incontestable status will be presumed to be at least descriptive with secondary meaning.
  • Example: Windows (trademarked because it has a secondary meaning)

C). Suggestive

  • Definition: Suggestive trademarks suggest qualities of the underlying product, such that it requires imagination, thought, and perception to determine the nature of the product in question.
  • Strength: Inherently distinctive
  • Example: Playstation (trademarked because it suggests that it is a videogame device)

D). Arbitrary

  • Definition: Arbitrary terms are names that exist in popular vocabulary, but have no logical relationship to the products for which they are used. Whether a word is arbitrary or not has everything to do with the context in which it is used. The pairing of the mark with the particular category of product should appear to be random.
  • Strength: Inherently distinctive
  • Example: Apple (trademarked because computers bear no relation to the actual fruit)

E). Fanciful

  • Definition: Terms that are invented for the sole purpose of serving as trademark and have no possible association with the product for which it is used.
  • Strength: Inherently distinctive. Infringers of these marks are hard pressed to provide any explanation for their use the mark, leaving the impression that the real reason was a blatant attempt to trade off the goodwill generated by the owner of the trademark.
  • Example: Xerox (trademarked because the word has no meaning outside of this context)


Relatedness does not mean that the products are in the same broad industry. Rather, it means that the two products have the potential to be connected in the mind of the consumer. Each case typically fits into one of the following three categories (and the weight given to the factor will change accordingly):

  • If the products compete directly then confusion is likely if the marks are sufficiently similar.
  • If the products are somewhat related but not competitive, then confusion will turn on other factors.
  • If the products are totally unrelated then confusion is unlikely.


This is a factor that the courts usually accord greater weight. The court will look at the pronunciation, appearance, and verbal translation of conflicting marks. It will look to see if the given mark would confuse the public when viewed in isolation. Also, the mark will be viewed in its entirety, not by its individual features.


The existence of actual confusion is direct evidence that the products in their actual market context have similarities sufficient to create confusion. This factor will only be weighted heavily when there is evidence of past confusion or when the particular circumstances indicate such evidence should have been available. Nevertheless, isolated instances of actual confusion after a significant period of time of concurrent sales or extensive advertising do not always indicate an increased likelihood of confusion and may even suggest the opposite.


A court will assess the similarity of the marks in light of the way they are encountered in the marketplace and the circumstances surrounding their purchase. Evidence may include the relevant market the two products are sold in, the type of business the marks are used for, the methods of advertisement employed by the two parties, and the location that the respective products can be found at stores.


Generally, when analyzing this factor in a trademark infringement test, a court will apply the standard of the typical buyer exercising ordinary caution. However, if a buyer has expertise or is otherwise more sophisticated with respect to the purchase of the product at issue, a higher standard is proper. Similarly, when products are expensive or unusual, the buyer can be expected to exercise greater care in her purchases. The ultimate significance of a given degree of care, however, often will depend upon its relationship with the other seven factors.


If a party chooses a mark with the intent of causing confusion, that fact alone may be sufficient to justify an inference of confusing similarity. Intent is relevant because purposeful copying indicates that the alleged infringer believes that his copying may divert some business from the senior user. Direct evidence of intentional copying is not necessary to prove intent. Rather, the use of a contested mark with knowledge of the protected mark at issue can support a finding of intentional copying.


A strong possibility that either party will expand his business to compete with the other or be marketed to the same consumers will weigh in favor of finding that the present use is infringing. A geographic expansion or an increase in the types of products offered can be relevant. A finding that the parties will not expand their markets significantly, however, does not address the ultimate issue of likelihood of confusion. Thus, an affirmative finding will provide a strong indication that the parties’ simultaneous use of the marks is likely to lead to confusion, while a negative finding is not a strong indication to the contrary.

Continued Reading

  1. How Strong is Your Trademark? [Infographic]
  2. Secondary Meaning of Trade Dress
  3. Trademark Priority: Risks of Too Much Secrecy
  4. Grounds for Trademark Opposition and Cancellation Proceedings

Editor’s Note: This blog post was originally published in June, 2017. It has been updated for quality and comprehensiveness.

medical marijuana business

Medical Marijuana Business Formation: What You Need To Know

This is part 1 of 10 of Revision Legal’s guide to setting up a Medical Marijuana business in the State of Michigan.

This article provides an overview of issues you will need to address for medical marijuana business formation.

Michigan’s Medical Marijuana Facilities Licensing Act (MMFLA) sets a licensing framework for the growing, processing, transporting, testing, and selling of marijuana. With this Act, Applicants for licenses can now form corporations and limited liability companies (LLC) to hold these licenses.

Forming an LLC is relatively easy. Forming them correctly and understanding how they work? -that is more difficult.

Limited Liability – Keep It

The main benefit of forming a corporate entity is obtaining limited liability. What this means is the business, rather than its shareholders or members or you, are liable for the corporate debts. With incorporation, you protect personal assets from business liabilities.

However, it is possible to lose this protection. Specifically, a creditor could “pierce the corporate veil”.  As a result your personal assets could be in danger if you do not understand the basics of how limited liability works.

The most important thing to remember is that incorporation should not be abused. For example, if you use your business as a sham or a fraudulent operation, then you can lose your protections. This can happen when business owners mix personal and business funds, fail to keep sufficient records, or become limited by operating funds.

Internal Organization – Do It

Your new Medical Marijuana business needs rules of operation as part of its formation.

Typically, these rules are put together as an operating agreement (for an LLC) or bylaws and a shareholders agreement (for a corporation). These documents set internal policy and procedure for several important issues. Examples of these issues include voting rights, the impact of someone’s death, and the priority of distributions or dividends.

Especially relevant is when your Medical Marijuana business has more than one owner, then these types of organizational documents are highly recommended.

Documentation – Be Diligent

You must take steps to record the important decisions. Do this at the time of your medical marijuana business formation as well as keep accurate paperwork during your day-to-day operations.

These steps can be as simple as setting periodic reminders to review the internal documents of your organization and run audits on how your business is running.

The operation and organization of your business is your responsibility. Nobody else is going to do this for you. But if you follow these steps and are careful in your record keeping and diligent in legal protections then this type of business will be an asset for years. It will also make your business more attractive and trustworthy to customers and investors.

Conclusion – Medical Marijuana Business Formation – Do It Right

Forming a legally defined entity is always an important first step for any business. If you are going to do it, do it right.

Revision Legal offers a complete package to help with your Medical Marijuana business formation. Contact us today with the form on this page to schedule a consultation.

Read Part 2 of 10: Smart Contracting

udrp process

The UDRP Process

The acronym UDRP is one that many website owners may have seen or heard before, but what it is, where it came from, and why we need it may be less familiar if you have never been involved in a domain dispute. But, whether you know it or not, you agreed to abide by the UDRP when you signed your domain agreement. Continue reading for a full explanation of the UDRP process.

What is UDRP?

The UDRP (Uniform Domain-Name Dispute-Resolution Policy) is a set of rules found in every Domain Name Purchase Agreement that defines how domain name disputes should be decided. The UDRP generally applies to top-level domains such as .biz, .com, .info, and .org—to name a few.

By signing the mandatory Domain Name Purchase Agreement when purchasing a domain, registrants “represent and warrant” that the registration “will not infringe upon or otherwise violate the rights of any third party,” and agree to an arbitration-like proceeding if such a claim should arise. While the UDRP is mandatory for domain holders, it is an optional procedure for mark holders.

Where did UDRP come from?

With the rise of the Internet in the early ‘90s came the use of trademarks as domain names without the owner’s consent, also known as “The Trademark Dilemma.” By 1998, the non-profit corporation ICANN (the Internet Corporation for Assigned Names and Numbers) was formed to assume responsibility for IP address space allocation, top-level domain name system management, and root server system management functions. In other words, ICANN ensures corporate trademark are not held ransom by those who register a certain domain name before the company can.

What are the UDRP elements?

The UDRP essentially protects businesses from abusive or bad faith registrations. However, like all contracts, there is more to it than that. You can read the full UDRP here, or find the essential elements, below.

To have a domain name transferred, a complainant must prove:

  • That the domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and
  • The respondent has no rights or legitimate interests in respect of the domain name; and
  • The domain name has been registered and is being used in bad faith by the respondent

What are the steps in the UDRP process?

Day 0: Complainant files complaint with a the NAF or WIPO, which will send send a copy to Respondent (domain holder) at the address shown on the WHOIS database.

The provider then reviews the complaint for compliance with the UDRP and provider rules. If the complaint complies, the proceeding continues; if the complaint does not comply, however, the complainant has 5 days to resolve the defects. If the complainant does not do so within 5 days, the complaint will be considered withdrawn.

Day 3: The provider sends the complaint to the registrar of the allegedly infringing domain name, along with a copy to the respondent.

Day 23: the respondent must respond specifically to the allegations in the complaint and offer any bases for the retention of the domain name within 20 calendar days of the commencement of the formal proceedings.

If the respondent does not file a response within this 20-day window, respondent will be deemed to have defaulted.

Day 28: The provider now has 5 days to appoint a panel.

Day 42: A decision will be rendered within 14 days of the panel’s appointment.

Day 45: The panel has 3 days to notify the parties of the decision.

10 business days later: Unless the adversely affected domain name holder has filed suit in a court of mutual jurisdiction by this date, the registrar will implement the decision of the panel, canceling or transferring the domain name according to the remedy sought in the complaint.

Though it is at the panel’s discretion to extend the time restrictions in exceptional circumstances, disputes are generally resolved within 60 days of filing.

If you are facing or thinking of filing a UDRP complaint, please contact Revision Legal’s Internet attorneys for a consultation by completing the form on this page.

Editors note: This article was originally published in June, 2015. It has been updated for clarity and comprehensiveness.

deceptive pricing

E-Commerce Deceptive Pricing: What All Online Sellers Need to Know

In the United States, the Federal Trade Commission (FTC) is charged with protecting consumers in the marketplace. Section 5 of the FTC Act, 15 U.S.C. § 45(a)(1) prohibits companies from utilizing “unfair or deceptive acts or practices in or affecting commerce”. This standard has been applied to protect consumers from deceptive pricing schemes. With retail purchases transitioning from brick and mortar stores to e-commerce, deceptive pricing schemes are evolving and in some ways becoming more prevalent. In addition to the FTC, many states have enacted laws meant to protect consumers from deceptive advertising and pricing tactics.

Deceptive pricing, according to the FTC, is any pricing scheme that is likely to mislead consumers and affect consumers’ behavior or decisions about the product or services offered for sale. Basically, any advertising, including pricing, must tell the truth and not mislead consumers.

Deceptive pricing has been found where companies utilize marketing schemes such as:

  • strike-through pricing
  • bait and switch
  • perpetual sales
  • price anchoring
  • “compare at” pricing.

These pricing practices may not, in and of themselves, be deceptive. However, where the pricing comparisons or fine print are deceptive in nature, the FTC may intervene.

For example, strike-through pricing is a common practice where retailers list the current price in comparison to a former price for the product. The former price appears with a line through it indicating that it is no longer valid. This is a great way to communicate discounts or sales to potential customers. However, if the stricken former price is not a valid indication of an actual former price of the product, the difference in price and consequently the “deal” is misleading.

The FTC has provided some guidance to sellers regarding deceptive advertising issues on their website here. Deceptive pricing schemes do cause actual problems for online retailers.

If companies are found to be utilizing deceptive pricing or advertising practices, the FTC will issue fines. Furthermore, many companies have faced civil litigation including class action lawsuits where damages can add up quickly.

In 2017, Canada levied a $1 Million fine against Amazon Canada for misleading pricing practices. They found that Amazon’s practice of comparing prices to higher “list prices” or suggested manufacturer prices (MSRPs) was merely a marketing gimmick that mislead consumers into thinking they are getting a great deal although the list price was not a prior actual price of the product. Canada’s Competition Bureau found Amazon culpable because they relied on their sellers to provide the list prices and never verified that those prices were ever accurate.

During the FTC’s review of Amazon’s purchase of Whole Foods in 2017, Amazon’s pricing was also investigated in the United States because of a letter filed with the FTC by Consumer Watchdog. Consumer Watchdog claimed that the reference prices posted on Amazon were higher than actual former prices of the products in the previous 90 days. Amazon denied the allegations. The FTC suspended its investigation of Amazon in 2017 but stated in a press release that, “Of course, the FTC always has the ability to investigate anti-competitive conduct”. This investigation highlights the FTC’s intent to follow up on complaints and investigate deceptive pricing in the marketplace.

The lesson here for online retailers is to make sure your marketing practices do not cross over the line to deceive consumers. Sellers should make sure that price comparisons including strike-through prices are an accurate representation of the actual deal the customers are receiving.

Today, online sellers have a lot to focus on. New competitors and pricing pressures, adhering to new privacy laws like the GDPR, and securing their customer data against hackers. Don’t make an FTC investigation into your advertised pricing an issue. If you have questions, have one of our Internet Lawyers review your pricing practices before the FTC does.

facebook and the gdpr

Facebook and the GDPR: Why Your Company Needs To Be Prepared

Data privacy is a big deal right now. Facebook is the latest company facing lawsuits and a PR nightmare related to the way they handled their customer’s data. However, Facebook is not the only company that needs to re-think its privacy related policies. The current data issues that Facebook is facing places the spotlight on an issue that has been brewing for some time.

Privacy and control over what companies do with personal information is a common concern held by people around the world, from all walks of life and all political persuasions. While there are differing views on whose responsibility it is to protect data, most agree that there should be some safety measures taken. In the US, most states have some laws related to data breach and data security but the US does not have a comprehensive federal data security law. The European Union has enacted a stringent regulation called the General Data Protection Regulation (GDPR). The GDPR goes into effect in May 2018 and places strict rules on what companies can do with the personal data of EU residents. Read here about the 5 steps your company needs to take before May.

GDPR requires companies to closely monitor and control their collection of personal data of EU residents. “Personal Data” is broadly defined and includes details such as name, date of birth, social security number, financial information, address, email addresses, IP addresses, sexual orientation, and religion. Under the GDPR, individuals have a right to opt in to having their data collected, to know what data is being collected, why it is being collected, who is receiving it, to request copies of all personal data a company has of theirs, to opt out of the data collection, and to have it deleted completely from the company’s records. In order to comply with these and other requirements, companies need to have processes and policies in place to act quickly. Non-compliance can result in massive fines of up to 20 million Euros or 4% of the company’s global turnover, whichever is higher, per breach.  These are serious consequences and US business need to be prepared. While Facebook has been highly criticized for the Cambridge Analytica data scandal, their recent changes regarding privacy have likely been in the works for some time. Like other businesses, Facebook has to be compliant with the GDPR by the May 2018 deadline.

The GDPR is an EU regulation but that doesn’t mean that US businesses don’t have anything to worry about. Even companies without a physical presence in the EU could be liable for violations of the GDPR. Like Facebook, businesses that collect personal data from any EU resident need to make sure they are compliant with the GDPR by May.  The recent PR scandal Facebook is dealing with highlights the public’s demand for transparency and providing greater control to consumers.

Facebook’s troubles and the impending strict regulations of the GDPR should be a sign for all companies to take a second look at the way they collect and utilize personal data. Just this week, Pinterest introduced a new Privacy Policy and Terms of Service in order to comply with the new European privacy laws. Other companies are following suit. For more information on how to become GDPR compliant or begin the process of creating a comprehensive data privacy policy, feel free to contact us.

data protection officer

GDPR Compliance: 5 Steps You Need to Take Before May

If you think Facebook is the only company that needs to think about data privacy and security issues, unfortunately you are mistaken. Right now, most companies need to consider whether or not there are prepared to protect the personal data of their customers. Not only because of the outrage and backlash that companies face in the aftermath of a breach but because of regulations like the GDPR and other data protection laws. The General Data Protection Regulation (GDPR) is a regulation that has been passed by the European Union and is set to be implemented in May 2018 and companies need to take steps to meet GDPR compliance requirements.

What if your company has no presence in the EU?

GDPR could still apply to your company if you offer goods and/or services to people in the EU and you collect data from them or if you process data received from a third party who does. This is important because non-compliance could result in massive fines up to 20 million Euros or 4% of global company turnover, whichever is higher. These fines are high due to the EU’s intention to deter companies from misusing data.

The GDPR allows for personal data processing where the owner of the data consents and you have legitimate reasons to collect the data or when the processing is necessary for tax, legal, or other reasons.

Personal Data as defined by the GDPR includes any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Some GDPR Personal Data Rights and how they could affect your business:

  1. Opt In/Opt Out: The GDPR requires that companies obtain and keep records affirmative opt in to collect personal data. Traditionally, companies have relied on their online Terms of Use and Privacy Policies to dictate the collection of data and have notified users that their continued use of the services constitutes acceptance of the data collection. This is not sufficient under the GDPR. Companies will have to receive and keep a record of each opt in. Furthermore, users must also be able to opt out of the collection and opting out cannot be more difficult a process than opting in. You will need to keep records of each opt in and opt out action taken by all users and be able to provide them if requested.
  2. Right to Access: Consumers have a right to know what data is being collected and for what purpose. You need to be able to provide this information for free to anyone who asks for it.
  3. Portability: Not only do consumers have a right to know what data you’ve collected and what you’ve done with it, they also have a right to obtain a copy of all data you’ve collected to use for any other reason. Your company needs to be able to provide them with a copy in a readable format at no charge and within one month of the request.
  4. Erasure: Consumers have a right to be forgotten completely. Your company should have a process by which, upon request, you can access all data collected regarding an individual and erase it completely from your systems and files. There are some exceptions to this where you need to keep certain data for specific reasons such as for taxes or legal reasons. Even then, you must delete all non-necessary data.

The GDPR also places restrictions on and regulations regarding the transfer of Personal Data outside of the European Union. Data breaches must be reported to authorities within 72 hours and companies must have a process in place to notify potentially affected individuals.

This is not an exhaustive list of all requirements imposed by the GDPR. It is imperative that companies have processes, procedures, technological capabilities and training in place so that they can comply.

GDPR Compliance: 5 Steps You Need to Take

  1. Evaluate what data are you collecting and why.
  2. Understand why you need to collect/process the data you collect.
    1. Do you really need to do it?
    2. What happens to the data after it is collected?
  3. Review your consent process.
    1. Individuals should provide affirmative consent and your privacy policies must be written in clear language.
    2. Revocation of consent must be as easy as giving it.
    3. You must retain consent receipts (show both you and your client that they gave and or revoked consent).
  4. Compare existing procedures to GDPR requirements and make edits.
    1. What do you already have in place and what do you need to expand or change?
  5. Implement all policies before May 25, 2018.
    1. Documentation
    2. Audit
    3. Training
    4. If you aren’t there yet, you need to be able to explain why you are not compliant.

The GDPR is a complex law with significant impact on the business community. Time will tell us the full extent and impact on business but we recommend taking steps now to move toward compliance. Contact Revision Legal for more information or for further guidance and resources.


9 Steps to Business Success

So, you have a great business idea. Great! What now?

Below are 9 steps that will help guide your idea from light bulbs to a profitable business.

Step 1: Identify a Brand Name

Branding is important and any new idea needs a name. There are many details that come into play when choosing a brand name.  Whether you are working with a marketing firm or you have a list of potential names on a napkin, it is important to consider the legal implications of choosing a name. Brand names are trademarks. The use of a trademark has legal implications that can enhance or hurt your business.

Some names are better than others. Choosing a strong, distinctive trademark will help you create a brand that really makes your idea shine. It is important to avoid descriptive and generic trademarks. The strongest trademarks are fanciful or arbitrary. Apple is a very strong trademark for the sale of computers but Apple is a terrible trademark for the sale of apples.

Many people think their trademark should describe their product or service. This is not necessarily true. While your brand should represent the tone you intend to portray in business, choosing a descriptive trademark is not the best approach in the long run.

Step 2: Identify a Domain name

Your idea needs a website. Whether you are selling products online or you will use your website to help get the word out about your services, your website is an important aspect of your marketing and business plans. Finding the right domain name is an important part of this process.  Do your research and see what relevant domain names are available.

The law also provides protections for trademark owners. Anti-cybersquatting laws provide an opportunity for trademark owners to protect their rights online. Cybersquatting occurs where one registers a domain name containing the trademark of another with the intent to profit from the sale or use of that domain name. Cybersquatting can be devastating to a business. Cybersquatters can divert valuable traffic and, in turn, sales, from a business through the use of the cybersquatted domain name.

Step 3: Obtain a Trademark Clearance

You picked a name you love and you’ve found a domain name that is perfect. Now it is time to take this step which many entrepreneurs skip or put off only to suffer devastating consequences in the future. Obtaining a trademark clearance is an affordable and essential action in the start-up process. A trademark attorney will perform a trademark search and provide you with a clearance opinion. In the opinion, the attorney will include results of their search that they consider relevant to your ability to use and register your trademark.

Some things that trademark attorneys consider include whether there are any registered trademarks that would hinder your use and registration. They will provide you with an opinion as to whether consumers would likely be confused by the existence of your trademark and the prior mark. The attorney will also give you their opinion about any genericness or descriptiveness concerns they anticipate.


Step 4: File a Business Entity

Creating a business entity will help you organize and protect your business. There are many different entity types and structures to choose from. The best type of entity for you depends on the nature of your business and your goals. A business attorney can help explain your options and help you choose the most appropriate one. Business entities are valuable because they help shield owners from personal liability and can help improve the tax implications of bringing your ideas to life.

Step 5: File for a Trademark Registration

Obtaining a trademark registration is a powerful asset for your business and not something that should be overlooked or put off for the future. After you have a business entity and a trademark clearance, it is important to file an application for registration for your trademark. You will want to make sure that not too much time has passed since you received a trademark clearance as it may be inaccurate as to any subsequent filings or trademark use by third parties. The United States Patent and Trademark Office handles all trademark applications for registration. While it is not absolutely required, you may want to hire a trademark attorney to help you prepare and file your application.

Step 6: Open a Bank Account

It is important to keep business and personal expenses separate from one another. Opening a new bank account is a great way to avoid confusion and help make tax filing easier. You may want to consider opening an account at a bank other than the one you use for personal finances just to keep everything separated and easy.

Step 7: Get Insurance

Business insurance can help keep you out of trouble and assist in the event your business encounters problems. Ask around to learn about your options. The type of insurance you purchase depends greatly on the type of business you are creating. Important questions maybe whether you are offering services that put people in harm’s way, sell products to a potentially vulnerable customer base or invite people to your place of business to purchase or receive services. A reputable insurance agency can help you determine the best insurance for your business.

Step 8: Get Your Contracts in Order

Businesses need solid contracts to protect their assets and create good working relationships. Whether you hire employees or independent contractors, have a graphic designer create a logo or other design, hire a developer to help create the software you intend to sell, etc., you will need contracts. Hiring a distributor to help get your product on the market overseas? You need a good contract. Working with a supplier? You need a contract. Almost every business needs a website and you will need Terms and Conditions and a Privacy Policy.

Having agreements that are drafted with your business goals in mind can help you avoid costly litigation and difficulties in business relationships in the long run. A good attorney will help you draft contracts that are reasonable and protect both your business and your relationships.


Step 9: Get Your IP in order

Many companies do not realize that their intellectual property (IP) rights can often be their most valuable asset. Few startups have portfolios of real property or vast quantities of retail inventory and other physical assets. What startups usually have are ideas, and ideas are valuable if they are properly protected. If you have a well-established business, you might not be aware of the value of the IP you currently own. Having an audit performed by an IP attorney can help make you aware of the value you have, find holes in your protection, and create a plan for the future.

There are five main types of intellectual property rights:

  • Trade Secrets
  • Trademarks
  • Internet Domain Names
  • Copyrights and
  • Patents

If you have questions about your IP inventory or how to monetize your IP assets, please reach out to us and have us help you realize your business’s potential.


Finding Help

There are a lot of things that business owners need to consider. These are some major issues we help people deal with so that they can focus on running and growing their business. This is our business and we love what we do. Please contact us if you have any questions or if you need a consultation. We want to help you succeed!


Streaming Music in your Business

If you walk in to a local book shop, the corner bar, the Apple Store, or Target you will likely hear some sort of music playing. Music can help set the tone for your location and enhance your brand while your customers are in your establishment. If you have a brick and mortar business, there are some serious legal considerations you need to be aware of when playing music for your customers.

There have been many instances in the news recently of businesses being sued for Copyright infringement for streaming music without the proper license. Joe’s on Weed St. in Chicago is just one example.  It is much cheaper to purchase the right license than to pay settlement costs or court ordered damages and legal fees if you get sued for copyright infringement.

Copyright law protects the artists, publishers, and owners of music. Copyright gives rights holders the exclusive right to copy, reproduce, distribute and license their works. Streaming services like Spotify, Apple Music, and yes even CDs and iTunes music you’ve “purchased” is not available for public performance. That means that it is illegal to play this music in a commercial establishment.

Limited License For Music

Here’s how it works… When you pay for a subscription or buy an album on iTunes or a record at the store, you do not actually buy the music. Your payment provides you with a limited license to use the music for personal enjoyment. That means, you can play it for yourself in your home or on your devices for your own personal use and with family and friends. If you want to be able to play music for the public, you need a Public Performance License (PPL).

Many small businesses think they can get away with playing Spotify for their customers but that is a potentially expensive mistake. Music licensing entities are very active in inspecting commercial establishments like shops, bars, and restaurants. Often you will get a letter demanding that you both cease playing the music and pay a fine or an estimate of the fee you should have paid for the PPL. If you do not comply they will have the option of filing a copyright infringement lawsuit against you in federal court. A copyright attorney can help you negotiate but this is something that is better to avoid in the long run.

Solution: Obtain a Public Performance License

What can you do? The best way to avoid problems, comply with the law, and help make sure artists, collaborators and producers get their fair compensation for their work is to obtain a Public Performance License (PPL). One option to obtain PPL licenses for the music you want to play from licensing organizations. There are three major organizations in the United States that license music: Broadcast Music, Inc. (BMI), American Society of Composers, Authors, and Publishers (ASCAP) and Global Music Rights (GMR).  These are performing rights organizations that the songwriters, composers and publishers join. They have the ability to grant PPLs. This is helpful because it streamlines the process of having to purchase a license from each individual rights holder.

If purchasing PPLs, research which music you want to play and which organization the rights holders belong to. Because of the collaboration in the music industry you most likely will need a license from all of the organizations. There are also monthly reporting requirements to comply with for these licenses. Another option is to subscribe through a third party licensor like Spotify’s Soundtrack Your Brand service or CloudCover Music. These companies pay for the PPLs and then sell sub-licenses for a fee. You will want to make sure you comply with the terms and conditions of these services.

Overall it will be worth it to save yourself time and money upfront by purchasing licenses for the music you’d like to share with your customers versus facing a copyright lawsuit for illegal streaming. If you have received a letter regarding copyright infringement or just have some questions, contact Revision Legal.