Page Loading
Edinburgh skyline from Calton Hill

Business laws and regulations

As a business in Scotland, you need to consider specific requirements and laws around various aspects of business, including health and safety, advertising, data protection and bribery. Find out more about these laws to make sure your business stays within regulations.

Businesses in Scotland need to be aware of the following specific business laws and regulations:

Health and safety in Scotland

As an employer in Scotland, you’re responsible for providing a safe workplace for your employees. This means providing an environment free from serious recognised hazards and complying with the standards, rules and regulations of UK health and safety law.

You must assess risks in your workplace, as well as keeping employees informed about how they're protected and how they should deal with any risks.

It’s a criminal offence if you fail to protect the health, safety and welfare of all your employees at work. Penalties can include:

  • Unlimited fines
  • Remedial and publicity orders
  • Imprisonment
  • The Health and Safety Executive (HSE) provides guidance to help you make your business safe space.

Read more information about health and safety for your business from the HSE opens in a new window .

Advertising and marketing laws

Advertising and marketing in Scotland must be accurate and honest and follow specific codes, practices and regulations.

Rules in Scotland and the rest of the UK are enforced by the Advertising Standards Authority (ASA). Statutory bodies like the Office of Communications (Ofcom) and the Information Commissioners Office (ICO), as well as local trading standards offices, also have powers over adverts. They can act if your advert is found to be inaccurate, dishonest, or discriminatory.


The Consumer Protection from Unfair Trading Regulations opens in a new window means you cannot mislead or harass consumers by, for example, including false messages.

You can’t make deceptive comparisons with competitors, such as using their logo – this is set out in the Business Protection from Misleading Marketing Regulations opens in a new window on

If you break the regulations, your business could be reported to either a local trading standards office or the Competition and Markets Authority (CMA). You could also be fined or imprisoned.

Advertising codes of practices

There are two advertising codes of practice that govern how your business should advertise in Scotland and the rest of the UK. They cover all kinds of promotional communications, depending on where the advert or promotion will appear. This includes:

  • Non-broadcasting advertising, like print and online sales promotion and direct marketing
  • Broadcast media, like TV and radio

Non-broadcasting codes set out business standards for accuracy and honesty. And broadcast codes cover issues like decency, product placement and scheduling.

Find out more about advertising codes of practice and regulations on GOV.UK opens in a new window

Read more guidance on advertising rules from the Advertising Standards Authority opens in a new window  

Data protection in Scotland

If your business stores or uses personal information, you’ll need to follow specific rules on data protection in Scotland.

If your business collects, uses, stores or shares personal information, you’ll need to comply with the rules on data protection under the General Data Protection Regulation (GDPR) opens in a new window and the Data Protection Act 2018 opens in a new window . This applies to the personal information you collect, use, and keep about anyone, including staff and customers.

You’ll also need to respond to any ‘data protection’ or ‘subject access’ requests from people asking about the information you hold about them within the required timelines. It’s important you make sure the information you hold is secure, accurate and up to date.

When you’re collecting personal data from someone, you must inform them of:

  • Your purposes for processing their personal data
  • The legal basis for processing their personal data
  • Your retention periods for keeping that personal data, and who it will be shared with

They have the right to see the personal information relating to them, ask you to correct it if it’s wrong and, in some instances, request that you delete it.

Find out more about data protection for your business on GOV.UK  opens in a new window

Bribery laws in Scotland

In Scotland and the rest of the UK, it’s a criminal offence for a business to give or receive bribes. Under the Bribery Act 2010, your business is also accountable for any bribe paid on your behalf, both in Scotland and in the rest of the world.

Bribes have no minimum amount and can take many forms such as money or gifts given to influence someone’s behaviour or decisions. Employees, contractors and agents of your business must all follow bribery laws.

Penalties include:

  • Unlimited fines for businesses and their officers
  • Being banned from bidding for EU contracts
  • Custodial sentences of up to ten years

You must have adequate measures in place to prevent bribery. GOV.UK provides guidance to help your business do this.

Find out how to put preventative bribery measures in place on GOV.UK opens in a new window

Get support from TalentScotland

Got a question about hiring talent, immigration, visas, sponsorship, or something else? Get in touch with our helpful team and we’ll let you know about the support we can offer.