How do I know if my business is in EAA scope?

Ask one question: can a consumer (a natural person acting outside their trade or profession) buy a product, book a service, pay, subscribe, or start a contract on your website or app, at a distance? If yes, you are almost certainly providing an "e-commerce service" under Article 3(30) of the EAA and you are in scope — unless you qualify as a microenterprise providing services (fewer than 10 staff AND under €2M turnover). If your site only shows information and the contract is concluded offline, by phone, or only with other businesses, you are likely out of scope.

Is a hotel website covered by the European Accessibility Act?

If the hotel takes direct online bookings with online payment, yes — that booking flow is an e-commerce service to consumers and is in scope, regardless of the hotel being a "physical" business. A brochure-only hotel site with a phone number and no online booking is generally not in scope as an e-commerce service. Most modern hotels run a direct booking engine, so most are in scope. Small hotels may qualify for the microenterprise exemption, but only if they are under both the 10-employee and €2M-turnover thresholds.

Are B2B companies exempt from the EAA?

Not automatically, but most pure B2B companies are out of scope. The EAA targets services provided to consumers — natural persons acting privately. A wholesaler, manufacturer, or sales-led B2B vendor whose website only addresses other businesses and concludes no consumer contracts online is generally not covered. The exemption disappears the moment any consumer-facing transaction exists on the site: a public web shop, a self-serve consumer signup, or a booking flow open to private individuals.

Does the EAA apply to restaurants?

It depends entirely on what the restaurant lets people do online. A brochure site with a menu, address, and a phone number for reservations is generally not an e-commerce service and not in scope. The moment the restaurant adds online table reservations that take a deposit or payment, online ordering, or gift-voucher sales, that transactional flow becomes an e-commerce service to consumers and falls in scope (subject to the microenterprise exemption).

What is the microenterprise exemption and who gets it?

Service providers with fewer than 10 employees AND under €2 million annual turnover (or balance sheet total) are exempt from the EAA service obligations. Both conditions must be met simultaneously. It only applies to services, not products, and it disappears immediately with no grace period once you cross either threshold. Many small shops and hotels assume they qualify but exceed €2M in turnover, which removes the exemption even with a small team.

I have until 2030 to comply, right?

Only for an existing service that you leave substantially unchanged. The June 2030 transition period applies to services that were already operating before 28 June 2025. Any new service launched after that date must comply immediately — and a substantial change to an existing service (a checkout replatform, a new booking engine, a full redesign) can reset the clock and pull you into immediate compliance. If you are planning a redesign, the practical deadline is your launch date, not 2030.

Back to Blog

Legal Compliance

Who Does the EU Accessibility Act Actually Cover? A Scope Map by Business Type

The EAA does not care whether you "have a website." It cares whether a consumer can buy, book, or pay on it. That one test puts most hotels and shops in scope — and a lot of B2B firms out. Here is the honest map.

4 June 2026

14 min read

Ravid, Webply

TL;DR — one test decides it

The European Accessibility Act does not ask whether you "have a website." It asks one question: can a consumer buy, book, pay, subscribe, or start a contract on your site, at a distance?

Answer yes and you are almost certainly in scope as an "e-commerce service" — even if you think of yourself as a hotel, a gym, or a restaurant rather than an "online business." Answer no, and a lot of B2B and brochure sites are genuinely out of scope, no matter how loudly a vendor tells you otherwise.

Below is the honest map, business type by business type, with the exact trigger for each. We sell accessibility scanning — and we would still rather you know your real scope than buy a service you do not need.

The single question that decides your scope

Most "Does the EAA apply to me?" content drowns you in annexes. You do not need the annexes to answer the question for 90% of businesses. You need one definition.

The EAA (Directive (EU) 2019/882) defines an e-commerce service in Article 3(30) as:

…services provided at a distance, through websites and mobile device-based services, by electronic means and at the individual request of a consumer, with a view to concluding a consumer contract.

Read it slowly, because every word is load-bearing:

"at a distance" / "by electronic means" — online, not in person.
"at the individual request of a consumer" — a real person initiates it.
"consumer" — a natural person acting outside their trade, business, or profession. A procurement officer signing a fleet contract is not a consumer. A tourist booking a room is.
"concluding a consumer contract" — this is the trigger. Not browsing. Not reading. Contracting. The moment money can change hands or a binding booking can be made online, you are in e-commerce-service territory.

So the test is not "Is my site fancy?" or "Am I a tech company?" It is: can a private individual complete a transaction with me online? If yes, that flow is in scope. If the only thing your site does is inform — and the actual contract happens by phone, by email, in person, or only between businesses — you are very likely out of scope as an e-commerce service.

This is why a sleek B2B SaaS demo site can be out of scope while a dated three-page hotel site with a "Book now" button is in. The directive follows the transaction, not the technology.

The scope map, by business type

Here is where common business types land. "In scope" assumes you are above the microenterprise threshold (more on that below). "Grey" means it hinges on a specific feature — read the trigger.

Business type	Status	What triggers (or avoids) scope
Online shop (Shopify, WooCommerce, Shopware…)	In scope	The whole point of the site is concluding consumer contracts online. The textbook e-commerce service.
Hotel / B&B / vacation rental with direct online booking + payment	In scope	A consumer reserves and pays at a distance. The booking engine is an e-commerce service — being a "physical" hotel changes nothing.
Restaurant	Grey	Brochure + phone reservations: out. Online ordering, paid reservations/deposits, or gift-voucher sales: that flow is in.
Gym / studio / paid membership	In scope	Online signup, SEPA mandates, trials, and member portals are consumer contracts concluded at a distance.
Clinic / dentist / salon / vet	Grey	Plain "call us" page: out. Online appointment booking with payment or a paid deposit pulls that flow in.
Tour / activity / event operator	In scope	Selling excursions, tickets, or experiences online to consumers is e-commerce, explicitly named in EU guidance.
Course / subscription / community platform	In scope	Paid newsletters, e-learning, memberships — individuals self-serve checkout, so consumers contract online.
Banking / fintech / insurance / e-money	In scope	Consumer banking is a separately named EAA service category — in scope by sector, not just by checkout.
Transport & ticketing (air, bus, rail, ferry)	In scope	Passenger transport services and their booking/ticketing sites and apps are named categories.
Telecom, e-books, audiovisual media access	In scope	Named service categories in the directive — covered regardless of the e-commerce test.
Agency building/managing B2C client sites	In scope via clients	Your own site may be out, but the in-scope flows you ship for clients are your delivery risk. (See our agency pricing guide.)
B2B wholesaler / manufacturer (catalogue, no public checkout)	Out of scope	No consumer contract concluded online. Stays out — until you bolt a public consumer shop onto the same domain.
B2B SaaS, sales-led (demo → contract → onboarding)	Out of scope	No consumer e-commerce flow. Grey only if self-serve checkout lets individuals contract. (Full SaaS guide linked below.)
Brochure site (lawyer, plumber, consultancy, local trade)	Out of scope	Information + contact form is not a consumer contract. The contract happens offline. Out as an e-commerce service.

This is a scope map for the most common e-commerce service question. Named sector categories (banking, transport, telecom, e-books, audiovisual) are covered on their own terms even without an online checkout. National anti-discrimination law can apply more broadly than the EAA — covered at the end.

Why hotels are more exposed than they think

If there is one sector that systematically underestimates its EAA exposure, it is hospitality. The mental model is "we are a building, not an app." The law does not see it that way.

The moment a hotel runs a direct booking engine — a calendar, a rate, a card field, a "Confirm booking" button — it is providing an e-commerce service to consumers. EU guidance explicitly lists booking accommodation, flights, rental cars, and excursions as e-commerce services within scope. The hotel's physical nature is irrelevant; the online booking flow is the regulated service.

Three things hoteliers routinely miss:

1. "But we get our bookings through Booking.com / Expedia." The intermediary platform is itself an in-scope e-commerce service — and it will push accessibility obligations down its supplier chain. But more importantly, your own direct booking engine (the one you push hard to avoid OTA commissions) is your own e-commerce service, on your own legal hook. You cannot outsource your way out of your own checkout.

2. The booking engine is usually a third-party widget. SiteMinder, Cloudbeds, Mews, Little Hotelier, a Channel Manager iframe — these embedded widgets are where the accessibility failures concentrate: unlabelled date pickers, card-input iframes with no accessible name, calendars that cannot be operated by keyboard, error states screen readers never announce. The hotel's marketing pages can be flawless while the one flow that takes money is unusable for a blind guest. That is precisely the surface regulators and complainants care about.

3. Self-service kiosks and payment terminals are also in scope. The EAA covers products too, not only websites. Check-in kiosks and card payment terminals you deploy in the lobby carry their own accessibility requirements — and unlike services, the microenterprise exemption does not cover products.

The same logic applies to restaurants the day they add online ordering, to clinics the day they take paid online appointments, and to gyms the day they let someone join online. Hospitality and local services tend to think of themselves as "offline businesses with a website." The EAA reads the website.

For the technical breakdown of what actually fails in these flows, see our checkout-first ecommerce guide — every failure mode there applies to a hotel booking engine too.

The B2B "we're safe" trap

The flip side is just as important, and most vendors will not tell you this part because it shrinks their addressable market: most pure B2B businesses are genuinely out of EAA scope. A wholesaler whose site is a gated catalogue, a manufacturer with a spec-sheet site, a sales-led B2B SaaS — none of these concludes a consumer contract online. The "consumer" in the definition is doing real work.

But "B2B" on your homepage is not a force field. These are the backdoors that pull a nominally B2B site into scope:

A public consumer shop on the same domain. Plenty of "B2B" manufacturers also sell spare parts or accessories to the public online. That public checkout is an e-commerce service to consumers — full stop. The B2B framing of the rest of the site does not shield it.
Self-serve checkout open to individuals. If a freelancer, sole trader, or private person can enter a card and start a paid plan with no salesperson, you are likely providing a consumer e-commerce service for that flow. (We unpack this thoroughly in the B2B SaaS scope guide.)
B2B2C / embedded flows. If you are the booking engine, payment UI, or media player inside someone else's consumer service, the end-consumer interaction is the trigger, and your B2B contract with the operator does not remove it.
A note on careers pages: recruitment pages target natural persons, and several advisers flag them as accessibility-relevant — but that is via employment and national anti-discrimination law, not the EAA's e-commerce category. Do not let a vendor use your jobs page to claim your B2B catalogue is "EAA-covered." Different law, different mechanism.

If none of those backdoors apply, you can take the honest answer: you are out of EAA scope, and you should not buy a compliance project you do not owe. (Accessibility may still be worth doing for procurement, reach, and national law — but that is a commercial decision, not a legal obligation.)

The microenterprise exemption — who actually gets off

There is one genuine off-ramp for in-scope services: the microenterprise exemption. A service provider is exempt from the EAA's service obligations if it has:

fewer than 10 employees, AND
annual turnover (or balance sheet total) of €2 million or less.

Both conditions, simultaneously. This is where small hotels and shops get it wrong. A boutique hotel with 6 staff but €2.4M in annual room revenue is not a microenterprise — the turnover threshold alone removes the exemption. A 12-person agency is out of the exemption on headcount regardless of revenue. The exemption is narrower than "we're small."

Four more traps:

It only applies to services, not products. If you sell or deploy a covered product (a payment terminal, a kiosk, an e-reader), the exemption does not help you there.
No grace period. The moment you cross either threshold, the exemption vanishes — there is no transition runway.
It does not apply to businesses outside the EU serving the EU market in the way EU micro-providers benefit; non-EU sellers into the EU should assume scope.
You still have to document it. "We believed we were exempt" is a much stronger position with headcount and turnover figures written down at the time than reconstructed after a complaint.

The 2030 "grace period" is a trap if you're shipping changes

The single most dangerous assumption in EAA planning: "existing services have until June 2030, so I have years."

Here is the actual rule. The June 2030 transition applies to services that were already operating before 28 June 2025 and remain substantially unchanged. Two things break that:

New services must comply immediately. Anything launched after 28 June 2025 has no transition period.
A substantial change resets the clock. A checkout replatform, a new booking engine, a full site redesign, a migration to a new CMS — these are the kind of changes that can make an "existing" service a new one for compliance purposes.

In other words: the businesses most likely to lean on "we have until 2030" — growing shops, hotels switching booking providers, brands doing a rebrand — are exactly the ones whose next big release pulls the deadline forward to launch day. If a redesign is on your roadmap, treat your launch date as your compliance date.

And the enforcement is not hypothetical. Since 28 June 2025 the directive has had teeth across all 27 member states, with penalty ceilings ranging from a few thousand euros in smaller states to over €1,000,000 in Spain and Sweden. France filed the first EAA lawsuits in November 2025 — against Auchan, Carrefour, E.Leclerc, and Picard — and every one of them was about a checkout, not a homepage.

For the full country-by-country breakdown, see our EAA fines guide and the 2026 fines explainer.

What to actually do next

Three honest steps, in order:

Run the one-question test. Can a consumer conclude a contract on your site at a distance? Map every transactional flow you have — checkout, booking, signup, deposit, voucher. Those are your in-scope surfaces. If you have none and you are pure B2B/brochure, you can likely stop here.
Check the microenterprise math honestly. Under 10 staff AND under €2M turnover? You may be exempt for services — write down the figures. Over either line, or selling a covered product, assume scope.
Scan the flows that actually count. Point an automated WCAG 2.1 AA scan at your booking engine or checkout — not just your homepage. That is where complaints land. Then keyboard-test it and screen-reader-test it, because the worst failures (focus traps, unannounced errors, dead date pickers) are the ones automation only partly catches.

The goal is not to scare every business equally. It is to be precise: in-scope businesses should fix their transactional flows now, and out-of-scope businesses should stop paying for obligations they do not have.

Find out where your real risk is

Webply runs a free WCAG 2.1 AA scan you can point at the flows the EAA actually covers — your checkout, booking engine, or signup — ranked by legal risk per country, with developer-ready fixes. No credit card.

Run a free scan

Is my B2B SaaS in scope?

A note on national anti-discrimination law

One honest caveat so this map is not misread. The EAA is not the only accessibility law in the EU. National anti-discrimination frameworks — the BGG and AGG in Germany, the BGStG in Austria, the loi du 11 février 2005 in France — apply on broader civil-rights grounds and are not limited to the EAA's service categories. Being out of EAA scope does not mean zero accessibility exposure; it means the EAA's specific enforcement machinery (accessibility statements, conformance deadlines, regulator complaints, Abmahnungen) does not directly bite. The bar for a discrimination claim is higher than for technical non-conformance, but it is not zero. When in doubt, get a written legal read for your jurisdiction.

Sources and further reading

European Parliament & Council — Directive (EU) 2019/882 (European Accessibility Act), Article 3(30) e-commerce service definition and Annex I/III service categories.
Bird & Bird — "Time to check-out: the EAA and its impact on travel, hospitality and leisure" (2025).
HFTP / HospitalityNet — "The European Accessibility Act: What Hoteliers Need to Know."
Business.gov.nl — Rules for accessibility of products and services (EAA) — e-commerce service guidance.
French enforcement actions, November 2025: Auchan, Carrefour, E.Leclerc, Picard — see our EAA fines breakdown.
EN 301 549 V3.2.1 — the harmonised EU standard that operationalises EAA requirements.

This article is for general information and reflects our reading of the EAA and national guidance as of June 2026. It is not legal advice. Scope determinations turn on the specific facts of your business and your member state — consult a qualified lawyer for a binding answer.

Legal Compliance

EAA Scope

Who must comply

Hospitality