Website Terms of Use and Privacy Policy Pages

So, you have a nice new website. The architecture is edgy-cool. The images are high def and very professional. The content you’ve written pops off the page. You’re ready for visitors. 


Whether you are a B2C or B2C, you will be interacting with “users”. They’re going to be using your website, clicking on its beautiful new pages, images and links. They may be filling out contact or comment forms, copying or linking to your content, or downloading and sharing it on the internet, providing payment or other sensitive information, and in some cases subscribing to and using your services directly. 

Maybe your website uses cookies or beacons to track your users’ activity or embedded code that provides you with user analytics. You may be collecting and saving some or all of this user data, processing or analyzing it, using it for internal purposes or even sharing it with other businesses.  

All of this activity means you really need to have a written Privacy Policy, and probably also other Terms of Use (sometimes called “TOUs”). These two documents essentially are a contract that your users must agree to as a condition of using your website or services:

A Privacy Policy puts your users on notice to what personally-identifying and non-identifying data you are collecting from them. It tells how you are using it, with whom you may be sharing it, what security measures you take and the limitations of those measures, and how the user can take steps to opt-in or opt-out from this collection or to request that you modify or delete their own data.  

Terms of Use establish the rules they must agree to as a condition for using your website or services. These terms may define the scope of license you are granting to the user, set access and security requirements, restrict the content they can post or share to or copy from your website. They establish the terms of pricing or payment, define the parameters of your intellectual property rights, and create limitations on your liability arising from their use of the website or services. Sometimes the TOUs create terms for dispute resolution in the event one of your users sues you.

Depending on the jurisdictions your company operates in or the audience you target to, your Privacy Policy may need to be compliant with specific state laws that are developing in real time.

For example, if your services may reach California residents, California’s Online Privacy Protection Act (CalOPPA) would provide a baseline for most B2C and B2B applications. The recently active Consumer Privacy Act (CPPA) adds more requirements for companies that fit additional commerce or user data requirements. Regardless of whether you currently have California users, you may consider a form of  policy compliant with these laws as a “best practices” around which other states’ laws may evolve.

The Federal Children’s Online Privacy Protection Act (COPPA) has additional requirements you must meet. 

If your website or services are targeting or reaching users outside the U.S. you may need to tailor your policies. European General Data Protection Regulation (GDPR) or Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) are examples.

Many third-party services used to enhance your website’s performance such as analytics tools (like Google Analytics), advertising plug-ins (like Ad Inserter) or and payment processing tools (like PayPal) may require you to have a Privacy Policy or be compliant with theirs.

At a minimum, and in simple writing, your Privacy Policy should:

  • Identify who you are and how to contact you;
  • Detail exactly what types of personal and non-personal data you collect;
  • Disclose why you collect the data;
  • Discuss how you use the data;
  • State how you share the data with third parties; and
  • Explain the user’s rights—how they can opt-in or opt-out of having their data collected, request changes to the information you’ve stored, or request that their data be deleted

Again, some laws may require more than this.

Importantly, the Privacy Policy and TOUs need to be tailored to fit your business and not the other way around. For all of these reasons, you should not simply attempt to grab someone else’s contract templates and use them as your own. 

You should consult an attorney experienced in creating these documents, and who can help you to write and implement contracts that fit your business needs and the legal requirements that apply to your business.  

Then you should post them prominently to your new website. With handsome new links.

Written by guest author Scott Gingold, Owner and Principal Attorney, Gingold Legal.

Let's work together

Is your brand ready to level up?

Quick links
Get in touch


Evanston, IL 60201

Stay in the know

Join our "soon-as-we-get-to-it" newsletter, which you can count by the seasons.

©2008 - 2024 Glantz Design, Inc. All rights reserved.