Skip to main content

The Terms of Use Agreement (“TOU”) and the Privacy Policy found on most websites govern the relationship between the website operator and all of its customers.  Although it may be tempting to copy and use online agreements posted on other websites to avoid the time and cost required to define your own agreement, this approach can be risky.  Your online agreements will define the legal relationship between your company and all of your online customers for years to come.  The failure to include a key provision, or the breach of a term that you may not have even realised was a part of these agreements, can create substantial liability since it will affect every customer.

Is a Privacy Policy required by law?

Yes and no. There is no UK law that requires a company to post a Privacy Policy per se. But (and it’s a pretty big “but”) companies who hold or control information by which an individual could be identified (known as “personal data”) are required by law to:

  • provide the identity of the entity controlling any personal data and any representative they might have;
  • explain to their users how the personal data collected via the website is used; and
  • provide other specific information such as how long the information will be kept and what rights the users have.

Complying with these requirements is most simply done in the form of Privacy Policy. It also allows companies the opportunity to show their users (and any regulatory bodies) the steps they take to ensure that their use or “processing” of personal data is fair and lawful.

Online Agreements Are the Contract

Each decision about your online agreements is important because it will affect every one of your users.  The simplest way to think of your online agreements is that they will form your legal agreement with every user on your site.

Having a tailored and considered TOU allows a company to define and shape the key contractual terms of the agreements between the company and its users, including fundamental terms such as:

  • specifying how services or products are provided and any conditions attaching to their use;
  • avoiding confusion and disputes around what is (and what is not) being provided to users;
  • the scope of the company’s liability to its users;
  • retention of company-owned intellectual property and the scope of any licenses granted to users;
  • ownership of user-uploaded content (users can agree to assign rights in content they upload to the company); and
  • any payment terms.

Selling Via a Website?

If a sale is conducted via a website, EU law imposes specific obligations on companies. The aim of these rules is to make online transactions as close as possible to a face-to-face transaction. The scope of these obligations can be very broad but it is important that a company communicates to its users:

  • its corporate identification and contact details;
  • delivery and returns arrangements;
  • VAT information; and
  • cancellation rights –importantly customers have a right to cancel a contract (i.e., return goods) within 14 days and, unless specified otherwise in the TOU, the company is liable for paying the customers costs of returning goods

These online-specific requirements should be considered in conjunction with all other applicable laws and implied terms that would apply to an agreement between a company and a consumer.

Forming a Strong Online Agreement with Your Users

It may seem like a good idea to use an online agreement that your users are not required to take any action to accept (often referred to as a “browsewrap” agreement). However, although this point hasn’t been considered by the courts in England, browsewrap agreements are much less likely to be enforceable than online “clickwrap” agreements that require users to click an “I accept” button.

Indeed, a user clicking “I accept” is also preferable to the commonly seen “I have read and understood…” wording. This is because the latter could be seen to be an encouragement to make an untrue statement as the button can be clicked without a user having actually read the terms.

The simple principle is that for an agreement to be enforceable against a user there needs to be evidence that the user has accepted its terms. Clearly, a balance needs to be struck between contractual rigour and a user-friendly website experience, but more evidence of active acceptance of an agreement = great likelihood of enforceability.

Generate Terms of Use and Privacy Policy with Cooley GO Docs

Use our Terms of Use generator to familiarise yourself with key provisions and to get started on building the agreements you need for your company.

Last reviewed: September 15, 2015
Part of the Forming a company in the UK collection
Related articles