The 411 on blog terms of service and privacy policies

Having an online presence is critical to the success of your business, but like most everything else, requires some legal oversight to ensure you’re walking on the right side of the law.

We’re going to go over terms of use and privacy policy template structures to either use as a checklist against your current one or to take with you to an attorney to draft new documents.

Terms of Use

The terms of use (TOU) for a site govern the relationship between the site user and the site owner.  Having a TOU is a legal requirement according to certain laws, as we will see through the provisions.  Here is an overall list of provisions to include in the site TOU.


The first, and maybe most important, element of a TOU should advise the site user that there are no express or implied warranties made to any services or goods offered on the site.  Paired with this, the language should release the site owner from damages (compensatory, incidental, exemplary, etc.).

Purpose and Function of Site

A photography site is pretty straightforward in self-explaining the purpose but the TOU acts to clear up any confusion and set forth what the site owner intends to do with the site.

Secured Access & Payment Terms

If the site includes a secure portal or portion of website to purchase photography goods or services (including submission of a retainer to reserve the session), the TOU need to be presented and demonstrated that the user accepts the TOU by clicking agree or another action as outlined.

Proprietary Rights & Usage

Next, the TOU should outline the proprietary rights, such as copyrightable information and images on the site, including company’s brand names, etc. and what can be done with the copyrightable materials.

User Site Submissions & DMCA

If your visitors are submitting content to the site and/or this information is passed on to third parties (such as employees, independent contractors, labs, etc.), then the TOU should outline what will be done with the information.  This is an important provision because the DMCA (Digital Millennium Copyright Act) requires the site owner identify an agent who acts as point of contact to receive complaints of copyright infringement, and this designation is included in the TOU.

Age of Use

The TOU should limit the use of the Site to children at least thirteen years of age and older. Under the Children’s Online Privacy Protection Act, a web site cannot collect user information from users under the age of 13, and this age limit, or a higher age limit, should be set forth as a prerequisite for use of the site.

Identify Site Owner

Your business and contact information should be published and identified as the Site Owner.  Identification of this information also helps to increase user/buyer confidence in your site, products, and services when they have access to you. It is recommended to list an actual email or physical address for contact, not just refer them to the contact form on the site.

Governing Law and Dispute Resolution

Just like your contract identifying what state governs law and dispute resolution preferred methods, the TOU can outline this information as well.

Privacy Policy

Having an online web presence requires that we protect our site visitor data and let our clients know what will be done with their information.

Privacy policies are often seen on opt-in forms, contact forms, and/or footer of websites.  This policy is a statement that discloses some or all of the ways that your site will be using, disclosing, and/or managing a customer’s/client’s data.

While there is no federal legal requirement (check your state!) for a privacy policy, we have a legal duty to take steps to properly secure or dispose of client data appropriately.  Terms of Use and Privacy Policies are typically in one document on the site, but we are breaking them out to give each their due diligence of examination.

How to create your own

It is never recommended to craft your own legal documents but always write out the information you want to include in the document before taking for official drafting.  Sit back and think about the functions your website currently has – newsletter email capture, gallery sales, etc.

See also: Website Bundle (GDPR Compliant)–has both a Privacy Policy template and a Terms of Use template.

What to include in your Privacy Policy

Here is a list of general information that you may need to include in your privacy policy:

  • What information is collected (internet traffic data, cookies)
  • Testimonials on site (See the disclosure of testimonials section below)
  • Information collection, use, and sharing
  • Access to information
  • Security
  • Registration
  • Site Cookie Policy
  • Orders – what happens when placed
  • Survey and Contests regulations

Note: Privacy laws vary depending on where you live in the world.  The European Union (EU) has adopted a Data Protection Directive that is an extremely restrictive directive limiting how sites may collect and use personal data.  There is also an accompanying directive that requires a user consent before a site can utilize cookies.

This is where the identification of law that governs is required in the Terms of Use and/or Privacy Policy of the site.  For sites that are primarily for US utilization, the TOU or PP need to identify that US law governs.  If this is not identified or your site is not aimed at the United States, it may be subject to the directives mentioned above.

For a Privacy Policy and Terms of Use that is GDPR compliant, grab the Website Bundle. This lawyer-created, entrepreneur-approved bundle will help get your website set up and running legally!

The 411 on blog terms of service and privacy policies

Similar Posts

Leave a Reply