Website Policies

Most businesses have websites. While the online movement is not a new phenomenon, many businesses are increasingly relying on their websites as a convenient tool to market, interact with current or potential customers, and transact business. However, as businesses continue to integrate into the online realm, it is imperative businesses monitor their websites to ensure compliance with the evolving legal landscape.

Which website policies a company should implement for its website is dependent on several factors, including the company’s industry, geographical location, offerings on its website, and the types of data it collects. However, as a general rule, companies should implement a Terms of Use and a Privacy Policy.

Graphic of Website Server

Terms of Use

Although not required by law, Terms of Use (also referred to as Terms and Conditions or Terms of Service) are highly recommended. Terms of Use set forth the rules and guidelines for the use of a business’s website and create a legally binding contract between a business and the end users. Visitors of the website must agree to the Terms of Use to use the website. And, like any contract, Terms of Use can reduce liability by dictating the manner in which people may use the website, the warranties or promises it might give rise to, and the manner in which disputes may be remedied.

Terms of Use typically cover items such as: (i) user rights and responsibilities; (ii) proper or expected usage of the website and potential misuse; (iii) accountability for online actions, behavior, and conduct; (iv) a privacy policy outlining the use of personal data; (v) payment details such as membership or subscription fees; (vi) an opt-out policy describing a procedure for account termination; (vii) disclaimer and limitation of liability provisions clarifying the website’s legal liability for damages incurred by users; and (viii) a procedure for user notification upon modification of terms.

Privacy Policy

If a business collects or uses any personal information from the users of its website, it must have a Privacy Policy in place. Personal information includes data such as customer names, email addresses, birthdays, credit card information, mailing addresses, and phone numbers. Various state and federal laws regulate what must be disclosed in a Privacy Policy depending on the type of business conducted through the website and the type of information collected. For example, certain industries such as education, healthcare, and financial services have more stringent privacy requirements. Certain states, such as California, provide end users a “right to know” and a “right to request deletion”, where end users can contact a company to request a copy of all data collected and/or request the company delete any personal information collected.

In general, a Privacy Policy should include:

  • The specific type of personal information the company collects;
  • How the company collects the personal information;
  • Whether the company shares the collected personal information and, if so, to whom the personal information is disclosed; and
  • How the company manages and protects the personal information it collects.

When developing a new Privacy Policy or updating an existing policy, a company should begin by identifying how the company collects and uses personal information and what type of personal information is collected. The Privacy Policy must accurately reflect the company’s actual practices – in other words, “say what you do, and do what you say.”

Because of the evolving legal issues involved, we recommend companies review their website policies every 12 months to ensure compliance. If you have questions about your company’s website or are in the process of creating a new website, please contact the author or a member of Barrett McNagny’s business practice group

Barrett McNagny LLP

Legal Disclaimer

The information contained in the Barrett McNagny LLP website is for informational purposes only and should not be considered legal advice on any subject matter. Furthermore, the information contained on our website may not reflect the most current legal developments. You should not act upon this information without consulting legal counsel.

Your transmission and receipt of information on the Barrett McNagny LLP website, or sending an e-mail to one of our attorneys or staff, will not create an attorney-client relationship between you and Barrett McNagny LLP. If you need legal advice and want to establish an attorney-client relationship with Barrett McNagny LLP, please contact one of our attorneys by telephone, email, or other means of communication, and allow the attorney to confirm that the firm does not represent other persons or entities involved in the matter and that the firm is willing to accept representation. Until such confirmation is provided by one of our attorneys, you should not transmit information to us that you consider confidential. If you do provide information to us, and no attorney-client relationship is established, the information will not be considered confidential or privileged, and our receipt of such information will not preclude us from representing another client in a matter adverse to you.

Any links to other websites are not intended to be referrals or endorsements of those sites.

Privacy Policy

Terms of Use

ADA Compliance

Transparency Cover Rule: Machine-Readable Files

Contact Us
My name is
and I am a(n)
seeking legal counsel in the area of 
me at
as soon as you can.

Thank you for contacting us!

A representative will be in touch with you shortly.

An attorney-client relationship will NOT be formed merely by sending an email to Barrett McNagny, LLP or to any of its attorneys. Please do not send any information specific to your legal needs until you obtain approval from a Barrett McNagny, LLP attorney, as the content of such email will not be considered confidential or privileged. By sending us an email, you confirm your understanding of this notification. If you agree, you may use the e-mail links on this page to contact an attorney.