legals and privacy

Important information to include in your Website Legals & Privacy Policy

Following on from Shalini Nandan’s recent post about the importance of having website legals, here are a number of aspects you will need to consider about your website and online presence to include in your website legals.

Website legals are important for any business operating in the online space because they can:

  • affect and provide guidelines as to how people do business with you
  • limit liability
  • apply to your jurisdiction
  • protect you and your assets

Plus, Google reportedly favours websites with a privacy policy (as well as cookie acceptance).

Your website legals will include pages or documents on your site referring to your website Privacy Policy, Terms of Use, Disclaimer and Terms of Sale (if you are selling anything through your website).

Things to consider including in your website legals


Make it clear to any website visitor the name or names of the person/s and company/ies that the website represents or that the visitor is engaging with and providing information to.

Include details of:

  • who operates the site,
  • how often the website is updated,
  • the location of business operations,
  • contact details for the business.

Something to consider including is the Privacy Act and any other applicable laws of your local jurisdiction.


Is your website is hosted on a Shared Hosting account?

Most small-medium websites are. Shared Hosting is a cost effective way to get your website and emails online and active, however protection and safety of client information may be at risk as you are sharing server space and IP with several other unknown parties.

Are you hosting your website on international servers?

Crisp Copy Class 1

Some customers may not appreciate that their private or personally identifiable contact information is being transmitted to or stored on an international server. Simply make note of this in your website policies so that customers can make the choice whether to continue to engage with your website.


Are you using an open source CMS such as WordPress, Joomla or Magneto?
Are you also using associated open source plugins? 

Using free CMS and plugins can put your website in harms way more often than you think.

It’s very easy and quite common for spammers and hackers to send out a catch-all type code injection for websites using open source CMS or plugins. These attacks can range from mildly annoying to business destroying – and these are just the generic blanket attacks…

If you are using open source software for your business, ensure you have installed and configured your website, databases and associated plugins as securely as possible, install relevant website protection, and make it known in your Terms of Use the ways in which you are ensuring that your website and customer data is stored and protected – for example: A Firewall, Spam Blocks etc.


If you have installed, or are using, Google Analytics tracking, visitor insight tracking, social media remarketing tracking or any other form of tracking that enables you to see information about a visitor to your site then make this clear in your website legals that tracking is active on the website, how you use the information gathered, and who has access and uses the data.

Related Article:  Top 10 DIY SEO Tips

Some companies also include a link to information about how customer’s can protect their IP or switch off cookies.

Integrated advertising such as running Google Adwords and affiliate marketing on your website may also include tracking codes and customer insights to some level. Let customers know that there are third party advertising links, images and advertising on your website and that once your website visitor leaves your website via one of these channels your business is not responsible for the privacy and use of customer data on the third-party website.


Terms of Use may include details of the recommended appropriate age of website users, that opinions expressed by guest bloggers may not represent your business, and any applicable disclaimers about the advice or services provided by you or your business.

Inform visitors that blog posts and pages within your site may include external links and that once a visitor clicks through to another website different privacy and use terms will apply.


Any forms submitted by a customer on your website will have personal data transmitted from the user to your server and then to your business. Usually a copy of this transmission is also stored in your website database.

Lots of form plugins for WordPress, for example, send the business the form submission but also save a copy in the database on the server and keep a copy which is accessible via the back-end of the website. This means that a private customer email to your business could be seen by anyone who accesses your website or has access to your hosting account. Make it clear in your website privacy policy where any form data is stored, how long it is stored for, who sees it, who uses it, and how the information is used.

Opt-in forms and surveys are so popular these days so if you have one (or many) active on your website include details of where information is sent and stored, who may have access to the data, how the data is used and any customer protection in place your privacy policy. Include information about which data may be sent from your opt-in forms to external providers and how that information is used.

A must for any website policy is the details of your spam policy. A spam policy outlines how you and your company use customer contact information, whether the information is shared or sold with third parties, and how and where customer information is stored.


Your content, ideas and imagery need to be protected. Include in your website legals any guidance to your website visitors any applicable terms of attribution, use, broadcast, sharing and copying.


If you are operating an online store, include information in your website legals about storage, protection and use of any e-commerce transaction data including customer preferences, wish-lists, product/page views, and any data that may be cached or submitted in the cart before a payment is processed.

E-commerce functionality requires information about your Terms of Sale such as refund and returns policies. You may also want to include information about the currency accepted, applicable taxes and payment processors used on the website.

Related Article:  Is SEO Worth The Investment For Small Businesses?

Customers also want to know if their information is secure, private and encrypted during processing of payment. Remember that using PayPal, for example, stores customer data on your website, sends multiple emails, and stores sale data off-site in PayPal.


Every business’ website legals will be different as each business operates differently.

Your website legals are a great place to set your customers mind at ease, and explain how customers can engage with your business. The best way to get started with website legals is to completely understand your customer journey and operation of your tech inclusions.

Crisp Copywriting Class

Add a Comment

Your email address will not be published. Required fields are marked *