What-policies-does-your-website-need (1)
  • 3 Legal Policies You Need on Your Website, Explained.

This blog explains three legal policies you need on your website, what each policy means in down-to-earth terms, and what each policy should include.

Just like businesses are governed by laws, so are websites. And these legal requirements are crucial — to protect your company and your customers. What policies do you need on your website to stay in compliance, and what should each policy include? In this blog, we’ll delve into three biggies: data privacy, cookies, and terms of service.

Do You Need a Privacy Policy on Your Website?

The short answer — yes. Private data, like your birthdate, social security number, address, etc., are everywhere on the internet — from your e-commerce purchases to your medical lab results to your logins and passwords and beyond. A privacy policy states how your website collects, uses, and protects this private data. Not only is it essential to clearly communicate to your customers that your business is trustworthy and takes personal information seriously, but it’s also the law. The GDPR, the European Union’s General Data Protection Regulation, has been in place since 2018, setting the EU’s standard for consumer data privacy. In the US, California, Colorado, Connecticut, Utah, and Virginia have recently enacted consumer data privacy laws, and more states are expected to follow suit. As privacy laws continue to evolve, your privacy policy will need to as well.

The rule of thumb for a website privacy policy: the more clear and straightforward, the better.

What Should You Include In Your Privacy Policy?

The more clear and straightforward your website privacy policy is, the better. However, keep in mind that clear and straightforward does not mean brief. A lot of information needs to be included in a privacy policy.

  • A list and description of collected data
  • Where you find collected data
  • Why you collect it
  • How it is collected
  • Who else can see the collected data
  • If the collected data will be shared or sold
  • The rights that users have over their data
  • How users can use those rights
  • Your contact information

Do You Need a Cookies Policy on Your website?

Again— yes, you do. Cookies are tiny pieces of data that remember visitors to your website. Privacy laws require that if your website uses cookies to collect data from your site users, you must have a cookie policy that discloses what information you collect and what you do with this information.

What Should You Include In Your Cookie Policy?

If your site already has a posted privacy policy, you don’t need a separate page that includes your cookie policy. Instead, you can simply add a cookie section to your existing privacy policy page. As an example, here’s Tuna Traffic’s privacy policy. You can see that we have included our cookie policy within our privacy policy. And we included Tuna Traffic and third parties, such as Google Analytics, who use cookies.

  • Disclose that your website collects and stores cookies
  • Why you, or a third party, collect cookies
  • The types of cookies you collect
  • How you collect cookies (sign-ups, forms, etc.)
  • How you use cookies
  • How users can manage cookies on their devices.

Your website should also include a cookie consent that grants website visitors control over how cookies are managed on their devices by letting them choose if they want to allow, deny, or customize cookies. For example, our cookie consent appears on the bottom of the Tuna Traffic home page.

Tuna Traffic - Cookie Policy

Do You Need a Terms of Service Agreement on Your Website?

Unlike privacy laws, no law requires you to have a Terms of Service Agreement (ToS) on a website. However, it’s a sound business practice. Why? Because a ToS is a legally binding document that explains the relationship between you and your customers — what you’ll offer customers and what your business can expect in return. And, by having a published Terms of Service Agreement, you establish clear rules of how customers can use and behave on your website, meaning there is less chance of a dispute. Plus, a ToS allows you to delete a customer’s account if they break your rules and gives you a legal leg-up if a trademark or copyright issue ever surfaces.

What Should You Include In Your Terms of Service Agreement?

Keeping your website and business safe and secure is priority one in a Terms of Service Agreement. While the list below is all-encompassing, it includes many of the basics to consider.

  • Effective Date
  • Acceptance of Terms
  • Use of Services
  • Appropriate Conduct
  • Proprietary Rights
  • Intellectual Property
  • Termination
  • Indemnity
  • General Disclaimer and Warranty
  • Limitation of Liability
  • Whole Agreement

So, Now What Do You Do?

We suggest assessing your current privacy policy, cookie policy, and ToS. Are these policies on your website? Are they straightforward and easy to understand? Are they visible and easy to find? While we’re not lawyers and aren’t equipped to give you legal advice, we are experts at designing and developing legally compliant websites. We can help.

Creating a compliant website is one click away.

Let's Chat.

Contact Us Short


Lori lives by the mantra, “It’s not what you say; it’s how you say it.” As Director of Content and Client Strategy, Lori is the wordsmithing wind beneath many of our clients’ wings. Known for capturing our clients’ brand voices with compelling clarity and consistency, she also is a frequent Tuna blog contributor. Her work includes The 4 Realities of Post-COVID Marketing (And What Your Business Needs To Do About It), and 9 Tuna Traffic Truisms. When not perusing a thesaurus, Lori can be found adding more zing to her arrabbiata sauce or searching for an easier way to pill a cat.