21 Questions: Terms & Conditions and Privacy Policy

In the 21 Questions series, I will be pulling back the curtain on a wide range of legal services. This series is intended to educate and inform about how lawyers approach various tasks, and what you should look for when addressing different legal situations.

Terms & Conditions and Privacy Policies are essential for websites that collect user information or sell goods/services. In Ontario, the Consumer Protection Act (CPA) sets many rules for buying and selling online. Because of this Act, most business websites will need a T&C to make sure their customer policies are clear. Across Canada, we have the Personal Information Protection and Electronic Documents Act (PIPEDA) which lays out the laws for online data collection. If a website asks for information such as your name or email address, that site will need a Privacy Policy.

When drafting a Terms & Conditions and Privacy Policy, there are many things to think about. A well-written T&C will include all the proper clauses to ensure compliance with the CPA and PIPEDA. This includes a cancellation policy, disclosures regarding information collection, and more. However, the best Terms & Conditions will also explain how the website works, what users can expect, and what to do in case of a problem. A good Privacy Policy covers legalities, such as appointing a privacy officer, but also clarifies for users how and why their information is stored. The Terms and Conditions and Privacy Policy aren't just legal requirements, they're a major part of the customer experience. So without further ado, here are 21 questions I look to answer in a Terms & Condition and Privacy Policy:

    • What is the business product/service? How is the product/service described or presented to potential customers? How is the product/service provided to customers?
    • Who are the customers of the business? How do they purchase the product/service?
    • Where are the products/services available?
    • How do users interact with the website? Are users required to create private accounts?
    • How are payments collected by the business?
    • What happens if a customer wants a refund? What if a customer wants to cancel a payment?
    • Is the use of third party services on the website fully explained to customers?
    • What are the liability risks and limitations for the business? Are these fully explained to customers?
    • What intellectual property does the business provide for customer access/use/download?
    • Where (in what province) should a dispute between the business and a customer be addressed?
    • What customer information does the website collect? Who provides that information? Do they need consent/permission to provide that information?
    • How is customer information stored and for how long does the business keep this information?
    • Can customers contact the business’ Privacy Officer in case of a privacy-related concern?

So it turns out there are actually far more than 21 questions! But these are certainly some main points of consideration when drafting or reviewing a Terms & Conditions. The ideal T&C will include an answer to every single one of these questions. My goal is to make sure those answers (aka clauses) follow correct legal jargon and provide useful information to website visitors. And there you have it!

-Samuel Michael


Back to the Blog


Disclaimer: This article, along with all material provided on this site, is for information purposes only. These materials constitute general information relating to areas of law familiar to our firm lawyers. They do NOT constitute legal advice or other professional advice and you may not rely on the contents of this website as such. The contents of the website do not necessarily represent the opinions of SM Legal or its clients. If you require legal advice, you should retain competent legal counsel to advise you. If you would like to retain SM Legal, please contact us and we will be pleased to discuss whether our firm can assist you. A solicitor-client relationship will arise between you and our firm only if we specifically agree to act for you. Until we specifically agree to act for you on a matter, you should not provide us with any confidential information or material.