In the 21 Questions series, I will be pulling back the curtain on a wide range of legal services. This series is intended to educate and inform about how lawyers approach various tasks, and what you should look for when addressing different legal situations.
Terms & Conditions (T&C) and Privacy Policies are essential for websites, apps and businesses that collect user information or sell goods/services. In Ontario, the Consumer Protection Act (CPA) sets many rules for buying and selling online. Because of this Act, most business websites will need a T&C to make sure their customer policies are clear. Across Canada, we have the Personal Information Protection and Electronic Documents Act (PIPEDA) which lays out the laws for online data collection. If a website asks for information such as your name or email address, that site will need a Privacy Policy.
When drafting a Terms & Conditions and Privacy Policy, there are many things to think about. A well-written T&C will include all the proper clauses to ensure compliance with the CPA and PIPEDA. This includes a cancellation policy, disclosures regarding information collection, and more. However, the best T&C will also explain how the website works, what users can expect, and what to do in case of a problem. A good Privacy Policy covers legalities, such as appointing a privacy officer, but also clarifies for users how and why their information is stored. The T&C and Privacy Policy aren’t just legal requirements, they’re a major part of the customer experience. So without further ado, here are 21 questions I look to answer in a Terms & Condition and Privacy Policy:
- What is the business product/service? How is the product/service described or presented to potential customers? How is the product/service provided to customers?
- Who are the customers of the business? How do they purchase the product/service?
- Where are the products/services available?
- How do users interact with the website? Are users required to create private accounts?
- How are payments collected by the business?
- What happens if a customer wants a refund? What if a customer wants to cancel a payment?
- Is the use of third party services on the website fully explained to customers?
- What are the liability risks and limitations for the business? Are these fully explained to customers?
- What intellectual property does the business provide for customer access/use/download?
- Where (in what province) should a dispute between the business and a customer be addressed?
- What customer information does the website collect? Who provides that information? Do they need consent/permission to provide that information?
- How is customer information stored and for how long does the business keep this information?
- Can customers contact the business’ Privacy Officer in case of a privacy-related concern?
So it turns out there are exactly 21 questions! These are undoubtedly main points of consideration when drafting or reviewing a Terms & Conditions. The ideal T&C will include an answer to every single one of these questions. My goal is to make sure those answers (aka clauses) follow correct legal jargon and provide useful information to website visitors. And there you have it!