COMMON WEBSITE LEGALESE: USER AGREEMENTS, PRIVACY POLICIES AND DISCLAIMERS
A statement that the User Agreement is a binding contract and that users agree to the contract by using the website.
Notice that the User Agreement may be changed.
Prohibited uses of the website.
Intellectual property protections and procedures.
Account suspension and termination procedures.
Disclaimers, warranties and limitations of liability.
Language consenting to the collection of personal information.
An effective User Agreement will be tailored to the specific purposes of the website. For example, a website serving as the internet presence of a retailer may include terms relating to payment information, return or refund policies, among other relevant considerations. Although different websites’ User Agreements may contain many similar elements, the specific language of any one User Agreement should be driven by the particularities of the website itself.
The enforceability of a User Agreement depends on two key factors: (i) effective notice of the User Agreement; and (ii) approval by the user to be bound by the User Agreement, either expressly, for example, by clicking “I Agree,” or impliedly through the user’s conduct. Thus, it is important to consider how approval of the User Agreement will be obtained, including whether access to the website will be blocked until an express agreement is secured. A balancing of ease of use with enforceability of the User Agreement will depend on the website’s purpose.
The types of data collected by the website and any third-party providers, including user submitted information, information collected automatically (such as IP addresses) and cookies.
What options are available to the user to prevent the collection of data.
What is done with the data and with whom it will be shared.
How the data will be stored and protected.
Any information required by applicable federal, state and industry laws and guidelines.
How a user can see what data is being held about them and what they can do to change, update or delete it.
How disputes are to be resolved.
The effective date of the policy, including any and all updates.
Contact information where users can seek more information or send notices.
A legal disclaimer seeks to limit a website operator’s obligations and exposure to liability. The type of disclaimer will vary based on the product or services being offered. Some common disclaimers include:
An “as is” disclaimer, which informs users that the content of the website is provided “as is” and that the operator cannot provide any guarantees as to accuracy, completeness, legality or reliability of the information presented.
A disclaimer stating that any warranties, promises or representations of any kind are not given as to the nature or accuracy of the information provided on the website.
A disclaimer stating that the website operator shall not be liable for any loss or damage of any kind.
A disclaimer concerning the collection, storage and use of personal information by any third-party.
The enforceability of a waiver depends on a user’s actual or constructive knowledge thereof. Accordingly, disclaimers should be clear and conspicuous. However, certain disclaimers may not be enforceable pursuant to federal or state law. Thus, an effective disclaimer should take into consideration the website’s intended audience and any particularities of the jurisdictions in which users may reside.
 See, e.g., Nicosia v. Amazon.com, Inc., 834 F.3d 220, 233 (2d Cir. 2016) (citing Schnabel v. Trilegiant Corp., 697 F.3d 110, 129 n.18 (2d Cir. 2012)).
 Federal laws include, but are not limited to: (i) the Health Insurance Portability and Accountability Act (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”), applicable to healthcare related activities; (ii) the Gramm-Leach-Bliley Act, applicable to financial services; (iii) the Fair Credit Reporting Act, applicable to data broker activities; (iv) the Family Educational Rights and Privacy Act (“FERPA”) and the Protection of Pupil Rights Amendment (“PPRA”), applicable to the educational sector; and (v) the Children’s Online Privacy Protection Act (“COPPA”), applicable to child-directed content. State laws include, but are not limited to: (i) the California Online Privacy Protection Act (“Cal-OPPA”); and (ii) the Delaware Online Privacy and Protection Act (“DOPPA”).
ATTORNEY ADVERTISING. This document is provided by P. Taylor Legal, PLLC for information purposes only and is not intended and should not be construed as legal advice.