Common Pitfalls in Website Policies

-- by Molly Tranbaugh

Launching a website is a labor of love that can be equal parts exciting and exhausting. A critical step in this process is to prepare website policies designed to protect your business from liability and comply with disclosure requirements. Below are some of the key considerations to keep in mind when drafting these policies. 

What are these policies and why do you need them? 

First, a quick overview of the various terms and disclosures you’ll need on your site. Every website that collects personal information must include a privacy policy to notify visitors about how you will be collecting, storing, using, and disclosing their information. Certain of these disclosures are required under federal and state laws enacted to protect consumers from the unauthorized use of their information, so compliance is key. You will also need terms of use, which serve as a contract with site visitors and cover essential topics such as company intellectual property, user content, and social media interactions. For websites engaging in e-commerce, you should have comprehensive terms of sale to govern all aspects of those transactions and anticipate any issues that are specific to the services or products you sell.  

Together, these policies should address all the ways users will interact with your website, ensure that they are adequately informed of their rights and obligations, and protect the company from liability. 

How do you make sure you have the right terms and disclosures for your site? 

The privacy policy, terms of use, and terms of sale are only effective if they are adequately tailored to your website. Before any policies are drafted, we recommend sitting down with your lawyer for a detailed conversation about how you will operate the site, such as the data you’ll collect and how you’ll use that data; your plans for tracking technologies and advertising on the site or through third parties; how you will drive traffic to the site; and whether users will contribute their own content on the site. These considerations should be incorporated into your policies to ensure the right disclosures have been made and the policies will cover all the ways you’ll operate your business on the site.  

We also suggest taking time at the outset to think through your plans for the site, and then draft the policies with enough flexibility to cover potential future uses. This additional work on the front end can ultimately save you time and money by making sure the business is covered as soon as the website launches and avoiding the need to revise the policies in down the line (which can sometimes require notifications to your entire email list).  

Are you forgetting anything? 

We’ll often come across website policies that omit key provisions that are critical for operating a compliant site. Here are just a few examples:  

  • Third Parties and Vendors. Most companies rely on vendors to operate certain aspects of their website, such as payment processing or data storage. Be sure to inform users that outside parties will have access to their information and direct them to the terms and conditions of those vendors where necessary. 
  • AI Disclosures. AI and machine learning tools require specific disclosures, including the use of chatbots and other automated response features. The rules around these disclosures can be complex and change frequently, so drafting policies that will comply with the ever-evolving AI landscape will be critical for your site.  
  • State Laws. Certain states have specific laws around the disclosure of personal information, which can vary from state to state. Your policies should be drafted to comply with all state requirements, regardless of where your company is based or your current customers are located.  

These are just a few of the common issues and pitfalls we see in website policies. The policies are critical to the operation of your site and, when drafted properly, will ultimately shield your business from liability by ensuring adequate disclosures and compliance.  


This website may use cookies for functional and performance purposes. We do not sell your information to any third parties. By continuing to use this site, you accept our use of cookies. Please read our Terms and Conditions and Privacy Policy for full details.