Do I need terms & conditions, and privacy policy for my business?  

07 December 2022


You're working on a lovely website for your company when the developer requests your Terms & Conditions (“T&C”) and Privacy Policy (“PP”) page. You've spent hours honing the messaging on your landing page, your bio, and other material. You haven't even considered an uninteresting project like this. Isn't that legal jargon at the bottom of websites? Is it even read by anyone? Do you really need a T&C and PP page for your website if you're a small business? That's an excellent question. The quick answer is no, technically, but you should. Read this article to know more about why your business should have a T & C and PP page.

If you collect or use any personal information from your clients, you must have a PP in place. For instance, email addresses, first and last names, and so on. The goal of this knowledge is to enlighten clients about your collection and use of personal information about them. A T&C understanding presents terms, conditions, prerequisites, and provisions associated with the use of your website or mobile/workplace application, for example, copyright security, account termination in cases of maltreatment, and so on.

Important Elements

In T&C:

  1. Governing law: what nation and/or state law governs your company?
  2. Users' rights and responsibilities: the rules that govern how your website is used.
  3. Confidentiality: a provision stating that information gathered via the relationship via the website is not to be divulged to any third parties unless expressly authorized.
  4. Security: what types of security do you use on your website?
  5. Copyright notice: All text pertaining to the whole content of the website is protected by copyright and other relevant intellectual property rights. 
  6. Refund policy: the company's refund policy, if any.
  7. Termination: a set of criteria specifying the terms of the agreement's termination by both parties.
  8. And a lot more

In PP:

  1. Data Collection: Describe how data is gathered and processed.
  2. Security: How is personal information safeguarded?
  3. Personal Information: the sorts of personal information collected and processed by your website.
  4. Cookies: an explanation of cookies and how they are used by your website
  5. Data Protection Rights: the rights of data subjects
  6. Contact information for your firm, as well as the Data Processing Officer and Data Controller, if relevant.
  7. as well as others

Why are they needed?

  1. Terms and Conditions

In contrast with PP, the T&C are not legally required under law. However, it is highly recommended to have one so that the business can anticipate misuses of their website or mobile application, as well as to limit your own danger as the proprietor of the internet business. Without this type of agreement in place, and without it being properly permitted, there is no way for the business to legally limit or restrict how someone may or cannot use their site or app. Copyright infringement issues might arise if clients use the business’ content without their permission or if there is abuse. It is recommended that any online business (even if it is just a simple website or a basic, mobile application) that allows or requires a client to enroll for a record have this agreement set up and present it to clients.

  1. Privacy Policy

The Information Technology Act was amended in 2009 to provide basic privacy and data protection protections. In India, the privacy legislation currently compels companies and websites to use caution while collecting and handling sensitive personal data or information. A civil provision is now available that specifies damages for a business that fails to use "reasonable security methods and procedures" while managing "sensitive personal data or information," resulting in unlawful loss or benefit to any individual. Hence it is legally mandated to have a PP for businesses whether small or large.

Small firms stand to suffer the most as a result of improper data practices. The business can manage data in accordance with local laws and internal procedures, but if a customer views it as mistreatment, the business may face liability or, at the very least, a costly and time-consuming legal battle to contest the allegation. A Privacy Policy defines the business’ principles for managing information and separates forbidden behaviors from permissible ones. Also, if a consumer authorizes the operations of the business by agreeing/consenting to your Privacy Policy, they are less likely to sue the business.


Irrespective of the size of your business, having T&C and PP helps increase transparency and the trust your customers have in you. It also helps save the business from future liability that might arise due to the use of the website, the contents of the website, the data collected and how the data is utilized. 


The content of this article is for information purposes only and does not constitute advice or a legal opinion and are personal views of the author. It is based upon relevant law and/or facts available at that point of time and prepared with due accuracy & reliability. Readers are requested to check and refer to relevant provisions of statute, latest judicial pronouncements, circulars, clarifications etc before acting on the basis of the above write up. The possibility of other views on the subject matter cannot be ruled out. By the use of the said information, you agree that the Author / Treelife is not responsible or liable in any manner for the authenticity, accuracy, completeness, errors or any kind of omissions in this piece of information for any action taken thereof.

Download Startup Guide
A guide with complete lifecycle of startup

Treelife Ventures Services Private Limited.
All Rights Reserved. © 2022.