Free Word download β’ Edit online β’ Save & share with Drive β’ Export to PDF
A Terms and Conditions document is a legally binding agreement that governs the relationship between a business and every user who accesses its website, application, or service. It defines what users may and may not do, establishes who owns the intellectual property on the platform, limits the business's financial liability if something goes wrong, sets payment and refund rules, and specifies how disputes will be resolved. Unlike a negotiated contract signed by two parties, terms and conditions are a unilateral document β published once and accepted by all users simultaneously, typically through a clickwrap mechanism at account creation or purchase.
Operating a website or digital service without terms and conditions exposes the business to liability on every front where the document would otherwise provide protection. Without a limitation of liability clause, a user claiming financial loss from a service outage or data error can pursue damages with no contractual ceiling. Without an intellectual property clause, ownership of content created or uploaded through the platform becomes contested. Without an acceptable use policy, you have no contractual basis to suspend or ban abusive users. And without a governing law clause, you face the risk of being sued in the user's home jurisdiction rather than your own. This template gives you a professionally structured starting point covering every critical provision β ready to customize to your service, pricing model, and jurisdiction in under two hours.
| If your situation is⦠| Use this template |
|---|---|
| Running a public website that collects visitor data | Website Terms and Conditions |
| Operating a SaaS or subscription platform | SaaS Terms of Service |
| Selling physical or digital goods online | E-commerce Terms and Conditions |
| Hosting user-generated content or a community forum | User-Generated Content Terms |
| Providing a mobile application to end users | End User License Agreement (EULA) |
| Offering a free trial or freemium product tier | Free Trial Terms of Service |
| Engaging B2B clients under a master service agreement | Master Service Agreement |
Why it matters: Courts in the US, UK, and EU routinely refuse to enforce terms that users had no clear notice of. A footer link alone does not constitute sufficient notice of binding terms.
Fix: Implement a clickwrap mechanism at account creation or checkout β a checkbox with text reading 'I agree to the Terms and Conditions [hyperlink]' that must be checked before proceeding.
Why it matters: Without an explicit survival clause, obligations such as confidentiality, IP ownership, and the limitation of liability may be extinguished when the agreement terminates β eliminating your protection after the relationship ends.
Fix: Add a clause listing every provision that survives termination: 'Sections [X, Y, Z] shall survive the termination or expiration of this Agreement for any reason.'
Why it matters: Competitor terms are drafted for their specific business model, jurisdiction, and risk profile. Using them verbatim may import obligations you cannot meet, exclude protections you need, and expose you to copyright infringement claims.
Fix: Start from a professionally drafted template and customize every section to reflect your actual service, pricing model, user base, and operating jurisdiction.
Why it matters: If users can upload content to your platform and the terms are silent on IP, you may lack the rights to display, moderate, or remove it β creating both legal exposure and operational problems.
Fix: Add a UGC clause granting the business a worldwide, royalty-free license to host, display, and distribute user-submitted content, while confirming users retain underlying ownership.
Why it matters: California, New York, the EU, and the UK all require auto-renewal terms to be presented in a clear and conspicuous manner β a standard that body text buried mid-document does not meet, making the renewal voidable.
Fix: Present auto-renewal terms in a separately headed section, bold or highlighted text, and repeat the disclosure at the point of purchase β not just in the document.
Why it matters: Without an effective date and version number, you cannot prove which terms were in effect at the time of a specific user's claim or dispute.
Fix: Add an 'Effective Date' and 'Version' field to the document header, maintain an archive of prior versions with their date ranges, and notify users each time the terms are updated.
In plain language: Establishes how and when users become bound by the agreement β clicking 'I Agree,' creating an account, or simply using the service.
By accessing or using [COMPANY NAME]'s services at [WEBSITE URL], you agree to be bound by these Terms and Conditions. If you do not agree, you must immediately discontinue use of the service.
Common mistake: Relying solely on a footer hyperlink without a clickwrap mechanism. Courts in the US and UK have declined to enforce browsewrap terms where there was no clear evidence the user saw them.
In plain language: Sets out registration requirements, password security responsibilities, and the user's duty to keep account information accurate and up to date.
You are responsible for maintaining the confidentiality of your login credentials and for all activities that occur under your account. You must notify [COMPANY NAME] immediately at [CONTACT EMAIL] of any unauthorized use.
Common mistake: Failing to specify what happens to an account when a user violates the terms. Without a clear suspension or termination right, enforcement becomes legally ambiguous.
In plain language: States that all content, code, trademarks, and designs on the platform belong to the business, and grants users a limited, non-transferable license to access it.
All content on the [PLATFORM NAME] platform, including text, graphics, logos, and software, is the exclusive property of [COMPANY NAME] and is protected by applicable intellectual property laws. You are granted a limited, non-exclusive, revocable license to access the service for [PERMITTED PURPOSE].
Common mistake: Not addressing user-generated content. If users can upload text, images, or files, the terms must specify what license the business holds over that content and whether users retain ownership.
In plain language: Lists what users may and may not do on the platform β such as prohibiting scraping, reverse engineering, harassment, or illegal activity.
You agree not to: (a) copy, modify, or distribute any part of the service without written consent; (b) use automated tools to scrape or index any content; (c) transmit any unlawful, defamatory, or infringing material; or (d) attempt to gain unauthorized access to any part of the platform.
Common mistake: Using a short generic list that doesn't reflect the specific risks of the platform. A marketplace platform needs conduct rules for seller fraud; a SaaS needs API rate-limit restrictions. Generic lists leave real abuse vectors uncovered.
In plain language: Defines pricing, billing cycles, auto-renewal, taxes, and the refund or cancellation policy.
Subscriptions are billed [MONTHLY / ANNUALLY] in advance at the rate of $[AMOUNT] per [PERIOD]. Subscriptions auto-renew unless cancelled at least [X] days before the renewal date. All fees are non-refundable except as required by applicable law or as stated in our Refund Policy at [URL].
Common mistake: Describing auto-renewal in vague language without specifying the cancellation notice period. Several jurisdictions β including California and EU member states β require explicit, conspicuous auto-renewal disclosures or the renewal is voidable.
In plain language: States that the service is provided 'as is' and 'as available,' disclaiming all implied warranties of merchantability, fitness for purpose, and uninterrupted availability.
THE SERVICE IS PROVIDED 'AS IS' AND 'AS AVAILABLE' WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
Common mistake: Writing the disclaimer in lowercase body text rather than conspicuous uppercase. In the US, the Uniform Commercial Code requires warranty disclaimers to be conspicuous to be effective β a small-font paragraph buried mid-document may not qualify.
In plain language: Caps the business's total financial liability to users at a defined amount, and excludes liability for indirect, consequential, or incidental damages.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, [COMPANY NAME]'S TOTAL LIABILITY TO YOU FOR ANY CLAIM ARISING UNDER THESE TERMS SHALL NOT EXCEED THE GREATER OF (A) $[AMOUNT] OR (B) THE TOTAL FEES PAID BY YOU IN THE [12] MONTHS PRECEDING THE CLAIM.
Common mistake: Setting the liability cap at zero or an unrealistically low fixed amount. Courts can strike caps that are unconscionable, especially in consumer-facing contracts in California, the UK, and the EU.
In plain language: Requires the user to defend and hold the business harmless from claims arising out of the user's violation of the terms, misuse of the service, or infringement of third-party rights.
You agree to indemnify, defend, and hold harmless [COMPANY NAME] and its officers, directors, employees, and agents from any claims, damages, losses, or expenses (including reasonable attorneys' fees) arising from your use of the service, your violation of these Terms, or your infringement of any third-party rights.
Common mistake: Mutual indemnification in a consumer-facing document. Requiring consumers to indemnify the business is common, but courts in the UK and EU may refuse to enforce broad indemnity obligations against individual consumers under unfair contract terms legislation.
In plain language: Reserves the business's right to suspend or terminate user access at any time, with or without notice, and describes what happens to user data and paid subscriptions on termination.
[COMPANY NAME] may suspend or terminate your access to the service at any time, with or without cause, upon [X] days' written notice. Upon termination, your right to use the service ceases immediately. Provisions that by their nature should survive termination β including IP ownership, disclaimers, and limitation of liability β shall survive.
Common mistake: No survival clause. If the document doesn't state which provisions survive termination, courts may treat all obligations as extinguished on the termination date β including confidentiality, IP assignment, and liability caps.
In plain language: Specifies the jurisdiction and law governing the agreement, and the mechanism β arbitration, mediation, or litigation β for resolving disputes.
These Terms are governed by the laws of [STATE / COUNTRY] without regard to conflict-of-law principles. Any dispute shall be resolved by binding arbitration administered by [AAA / JAMS / OTHER] in [CITY, STATE], except either party may seek injunctive relief in a court of competent jurisdiction.
Common mistake: Choosing a governing law jurisdiction solely for business convenience, without considering where the majority of users are located. The EU, UK, and several US states apply consumer-protection law regardless of what the contract specifies.
Enter your business's full legal name, registered address, and the exact name and URL of the website, app, or service the terms govern. Mismatches between entity names and domain ownership create enforceability gaps.
π‘ If you operate multiple products under one company, use a single parent T&C with addenda for each product rather than maintaining separate documents.
Decide between clickwrap (checkbox or button at signup) or browsewrap (footer link). Clickwrap is strongly preferred β it creates a timestamped record of consent. Update your sign-up flow to present the terms before account creation is complete.
π‘ Store a log of each user's acceptance event β date, IP address, and the version of the terms they agreed to. This record is your primary defense in a dispute.
List the activities your platform allows and explicitly prohibit the abuse scenarios most likely for your business type β scraping for a data platform, fraud for a marketplace, harassment for a community product.
π‘ Review your support ticket history for the last 12 months. The most common abuse patterns belong in the prohibited conduct list.
Enter exact pricing, billing cadence, auto-renewal notice period, and your refund policy. If you have a separate refund policy page, link to it by URL and confirm the two documents are consistent.
π‘ California's Automatic Renewal Law and the EU's Consumer Rights Directive both require auto-renewal terms to be displayed in a clear, conspicuous format before purchase β put them in a highlighted box, not buried in the body.
Replace the placeholder cap amount with a figure that reflects your actual risk exposure β typically the fees paid by the user in the prior 12 months. Ensure the cap is not so low that a court would deem it unconscionable for your user base.
π‘ For B2B SaaS contracts, a cap of 12 months' fees is the market standard. For consumer platforms, consider a lower fixed floor (e.g., $50 minimum) to avoid consumer protection challenges.
Choose a governing jurisdiction that has a meaningful connection to your business operations. Decide whether to require arbitration, include a class-action waiver, or allow litigation. Note that class-action waivers are unenforceable in some jurisdictions.
π‘ If you serve EU consumers, add a jurisdiction carve-out granting them their local consumer court rights β EU law cannot be waived by contract.
State how you will notify users of changes β by email, in-app notification, or posted notice β and how much advance notice you will give. Specify whether continued use after the notice period constitutes acceptance.
π‘ A 30-day notice period before material changes take effect is the accepted standard in most jurisdictions and reduces the risk of users claiming they were surprised by new terms.
Have a lawyer familiar with your jurisdiction and industry review the final document before it goes live. Focus the review on the liability cap, consumer-facing disclaimers, data handling references, and jurisdiction-specific requirements.
π‘ A focused 1β2 hour template review ($300β$600) is significantly less expensive than defending a claim based on unenforceable or missing terms.
Terms and conditions are a legally binding agreement between a business and its users or customers that governs how a website, app, or service may be accessed and used. They define user rights and obligations, limit the business's liability, establish IP ownership, and set out how disputes will be resolved. They are distinct from a privacy policy, which governs data collection, though both are typically required for any online service.
No law in the US, Canada, UK, or EU mandates terms and conditions for every website, but they are effectively required in practice. Without them, users have no defined obligations, the business has no liability cap, and intellectual property ownership is ambiguous. For e-commerce sites, SaaS platforms, and any service collecting payment, operating without terms and conditions exposes the business to unlimited liability and regulatory scrutiny.
Terms and conditions govern the user relationship β acceptable use, payment, IP, liability, and dispute resolution. A privacy policy is a separate document that discloses how the business collects, stores, and uses personal data. Most jurisdictions require both for any website that collects personal data or processes payments. They should be linked separately in the website footer and at the point of sign-up.
The two terms are used interchangeably in practice. "Terms of service" is commonly used by technology and SaaS companies; "terms and conditions" is more common in e-commerce, retail, and professional services. Both serve the same function and contain the same essential provisions. The name you choose has no legal significance.
A handwritten signature is not required. In most jurisdictions, clicking 'I Agree,' checking a box, or continuing to use a service after adequate notice constitutes legally sufficient acceptance. Clickwrap acceptance β where a user must affirmatively click to agree β is consistently upheld by courts. Browsewrap acceptance, where terms are only linked in the footer, is far less reliably enforced and should not be the sole mechanism for high-stakes obligations.
Update your terms and conditions whenever you materially change your service, pricing model, data practices, or refund policy. A full review at least once per year is standard practice. When you update the terms, notify existing users by email or in-app message with at least 30 days' advance notice before the new terms take effect. Retain archived copies of every prior version with effective date ranges.
Free generators produce generic output that often misses jurisdiction-specific requirements, fails to address the specific risks of your business model, and uses outdated language. They are a starting point, not a finished document. A professionally drafted template customized to your service and jurisdiction β reviewed by a lawyer before publishing β provides meaningfully stronger protection at a fraction of the cost of custom drafting.
EU consumer protection law β particularly the Unfair Contract Terms Directive β can override contract provisions that create a significant imbalance against consumers. Clauses that exclude all liability, prohibit consumers from using their local courts, or impose disproportionate penalties are regularly struck down. For any service with EU consumers, a lawyer familiar with local consumer law should review the document before publication.
The terms should give you the right to suspend or terminate the user's account immediately, seek injunctive relief, and pursue damages for losses caused by the violation. In practice, most violations are handled administratively through account suspension. For serious violations causing financial harm β such as fraud, scraping, or IP infringement β the terms provide the contractual basis for a legal claim and, in arbitration clauses, the forum for resolving it.
A privacy policy governs how the business collects, uses, stores, and shares personal data. Terms and conditions govern the user relationship β acceptable use, payment, IP, and liability. Both are required for any website collecting personal data or processing payments, and they should be linked separately. Combining them into a single document is common but makes updates more cumbersome.
A EULA specifically governs the license granted to use installed software or an application β it focuses on what users may and may not do with the software itself. Terms and conditions are broader, covering the full service relationship including payment, accounts, and disputes. Software products often need both: a EULA for the license grant and a T&C for the service wrapper around it.
A master service agreement is a negotiated B2B contract governing an ongoing service relationship between two businesses, typically with individually negotiated commercial terms. Terms and conditions are a non-negotiated, take-it-or-leave-it agreement published to all users simultaneously. MSAs are appropriate for enterprise clients; T&Cs govern the broader user base.
A service agreement is a bilaterally negotiated contract for a specific scope of work between a service provider and a single client. Terms and conditions are a unilateral document published to all users without individual negotiation. Use a service agreement for bespoke client engagements and terms and conditions for standardized platform access or product sales.
API rate limits, uptime SLA disclaimers, data processing addenda, and tiered subscription billing terms are all specific requirements for SaaS T&Cs.
Purchase terms, shipping liability, returns and refund windows, and auto-renewal disclosures for subscription boxes are critical provisions for online retailers.
Regulatory disclosures, payment processing terms, fraud liability allocation, and compliance with CFPB and FCA requirements make fintech T&Cs substantially more complex than standard templates.
HIPAA liability carve-outs, disclaimer of medical advice, and scope-of-service limitations distinguishing the platform from a licensed medical provider are essential in this sector.
User-generated content licensing, DMCA takedown procedures, copyright ownership, and community conduct standards are the defining provisions for media and UGC platforms.
Engagement scope limitations, disclaimer of professional advice, confidentiality obligations, and deliverable acceptance terms distinguish professional services T&Cs from standard website terms.
No single federal law mandates terms and conditions, but sector-specific regulations β COPPA for children's services, CCPA for California residents, and the FTC Act for deceptive practices β impose specific disclosure requirements. California's Automatic Renewal Law requires conspicuous auto-renewal disclosures. Class-action waivers in arbitration clauses are enforceable in most states but remain contested in California consumer contracts.
Canada's Anti-Spam Legislation (CASL) and PIPEDA impose obligations on any service collecting personal data from Canadians that should be cross-referenced in the terms. Quebec's Law 25 adds heightened consent requirements for Quebec residents. Auto-renewal terms must comply with provincial consumer protection statutes, several of which β including Ontario and Quebec β require advance notice of renewal and cancellation rights.
The Consumer Rights Act 2015 requires that terms used with consumers be fair, transparent, and prominent β unfair terms are not binding on consumers even if agreed to. Limitation of liability clauses that exclude death or personal injury caused by negligence are void. The Competition and Markets Authority (CMA) actively investigates and challenges online platforms' terms and conditions.
The Unfair Contract Terms Directive and the Consumer Rights Directive impose strict requirements on B2C terms. Consumers retain the right to use courts in their country of residence regardless of a governing law clause. The Digital Services Act (DSA) adds transparency, notice-and-action, and content moderation obligations for platforms reaching EU users. GDPR data processing obligations must be addressed separately in a privacy policy and, where applicable, a data processing addendum.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Small business websites, simple e-commerce stores, and early-stage SaaS with a domestic user base | Free | 1β2 hours |
| Template + legal review | Any platform handling payments, serving users in multiple jurisdictions, or collecting personal data beyond basic analytics | $300β$800 | 3β5 business days |
| Custom drafted | Enterprise SaaS, regulated industries (fintech, health tech), platforms with significant UGC, or services marketed to EU or UK consumers | $1,500β$5,000+ | 2β4 weeks |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Start freeΒ Β·Β No credit card required
