This note is only intended as a general overview and is not to be viewed as a substitute for legal advice. Brands & Bonds shall not be liable for any actions taken or not taken on the basis of this note.

The website owner running a blogging website get sued for millions by a user who had a life threatening experience while relying on some home remedies shared by another user on the blogging website. Another getting arrested for obscene content which was uploaded on his website by an unknown user. A website providing a platform for its users to buy and sell used goods gets sued by a user for fraud.

It is hard to find a Company or business without a presence on the World Wide Web these days. The penetration of internet and smart phones into the households even in rural area has witnessed a surge in the number of websites coming up online. An online presence would definitely be a boost for the business by reaching out to the millions of people who are online world-wide. However, the exposure can also backfire like the instances above.

A successful website not only requires pleasing and user friendly design but also well drafted Terms and Conditions (T&C) which to a great extent can mitigate unwanted liabilities. A website without a proper T&C could expose its owner to various liabilities and make them vulnerable as mentioned.

Terms and Conditions – what is it and why does a website need one

The T&C are the only legal agreement that governs the usage of the website which forms a binding contract between the website/business owner and the user. A well drafted T &C not only defines the terms on which the user can use the services of the website, but also to a great extent serve as a protection from various forms of liabilities which may arise. Website owner relies on the T&C to limit the potential liabilities and to define the rights and obligations of the users of the websites.

Contents of T&C and Legal requirement

T&C should at-least contain the Terms of Usage, a Disclaimer and a Privacy Policy. Although there are no legal mandate in terms of requirement for T&C for a website as such, this may change if the website acquires the colour of an “intermediary”. Intermediary includes e-commerce websites, or other website where storage of information/data is done on behalf of other person, for example forums, photo/file sharing websites, and any other websites where a third party or user other than the website owner provides or stores data. In short, a website becomes an intermediary if it lets its users upload, publish, transmit or share any form of data including blogs/literature, images, videos, programs, software or if such website is used as a medium for buying and selling merchandise.

Rule 3(1) of Information Technology (Intermediaries guidelines) 2011 of India and other similar rules of different countries mandates the requirement of a User Agreement and Privacy Policy in websites acquiring the colour of an intermediary.

Terms of Usage

Terms of Usage or User Agreement of a website governs the rights, duties and obligations of a user and also defines the terms and conditions for using the website or its services. This varies according to business and/or the functionality of the website. Information Technology (Intermediaries guidelines) 2011 also mandates that such a User Agreement should specifically state that the user shall not post any malicious content including but not limited to obscenities, data belonging to another person, material intended to hurt the sentiments of people, religion and the country in general or effect the secularity, security of India - the list is not exhaustive. A well drafted User Agreement should contain at-least the following:

  • Information about the website– include a detailed information about the ownership of the website, office address etc., description services provided by the website
  • Restrictions if any applicable on the user like age restrictions, domicile etc. –as per Indian Contract Act, a person should be over 18 to enter into a valid contract. If the website intents to provide services only to a particular area or location then such details must be included.
  • Payment methods, return options and policies, if the website involves online purchase or transactions. It would be great if the User Agreement mentions that the contract for sale is only between the user and the merchant.
  • Limiting the liability, disclaimers - This can to a great extent limit the liability of the website.
  • Ownership of the contents of the website – if the contents are user generated this should be specifically mentioned so as to limit the liability of the website in case of malicious contents. A properly drafted Agreement would protect the website owner from liabilities if a user posts contents which might infringe the IP rights of a third party.
  • User conduct guidelines – the DOs and DONTs for the user. This could include placing restrictions on the contents – images, videos, comments, articles, merchandise listings etc. being uploaded by the users,
  • Applicability of Law and Jurisdiction clause – As in the law of which country is applicable in the event of a dispute and the location of the courts to which the Jurisdiction is attributed to. This is really important as the online contents can be accessed by people all over the world and there could be a conflict of laws depending on the place of access by the user. To illustrate, a website based in India was accessed by a person in Turkey who availed of the services. In the eventuality of a dispute, would the Turkish or Indian Law prevail? Similarly disputes can arise where users are from different parts of India and the Company owning the website is headquarter at Delhi would have to defend suits in different parts of the country in the absence of a Jurisdiction clause.


It’s always prudent to add a disclaimer to the website, and it usually forms part of the User Agreement. A disclaimer generally is a statement intending to specify or limit the scope of rights and obligations that may be exercised and enforced by parties in a legally binding relation. For example, in a blogging website, it is crucial to state that the content in the website is for information purpose only and the user discretion is expected while making a decision; and a disclaimer to the effect that the website acts only as a platform enabling its users to upload/sell contents/merchandise and that the website cannot be held responsible for any malicious or offensive content/defective goods is a must for a social media website or an e-commerce website.

However, it is to be noted that the mere presence of a Disclaimer in a User Agreement might not necessarily guarantee that such terms of the disclaimer will be recognised in a legal dispute. This to a large extend depends on the relevant and prevailing laws which are applicable.

Privacy Policy

Users are now, more than ever, quite concerned about the security of their personal information. In today’s world of increase in identity thefts and cyber-crimes, most people are trying to be anonymous and protecting one’s privacy online. A user would definitely want to and has every right to know how the website uses the information of such user, who can view such information and also how the website stores such information, especially if the website collects personal information like full name, address, date of birth, credit card/banking details of the user. Such information could be misused when fallen into wrong hands. A privacy policy provides details as to the information collected, why the website collects such information, how does it stores the information securely and how such information is disseminated. The main function of a Privacy Policy is to make the users aware of the website’s intention in capturing and disseminating user’s information.

Some regulated industries in the field of Banking, Medical etc are bound by law to display a privacy policy. As mentioned earlier Laws in India mandates a privacy policy for websites acquiring the colour of an intermediary. Even if a website does not fall in the above category, it would be prudent to include a Privacy policy to win the confidence of the users. Though what amounts to privacy is yet to be defined and much is still attributed to the constitutional rights enshrined under Article 21, the Information Technology (Reasonable Security practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 has formulated and defined personal data and sensitive personal data.

One Size Fits All

The recent years have witnessed more and more websites with T&C. However, blindly copying from someone else’s website could do more harm than good. There is no “one-size-fits-all” and each website should have its User Agreement and Privacy policy crafted according to the nature, services being provided by the website and the policies of the owner. It is highly advisable to have a legal practitioner or a lawyer draft a suitable T&C for your website. It is equally important to review and revise these on a periodic basis, or at-least every time a new service is being introduced/relevant new legislation comes to force. By having a properly tailored T&C, the website can minimize the business risks and in event of a dispute (read litigation) may even be able to invoke a valid defence.

Author - Anith James

For further queries please contact info@brandsnbonds.com