If you sell any type of digital product such as songs, videos, or downloadables, there are certain legal agreements you should include on your website or app.

To simplify the process for you, we've created this guide to the necessary legal agreements for digital products. We'll go over the most important legal agreements required for companies offering digital products to help you ensure your website is in compliance with national and international laws.

The legal agreements required of your business or organization will vary depending on your industry, the types of digital products you sell, and the types of data you collect.

Navigating your way through the actual statutes and regulations to figure out which agreements you must comply with can be a confusing process. Failing to properly adhere to these regulations can lead to lengthy and costly lawsuits or fines.

Here are the legal agreements people who sell digital products should have.

Privacy Policy

Privacy Policy

It doesn't matter what type of product you sell. If your website or app collects, handles, or transfers personal data from its users, then you must have a Privacy Policy. This policy serves as a disclosure that you're collecting user data and explains how you plan to use it.

There are a number of privacy laws around the world that require a Privacy Policy. For example, if users from the European Union can purchase or download your products, then your Privacy Policy must be in compliance with the GDPR. Other relevant laws include Canada's PIPEDA and California's CalOPPA.

A Privacy Policy must be easily accessible to your users. Place a link to your Privacy Policy in a visibly prominent place such as your website's footer and at the point of download. You should also ask for consent to your Privacy Policy before users download your products, such as with an "I Agree" checkbox.

Your Privacy Policy should include the following information:

  • The types of personal data you collect
  • The purpose of collecting data
  • The legal basis for collecting it
  • What rights the users have, i.e. can they rectify or erase their data?
  • The effective date of the Privacy Policy

In the following example taken from Adobe's Privacy Policy, you can see how Adobe informs its users of the types of personal information it collects:

Adobe Privacy Policy: What Information does Adobe Collect clause

Within the same Privacy Policy, Adobe informers users of its purposes for collecting this information:

Adobe Privacy Policy: How does Adobe use the information it collects clause

Importantly, all Privacy Policies must explain how and why data is transferred to third parties. When dealing with digital products, this includes disclosing whether you are storing user data on cloud storage providers.

In this example, you can see how OpenText lets users know that it shares the data it collects with cloud hosting providers:

OpenText Privacy Policy: How We Share Your Data clause

Even if you somehow offer digital products without collecting any personal information, you should still display a Privacy Policy that declares this. This will help your business look transparent and trustworthy, while making it less likely that any legal authorities will question your lack of a Privacy Policy.

Terms and Conditions/Term of Use Agreements

Terms and Conditions Term of Use Agreements

Although a Terms and Conditions agreement - sometimes called Terms of Use or Terms of Service - is not required by law, it is an important document that establishes the rules your users must follow. These agreements usually cover topics such as intellectual property, restricted behavior, payment terms, and termination clauses.

Since a Terms and Conditions agreement is a legal contract between you and your users, it will be unique to your website. In most cases, your Terms and Conditions should include the following:

  • Introduction: Describe your products and services including your company name and contact information
  • Governing and applicable laws: Inform users about which laws will govern the agreement
  • A Contribution clause: Detail the rights your users have to the content they create through your website or app
  • A Third Party clause: Establish that you are not responsible for any third party websites you link to
  • Disclaimers and Warranties: Limit your liability through the use of disclaimers and warranties
  • Acceptable use and prohibited activities: Include a detailed list of all the acceptable uses and prohibited activities users are agreeing to
  • Intellectual property rights: Let your users know about any copyright, trademarks, or content that is protected by the Terms and Conditions
  • A non-compliance clause: Explain to your users when and under what conditions you will take action for non-compliance with the Terms and Conditions

In the following example, you can see all the different topics WhatsApp covers in its Terms of Service agreement:

WhatsApp EEA Terms of Service table of contents

In the following example, you can see how ExpressVPN explains in the introduction of its Terms of Service that this agreement governs the use and access of its different services:

ExpressVPN Terms of Service: Introduction clause

If your website or app has implemented any digital rights management (DRM) solutions, then you should use your Terms and Conditions agreement to inform your users of these limitations.

Here is how Apple uses its Media Services Terms and Conditions to explain to users the limitations on both its DRM-free and DRM-protected content:

Apple Media Services Terms and Conditions: Audio and Video Content Sales and Rentals

Outline to your users how they must not use your services. This is a powerful component of a Terms agreement that helps you maintain control over your platform and products.

Here's an example of a clause that lets users know what they cannot do with a service:

WhatsApp EEA Terms of Service: Legal and Acceptable Use clause

Make sure to display your Terms and Conditions agreement in a way that's easy to find, same as your Privacy Policy. Within your website footer and at digital product download are best practice locations for display.

End-User License Agreement

End-User License Agreement

If you provide downloadable software to your users, you should create an End-User License Agreement (EULA) that defines the user's rights and restrictions when using your licensed digital products.

When a person or business purchases software, they are not actually gaining ownership over that software. Instead, they are granted a license to use it. Your EULA should clearly define the terms, liabilities, restrictions, and obligations users must agree to before they can access your products.

An EULA will act as a shield protecting the rights of your software from misuse such as copyright infringement or software reverse engineering.

The common clauses of an EULA include:

  • License granting: Inform users that you are granting them a license to use your software
  • Copyright notice: Let users know that copyright law protects your products
  • Restrictions of use: Outline any restrictions or prohibited activities while using your software
  • Termination of licensing: Explain that you have the right to terminate a user's license if they violate your terms
  • Related agreements: You can create a clause letting users know that by agreeing to the EULA they are also agreeing to other agreements such as the Terms and Conditions
  • Limitations of liability: Make it clear that you are not responsible for any issues or damages that arise from using your software
  • Warranty disclaimer: Let your users know that your software is available 'as is' and detail any warranties offered

In the introduction of its Terms of Use/EULA, Grammarly does a good job of explaining that this agreement governs the use of its software. Take note of how it mention that by clicking 'accept' or downloading its software, the user is binding themselves to this agreement:

Grammarly Terms of Use and EULA Introduction clause

In the same Terms of Use/EULA, Grammarly also clearly outlines all the restrictions of use for its software:

Grammarly Terms of Use and EULA: Not Permitted clause

Here's how UBISOFT's EULA informs users that its software is sold 'as is' and limits the company's liability for any issues or damages that arise from the use of its software:

UBISOFT EULA: Warranty Disclaimer Limitation of Liability clause

It is important to get your users to directly consent to your EULA. One of the best methods of doing this is through the click-to-accept method mentioned earlier as well.

Actively requiring your users to agree to a contract or agreement by performing an action - usually by clicking on a checkbox or linked button - shows that your users signified their consent through their actions.

Return and Refund Policy

Return and Refund Policy

Any company that sells products, software, or services should have a Return and Refund Policy. This policy outlines how, when, and under what conditions users can return or obtain a refund for the products they purchase.

If you sell digital products, your Return and Refund Policy will likely look quite different from a company that sells physical goods. This is simply because digital products can't be returned in the traditional sense.

When selling digital products, it's common to have a No Returns, No Refunds Policy. This type of policy states that once customers make a purchase, they are not able to return that item for a refund.

It is important to note that some local laws prohibit such strict policies.

If you choose to create such a policy, then you must explicitly explain to your users the conditions under which your Return and Refund Policy applies. Remember to keep the language simple and straightforward so that the refund process is easy to understand for your users.

Here's how Apple outlines within its Returns and Refunds Policy that certain digital products are not available for a refund:

Apple Returns and Refunds Policy: Items ineligible for return list

You can also consider offering alternatives to refunds, such as store credits or alternative services.



Whether you sell physical or digital products, disclaimers can greatly limit your risks of liability.

A disclaimer is a statement that informs the reader of things such as the limitations of your liability for the use of your website and the information it contains. A disclaimer can also be used to disavow any statements made on your website or app that could be misinterpreted.

For instance, depending on the nature of your industry, you may want to state that any information found on your website or app is for informational purposes only and should not be taken as professional advice.

Here is an example of how WebMD included a disclaimer clause within its Terms and Conditions of Use. Take notice of how it specifies that it makes "no representations or warranties" about the accuracy or reliability of its content or links:

WebMD Terms and Conditions of Use: Warranty disclaimer and limitation of liability clause

Your website for selling digital products may benefit from a variety of other disclaimers. Check out our Sample Disclaimer Template article for a helpful disclaimer template and examples of a variety of different disclaimers.

Cookies Policy

Cookies Policy

If your website or digital product tracks user behavior through cookies, then you should include a Cookies Policy on your website or app. Many global data privacy laws require transparency around how user data is collected and processed and a Cookies Policy can help you comply with these regulations.

A Cookies Policy provides detailed information about how your company engages in data tracking through cookies. This includes the types of cookies you use, how these cookies are used, and how a user can opt out of cookies use.

Your Cookies Policy should include:

  • An explanation of what cookies are
  • What cookies are in use by you and/or third parties
  • How and why you use cookies
  • How a user can opt out of having cookies placed on their browser or devices

In this following example, you'll see how BBC Channels begins its Cookies Policy by explaining what cookies are:

BBC Channels Cookies Notice: About cookies clause

Further down in the same policy, BBC Channels uses a clear, bullet-point list to describes its purposes for using cookies:

BBC Channels Cookies Notice: Cookies Purposes clause

You should have your users' explicit consent before setting cookies on their browsers or devices. One of the most common ways for obtaining this consent is through pop-ups or banners.

Here is an example of how Barnes & Noble uses a banner to obtain explicit consent for cookies from its users:

Barnes and Noble Cookie consent notice


If you sell any type of digital products, at a minimum your website or app should include a Privacy Policy, Terms and Conditions, and a Return and Refund Policy. When applicable to your website, products or regional location (for laws you need to follow), you should also include a Cookies Policy, an EULA and appropriate disclaimers.

These legal agreements will do more than just shield you from legal risk and liability. They also create goodwill between you and your customers by creating a safe environment for them to enjoy your digital products.

Here are some key takeaways from this guide:

  • If you process the personal data of your users, create a Privacy Policy that discloses how your company collects, stores, and uses this data.
  • Create a Terms and Conditions agreement that clearly outlines all the rules your users must follow when using or downloading your products.
  • If you offer software or applications, create an End User License Agreement which details the rights users have when using your products.
  • Create a disclaimer that states the limitations of your liability and other important information you should disclaim.
  • If your website or app uses cookies, create a Cookies Policy.

Make sure you get appropriate consent from users to be bound by the terms of your legal agreements. This will ensure your terms are enforceable in court and that you get legal benefits and protection while doing business.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy