Offering promotions, discounts, and other special deals is an effective marketing tactic for attracting new clients to your business. Any time you collect individuals' personal information in exchange for a promotional offer you need to make sure that you are complying with applicable privacy laws, many of which require you to maintain certain legal policies on your websites and apps.

This article will explain why you need legal policies when offering promotions and discounts, the laws that require legal policies, what types of legal policies you need, where to display legal policies on your website and apps, and how to get agreement to your legal policies.

Any business that collects or handles individuals' personal information needs to make sure that it has appropriate legal policies in place in order to comply with relevant privacy and data protection laws.

Whenever a customer signs up for your promotional offer, whether through an account or newsletter sign-up form, a sales transaction, or in exchange for a lead magnet or other freebie, they will need to provide your business with their personal information such as an email address or payment information.

You should be aware of any privacy legislation that applies to your business or protects the rights of your customers and their personal information, and make sure that you maintain any required legal policies on your website and apps.

Even when not legally required, it's still a good idea to have legal policies in place as they can help to build the trust that is necessary to generate long-term customers.

Failure to comply with certain privacy laws can not only result in thousands of dollars worth of fines, but can also damage consumer trust in your brand.

What is Personal Information?

Personal information is information that can be used to identify an individual. Personal information can include:

  • Names
  • Addresses
  • Identification numbers, such as a driver's license or social security number
  • Exact geolocation data
  • Financial information, such as debit or credit card numbers or purchasing behavior

What is Sensitive Personal Information?

Sensitive or special personal information is a category of data that businesses need to treat with extra consideration. Sensitive personal information can include:

  • Biometric data
  • Genetic data
  • Health information, such as medical records or disabilities
  • Race
  • Religious beliefs
  • Sexual orientation

Laws That Require Legal Policies

Some of the main privacy laws that require legal policies are the European Union's (EU) General Data Protection Regulation (GDPR), the EU's Consumer Rights Directive, and California's Consumer Privacy Act (CCPA) and Privacy Rights Act (CPRA).


The GDPR requires any business that is based in the EU or that deals with EU residents' personal data to notify individuals of their rights and let them know how it collects, processes, stores, and shares their personal data. This can be done with a Privacy Policy.


Similar to the GDPR, the CCPA and the CPRA are laws that protect California consumers' personal information. The CPRA is the updated version of the CCPA, and both laws require businesses that meet their criteria to protect California consumers' personal information and inform users of their rights.

Keeping an updated Privacy Policy accessible via your website and apps is an effective way to help you comply with the GDPR, the CCPA, and the CPRA.

Consumer Rights Directive

The EU's Consumer Rights Directive requires businesses to allow consumers from the EU to return a product for a full refund within 14 days. If a business does not inform users about their right to withdraw from a sale, the consumers are automatically granted the right to return the item for a refund for up to one year from the date of purchase.

A Return and Refund Policy can help your business to comply with the Consumer Rights Directive.

Privacy Policy for Promos, Discounts, and Offers

Privacy Policy for Promos, Discounts, and Offers

A Privacy Policy is a document that describes how your business collects, uses, stores, and shares personal information, as well as what rights your users have concerning their personal information.

If your business engages in promos, discounts, or other special offers, you should make sure to include a clause in your Privacy Policy that lets users know how their personal information is used in those circumstances.

The Walt Disney Company's Privacy Policy includes a clause that links users to the data controller who is responsible for their personal information, and informs users that it may use the information it collects for many reasons, including sending them offers and promotions:

Walt Disney Privacy Policy: Use of Your Information clause - Offers and promotions section highlighted

The Netflix Privacy Policy contains a clause that explains that it uses the personal information it collects to send its users "special offers and promotional announcements," among other purposes:

Netflix Privacy Policy: How we use information clause - Offers and promos section highlighted

Make sure to display your Privacy Policy where it's easy for your users to find, such as on your checkout page or anywhere where you collect personal information related to the promo, discount or offer.

Terms and Conditions for Promos, Discounts, and Offers

Terms and Conditions for Promos, Discounts, and Offers

A Terms and Conditions agreement is a legal agreement that informs users about their rights and responsibilities when using your products or services. Terms and Conditions agreements may also be called Terms of Service, Terms of Use, or simply Terms, and are commonly utilized to explain a business's limitations of liability as well as any other warranty or disclaimer information.

Your Terms and Conditions agreement can include a clause about any special terms concerning your business's offers or promotions.

Spotify's Terms and Conditions of Use agreement includes a Trials clause that contains a link to the specific terms that users must agree to in order to take advantage of its Paid Subscription Trials:

Spotify Terms and Conditions: Trials clause

Clicking on the Offer Terms link takes users to Spotify's Premium Promotional Offer Terms document. This document describes the details of the offer, who is eligible for the offer, when the offer is available and how long it lasts, and how users can cancel the offer.

Spotify lets users know that the act of submitting their payment information means that they agree to the Terms. It also lets them know that the way it handles the information it collects for a Trial is explained in its Privacy Policy:

Spotify Premium Promotional Offer Terms excerpt

Display your Terms and Conditions agreement alongside your Privacy Policy and other important documents and agreements.

Return and Refund Policy for Promos, Discounts, and Offers

Return and Refund Policy for Promos, Discounts, and Offers

A Return and Refund Policy describes the steps users need to take in order to make a return or receive a refund, as well as the timeframe or circumstantial requirements they need to meet in order to be eligible for a return or refund.

Your Return and Refund Policy may function as a standalone document, or it may be placed within another legal policy, such as your Terms and Conditions agreement. It should include a clause that lets users know about any conditions concerning making returns or requesting refunds for items that are part of a promotional offer or deal.

Best Buy's Returns and Exchanges page informs users that if they make a purchase in which they receive a discounted or free item for buying certain items together, then they cannot keep that benefit unless they return all of the items together:

Best Buy Returns and Exchanges: Bundle discount and free items section

Barnes and Noble's Return and Refund Policy explains that "Buy X, Get Y Free" items must be returned together in order to be eligible for a refund, otherwise an item that is part of a "Buy X, Get Y Free" deal is only eligible for an exchange for an item of equal or lesser value:

Barnes and Noble Return and Refund Policy: Free offer section

Make your Return and Refund Policy easy to locate on your website so that people can find it and read it before completing a purchase, such as in your website footer, and again near the checkout process.

Where to Display Legal Policies

Once you have your legal policies written, you will need to make sure that you display them somewhere where people can easily find them. Common places to display legal policies include website footers, in-app menus, and checkout, account login, and app download pages.

A website footer is one of the most popular places for businesses to put links to their legal policies, as it provides a way for users to find a company's legal information no matter what page of its website they browse to.

Netflix includes several links within its website footer, including links to its Terms of Use agreement, contact, privacy, and cookie information, and Legal Notices:

Netflix website footer with multiple legal agreement links highlighted

Checkout Page

Another good place to put links to your legal policies that outline information on promos, discounts and offers is on your checkout page. Putting links to your legal policies on your checkout page ensures that users get a chance to read and agree to your terms before making a purchase.

Amazon's checkout page includes links to its Privacy Notice and Conditions of Use, and lets users know that they must agree to its legal policies before placing an order:

Amazon checkout page with Privacy Notice and Conditions of Use links highlighted

Account Login Page/Form

Putting links to your legal policies on your account login pages or forms gives users the opportunity to read your policies before submitting their personal information, as well as each time they login.

When users go to log in to their WordPress account, they are given the option of clicking on its Terms of Service and Privacy Policy links before logging in:

WordPress account log in form with Terms of Service and Privacy Policy links highlighted

When users create an account with Target, they are provided with links to its Terms and Conditions agreement and Privacy Policy:

Target Create Account form with Terms and Conditions and Privacy Policy links highlighted

App Download Page

Many businesses put links to their Privacy Policies within their app download page so that users can read the Policies before downloading any apps. This is also a requirement of app stores.

When users go to download the HBO Max app in the Apple App Store, they can access its Privacy Policy via a link under the App Privacy section of the download page:

HBO Max Apple App Store Listing with Privacy Policy link highlighted

In-App Menu

You can put links to your legal policies in your in-app menu so that users can access your legal information while using the app. These links can either open the policies within the app itself, or can take users to an out-of-app website where your legal documents are hosted.

Users of the app can find links to its legal policies by selecting the More tab on the bottom right-hand side of the screen and then scrolling down to the Other section:

Realtor mobile app: More menu - Privacy and Data and Terms of Use links highlighted

From there, users can select either Privacy and Data or Terms of Use to read more about its legal policies. Selecting Terms of Use, for example, will open's Terms of Use agreement page:

Realtor mobile app: Terms of Use intro

There's one more important step after writing and displaying your legal policies, and it's getting users to agree to them. The next chapter will focus on this.

How to Get Agreement to Your Legal Policies for Promos, Discounts and Offers

Getting consent to your legal policies is an important part of complying with many privacy laws. One of the best ways to get users to agree to your legal policies is to use an "I Agree" checkbox that users must check before submitting their personal information or making a purchase.

When consumers place an online order through Chick-fil-A's website, they must check a box stating that they agree to its Terms and Conditions of Use, Privacy Policy, and California Privacy Policy:

Chick-fil-A online checkout form with Agree checkbox highlighted

You can use this check-to-agree method with every legal policy you post.


Maintaining legal policies on your business's website and apps is a simple way to help ensure compliance with privacy laws and build trust with your client base. Failure to comply with pertinent privacy laws can result in harsh financial penalties and can corrode consumer trust in the promos, discounts and offers you promote.

Some of the laws that require businesses to maintain legal policies on their websites and apps include the GDPR, the CCPA, the CPRA, and the Consumer Rights Directive.

The GDPR, CCPA, and CPRA require applicable businesses to inform consumers of their rights regarding their personal data, and to let consumers know how they treat the personal information that they collect and process. A Privacy Policy can help you to comply with these laws.

The Consumer Rights Directive requires companies that do business with residents of the EU to have a Return and Refund Policy that includes a withdrawal period clause.

Your business should consider having the following legal policies in place:

  • Privacy Policy
  • Terms and Conditions agreement
  • Return and Refund Policy

Your Privacy Policy should contain clauses explaining what kind of personal information you collect, how you collect it, what you do with it, how you store it, and who you share it with. It should also contain a clause that lets users know how you use their personal information for deals or promotions.

Your Terms and Conditions agreement outlines the rules that users need to agree to in order to use your products or services. It should include a clause detailing any terms that are specific to promotions, deals, or subscription trials that your business offers.

Your Return and Refund Policy lets users know how and under what circumstances they can make a return or request a refund. It should let users know how returns and refunds work for discounted items and promotional offers and deals.

Common places to display your legal policies include in your website's footer, at checkout, at the account login or create-account form, and on app download pages and within your app itself.

An effective way to get users to consent to your legal policies is through the use of an "I Agree" checkbox that users must check before submitting their personal information or making a purchase.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy