Iubenda logo
Start generating


Table of Contents

What legal documents are required for e-commerce

If you sell products or services online, your e-commerce store must include:

  1. an up-to-date, easy to find and easily accessible Privacy Policy
  2. a Cookie Policy (if you use cookies)
  3. a Terms and Conditions document

Let’s find out why they are so important and what they should include.


Privacy Policy

The privacy policy is a document in which the data owner (the person or entity that runs a website/app) outlines the methods and purposes of its data processing to users, i.e. individuals who visit or use the website/app.

If your website/app collects personal data, you must inform users of this fact by way of a privacy policy: it’s required by law and by third-party services you may use.

All that is required to trigger this obligation is the presence of a simple contact form, Google Analytics, a cookie or even a social widget: if you’re processing any kind of personal data, you definitely need one.

What should be included in a Privacy Policy for e-commerce stores

In order to be compliant, your privacy policy must at the very least:

  • describe the personal data collected and the purposes of their collection;
  • accurately list all the third parties the data is shared with; and
  • inform users of their rights in relation to their data.

Of course you also have to provide the identity of the data controller (in practice who establishes “why” and “how” the personal data collected must be processed, usually the site/app owner), so name/company, full address and contact email.

Cookie Policy

If, as is very likely, your website uses cookies, you must also comply with the ePrivacy Directive (also known as “Cookie Law”). As the website owner, you need to collect user’s consent before cookies are installed on the user’s device.

In order to give consent, users must be informed of data collection activities and choose whether or not to consent to the installation of cookies.

You must then set up a cookie policy in which you:

  • define which cookies you use (e.g. technical, statistical, profiling, etc.) and for what purposes;
  • list the categories and purposes of third party cookies that are installed.

Terms and Conditions

If you run an e-commerce website, Terms and Conditions are often mandatory: customers must be made aware of the business owner’s rules relating to return, withdrawal or cancellation policies.

Specific instances where they might needed are where you:

  • need to make legally required disclosures related to consumer rights (especially withdrawal and cancellation rights);
  • have different user levels (eg. registered vs non-registered);
  • run a service or platform which allows users to sell or trade with other users;
  • facilitate or otherwise process payments and/or other sensitive user data;
  • want to set the rules for user behavior (including comments) and state grounds for termination of accounts;
  • participate in affiliate programs;
  • provide a product or service which can potentially cause harm if misused;
  • would like to have some legally enforceable control over, and set rules about, how your product, service or content may be used.

What should be included in Terms and Conditions for e-commerce stores

In general, a good Terms and Conditions document for an e-commerce store should contain the following clauses:

  • intellectual property/trademark protection;
  • account registration/termination;
  • product description;
  • pricing, payment and delivery terms (including shipping, returns, exchanges and cancellations);
  • user rights;
  • liability and indemnification;
  • common provisions (privacy policy, intellectual property rights, governing law, etc.);
  • dispute resolution.

How iubenda can help you create the documents your e-commerce business needs

If you’re not a lawyer, creating a Privacy and Cookie Policy and a Terms and Conditions document for your eCommerce store can be a serious headache.

Here’s where iubenda can help: our solutions are built with the strictest regulations in mind like the GDPR, the Cookie Law and the CCPA. They’re:

  • crafted and monitored by our international legal team;
  • available in 9 languages;
  • easy to use;
  • fully customizable; and
  • self-updating.

With our Privacy and Cookie Policy Generator you can create a beautiful, professional lawyer-crafted privacy and cookie policy for your eCommerce store:

  • add any of over 1700 pre-created clauses instantly, or simply write your own;
  • after saving, you can easily translate into any of our 9 supported languages with just one click;
  • best of all, it automatically updates when the law changes.

With our Terms and Conditions Generator you can easily generate and manage a professional Terms and Conditions document that is:

  • customizable from over 100 clauses;
  • available in 9 languages;
  • drafted by an international legal team; and
  • up to date with the main international legislations.

Make your e-commerce store compliant in minutes

Start generating

About us


Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.


See also