Back to Details

terms-of-service

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Terms of Service

服务条款(Terms of Service)

Overview

概述

This skill generates well-structured, comprehensive Terms of Service (ToS), Privacy Policies, and End-User License Agreements (EULAs) tailored to web applications, SaaS platforms, and mobile apps. The drafts cover the full range of standard legal topics: user eligibility and account terms, acceptable use, intellectual property, payment and subscription terms, data handling and privacy, disclaimers and limitation of liability, termination, and dispute resolution. Outputs are written in clear, modern language that is accessible to users while remaining legally substantive. All drafts should be reviewed and adapted by a licensed attorney before publication.
此技能可针对Web应用、SaaS平台及移动应用生成结构清晰、内容全面的Terms of Service(ToS)、Privacy Policy和End-User License Agreement(EULA)草案。这些草案涵盖所有标准法律议题:用户资格与账户条款、可接受使用规范、知识产权、支付与订阅条款、数据处理与隐私、免责声明与责任限制、服务终止及争议解决。输出内容采用清晰易懂的现代语言撰写,既便于用户理解,又具备法律实质内容。所有草案在发布前均需由持牌律师审核并调整。

When to Use

适用场景

  • Launching a new SaaS product, web app, or mobile app that requires user-facing legal agreements
  • Updating outdated ToS to reflect new features, business models, or regulatory requirements (GDPR, CCPA, COPPA)
  • Drafting a standalone Privacy Policy for a product that collects any user data
  • Creating a EULA for downloadable software or a mobile application
  • Developing an Acceptable Use Policy (AUP) for a platform with user-generated content
  • Building a legal agreements page that consolidates ToS, Privacy Policy, and Cookie Policy
  • 推出需要面向用户的法律协议的新SaaS产品、Web应用或移动应用
  • 更新过时的ToS,以适配新功能、商业模式或监管要求(GDPR、CCPA、COPPA)
  • 为收集用户数据的产品起草独立的Privacy Policy
  • 为可下载软件或移动应用创建EULA
  • 为包含用户生成内容(UGC)的平台制定可接受使用政策(AUP)
  • 创建整合ToS、Privacy Policy和Cookie Policy的法律协议页面

When NOT to Use

不适用场景

  • As a final, legally reviewed document without attorney review for any production product
  • For highly regulated industries (healthcare/HIPAA, financial services/FINRA, children's products/COPPA) without specialized legal counsel
  • When you need jurisdiction-specific compliance advice (e.g., EU GDPR Data Processing Agreements, CCPA service provider addenda)
  • To document agreements between businesses (B2B contracts) — use a services agreement or MSA instead
  • For open-source software licenses (use established SPDX licenses instead)
  • 未经律师审核,直接作为正式产品的最终法律文档使用
  • 用于高度监管行业(医疗/HIPAA、金融服务/FINRA、儿童产品/COPPA)且未配备专业法律顾问的情况
  • 需要特定司法管辖区合规建议时(例如欧盟GDPR数据处理协议、CCPA服务提供商附加条款)
  • 记录企业间协议(B2B合同)——应使用服务协议或主服务协议(MSA)
  • 用于开源软件许可——应使用已确立的SPDX许可协议

Quick Reference

快速参考

DocumentPurposeKey Sections
Terms of ServiceGoverns user relationship with the serviceEligibility, acceptable use, IP, payment, liability, termination, disputes
Privacy PolicyExplains data collection, use, and user rightsData collected, legal basis, third-party sharing, retention, user rights, contact
EULAGoverns license to use softwareLicense grant, restrictions, IP ownership, warranty disclaimer, termination
Acceptable Use PolicyDefines prohibited user behaviorsProhibited content/actions, enforcement, reporting
Cookie PolicyExplains cookie use and consentCookie types, purpose, opt-out mechanism
文档类型用途核心章节
Terms of Service规范用户与服务的关系用户资格、可接受使用、知识产权、支付、责任、服务终止、争议解决
Privacy Policy说明数据收集、使用及用户权利收集的数据类型、法律依据、第三方共享、数据保留、用户权利、联系方式
EULA规范软件使用许可许可授予、限制条款、知识产权归属、免责声明、服务终止
Acceptable Use Policy定义禁止的用户行为禁止的内容/行为、执行机制、举报方式
Cookie Policy说明Cookie使用及同意机制Cookie类型、用途、退出机制

Instructions

使用说明

  1. Gather product context before drafting — Collect: product name, company name and jurisdiction, product type (SaaS, mobile app, marketplace, API), data collected from users, subscription/payment model (free, freemium, paid tiers), target audience (consumers, businesses, children?), and key features that may have specific legal implications (AI/ML, UGC, payments, health data).
  2. Draft the Terms of Service using this standard structure:
    • Acceptance of Terms — How users agree (clickwrap, browsewrap); age/eligibility requirements
    • Description of Service — What the product does; scope of service
    • Account Registration and Security — Account creation, credential responsibility, account suspension
    • Acceptable Use Policy — Prohibited conduct, prohibited content, enforcement rights
    • Intellectual Property — Company IP ownership; license grant to users; user-generated content license back to company
    • Payment and Subscription Terms — Pricing, billing cycles, auto-renewal, refund policy, price changes
    • Privacy — Reference to Privacy Policy; GDPR/CCPA compliance statement if applicable
    • Disclaimers of Warranties — "As-is" disclaimer; no guarantee of uptime or results
    • Limitation of Liability — Liability cap (typically fees paid in last 12 months); exclusion of consequential damages
    • Indemnification — User indemnifies company for user's misuse or content
    • Termination — Grounds for termination; effect of termination; data export window
    • Dispute Resolution — Arbitration clause, class-action waiver, governing law, jurisdiction
    • Changes to Terms — How changes are communicated; continued use = acceptance
    • Contact Information — Legal contact email/address
  3. Draft the Privacy Policy using this standard structure:
    • Information Collected — Categories: account data, usage data, device data, cookies, third-party data
    • Legal Basis for Processing (required for GDPR) — Consent, contract performance, legitimate interest
    • How Information Is Used — Service delivery, analytics, marketing, legal compliance
    • Information Sharing — Service providers, analytics vendors, payment processors; no selling of personal data (or disclose if sold per CCPA)
    • Data Retention — How long data is kept; deletion policy
    • Security — Reasonable security measures; breach notification commitment
    • User Rights — Access, correction, deletion (right to be forgotten), portability, objection, opt-out of sale
    • Children's Privacy — COPPA compliance; no knowing collection from users under 13
    • International Transfers — Standard contractual clauses or other mechanisms for cross-border transfers
    • Contact / DPO Information — How to exercise rights; Data Protection Officer if applicable
  4. Draft the EULA (if applicable) covering:
    • License grant (personal, non-exclusive, non-transferable, revocable)
    • License restrictions (no reverse engineering, no sublicensing, no commercial use if free tier)
    • IP ownership (all rights reserved to licensor)
    • Updates and support terms
    • Warranty disclaimer and limitation of liability
    • Termination on breach
  5. Tailor for jurisdiction and audience — Add GDPR-specific sections (legal basis, DPO, data subject rights) for EU users; add CCPA-specific sections (right to know, opt-out of sale, non-discrimination) for California users; add COPPA language if any users may be under 13.
  6. Apply plain-language principles — Use short sentences. Avoid Latin phrases. Define jargon on first use. Use "you" for the user and "we" or "[Company Name]" for the company. Use active voice.
  7. Add version control and effective dates — Every legal document must include a version number and effective date at the top. Include a changelog or "last updated" date. Explain how users will be notified of changes.
  8. Review for completeness against a checklist — Confirm the ToS includes all 14 sections listed in step 2; the Privacy Policy includes all 10 sections in step 3; the EULA includes all 7 items in step 4.
  9. Add a prominent disclaimer at the top of the draft — Note that the document is a template draft requiring attorney review before publication.
  10. Recommend legal review triggers — Flag specific circumstances that require mandatory attorney review: collecting health data (HIPAA), financial data (GLBA), operating in the EU (GDPR DPA), serving children under 13 (COPPA), processing payments (PCI DSS), or operating in highly regulated industries.
  1. 起草前收集产品背景信息——收集以下内容:产品名称、公司名称及所属司法管辖区、产品类型(SaaS、移动应用、交易平台、API)、从用户处收集的数据类型、订阅/付费模式(免费、免费增值、付费层级)、目标受众(消费者、企业、儿童?),以及可能涉及特定法律影响的核心功能(AI/ML、UGC、支付、健康数据)。
  2. 按照以下标准结构起草Terms of Service:
    • 条款接受——用户同意方式(点击同意、浏览即同意);年龄/资格要求
    • 服务说明——产品功能;服务范围
    • 账户注册与安全——账户创建、凭证责任、账户暂停规则
    • 可接受使用政策——禁止行为、禁止内容、执行权利
    • 知识产权——公司知识产权归属;授予用户的许可;用户生成内容反向授予公司的许可
    • 支付与订阅条款——定价、计费周期、自动续费、退款政策、价格变更规则
    • 隐私——引用Privacy Policy;如适用,添加GDPR/CCPA合规声明
    • 免责声明——“按现状”提供服务的声明;不保证服务可用性或结果
    • 责任限制——责任上限(通常为过去12个月内用户支付的费用);排除间接损害赔偿
    • 赔偿条款——用户因滥用服务或内容而向公司提供赔偿
    • 服务终止——终止理由、终止影响、数据导出窗口期
    • 争议解决——仲裁条款、集体诉讼弃权、管辖法律、司法管辖区
    • 条款变更——变更通知方式;继续使用即视为接受变更
    • 联系方式——法律事务联系邮箱/地址
  3. 按照以下标准结构起草Privacy Policy:
    • 收集的信息——类别:账户数据、使用数据、设备数据、Cookie、第三方数据
    • 处理的法律依据(GDPR要求)——同意、合同履行、合法利益
    • 信息使用方式——服务交付、分析、营销、合规要求
    • 信息共享——服务提供商、分析供应商、支付处理器;不出售个人数据(如按CCPA要求出售则需披露)
    • 数据保留——数据保留时长;删除政策
    • 安全措施——合理安全措施;数据泄露通知承诺
    • 用户权利——访问、更正、删除(被遗忘权)、数据可携性、异议、退出出售
    • 儿童隐私——COPPA合规;不故意收集13岁以下用户的数据
    • 国际数据传输——跨境传输的标准合同条款或其他机制
    • 联系人/数据保护官(DPO)信息——如何行使权利;如适用,提供数据保护官联系方式
  4. 起草EULA(如适用),涵盖以下内容:
    • 许可授予(个人、非排他、不可转让、可撤销)
    • 许可限制(禁止逆向工程、禁止再许可、免费层级禁止商业使用)
    • 知识产权归属(所有权利归许可方所有)
    • 更新与支持条款
    • 免责声明与责任限制
    • 违约时的终止条款
  5. 根据司法管辖区和受众定制——为欧盟用户添加GDPR特定章节(法律依据、DPO、数据主体权利);为加利福尼亚用户添加CCPA特定章节(知情权、退出出售权、非歧视);若用户可能包含13岁以下儿童,添加COPPA相关内容。
  6. 采用简明语言原则——使用短句,避免拉丁语短语,首次使用术语时进行定义,用“您”指代用户,用“我们”或“[公司名称]”指代公司,使用主动语态。
  7. 添加版本控制和生效日期——每份法律文档顶部必须包含版本号和生效日期,添加变更日志或“最后更新”日期,说明如何通知用户条款变更。
  8. 对照清单检查完整性——确认ToS包含步骤2中列出的全部14个章节;Privacy Policy包含步骤3中列出的全部10个章节;EULA包含步骤4中列出的全部7项内容。
  9. 在草案顶部添加显著免责声明——注明本文档为模板草案,发布前需经律师审核。
  10. 标注需触发法律审核的情形——标记需要强制律师审核的特定情况:收集健康数据(HIPAA)、金融数据(GLBA)、在欧盟运营(GDPR数据处理协议)、服务13岁以下儿童(COPPA)、处理支付(PCI DSS),或在高度监管行业运营。

Examples

示例

Example 1: Terms of Service for a B2C SaaS Project Management App

示例1:面向B2C SaaS项目管理应用的Terms of Service

Input: "Draft a Terms of Service for 'Taskflow,' a SaaS project management app. Company: Taskflow Inc., incorporated in Delaware. Users are adults (18+), primarily individual professionals and small business teams. Free tier and $12/month paid tier. Users create projects, tasks, and can share files. We store user data on AWS US-East. No AI features. Governing law: Delaware."
Output (excerpt — key sections):
TASKFLOW TERMS OF SERVICE Effective Date: [DATE] | Version 1.0
⚠️ Draft Template — This document requires review by a licensed attorney before publication.
1. Acceptance of Terms By creating an account or using Taskflow ("Service"), you ("User") agree to these Terms of Service ("Terms") and our Privacy Policy. If you are using the Service on behalf of a business, you represent that you have authority to bind that business to these Terms. You must be at least 18 years old to use the Service.
2. Description of Service Taskflow provides a cloud-based project and task management platform that allows users to create projects, assign tasks, collaborate with team members, and store and share files. We reserve the right to modify, suspend, or discontinue any feature of the Service at any time with reasonable notice.
3. Account Registration and Security You must provide accurate information when creating your account. You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account. Notify us immediately at security@taskflow.com if you suspect unauthorized access.
4. Acceptable Use You agree not to: (a) use the Service for any unlawful purpose; (b) upload or transmit malicious code, spam, or unauthorized advertising; (c) attempt to gain unauthorized access to any part of the Service or other users' accounts; (d) use the Service to store, process, or transmit sensitive personal data (health records, financial account numbers, government IDs) without our prior written consent.
5. Intellectual Property Taskflow Inc. retains all rights, title, and interest in the Service, including all software, designs, and trademarks. You retain ownership of all content you upload to the Service ("User Content"). By uploading User Content, you grant Taskflow Inc. a limited, non-exclusive license to store, display, and process your User Content solely to provide the Service to you.
6. Subscription and Payment Free Tier: Available at no charge subject to usage limits described at taskflow.com/pricing. Pro Tier ($12/month): Billed monthly in advance. Subscriptions auto-renew unless cancelled at least 24 hours before the renewal date. No refunds for partial months. We reserve the right to change pricing with 30 days' notice; continued use after the effective date constitutes acceptance of new pricing.
7. Limitation of Liability TO THE MAXIMUM EXTENT PERMITTED BY LAW, TASKFLOW INC.'S TOTAL LIABILITY TO YOU FOR ANY CLAIM ARISING FROM THESE TERMS OR YOUR USE OF THE SERVICE SHALL NOT EXCEED THE GREATER OF (A) THE FEES YOU PAID IN THE 12 MONTHS PRECEDING THE CLAIM OR (B) $100. IN NO EVENT SHALL TASKFLOW INC. BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES.
8. Dispute Resolution These Terms are governed by the laws of the State of Delaware. Any dispute shall be resolved by binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules, conducted in Delaware. YOU WAIVE THE RIGHT TO A JURY TRIAL AND TO PARTICIPATE IN CLASS-ACTION PROCEEDINGS.
输入: “为名为'Taskflow'的SaaS项目管理应用起草Terms of Service。公司:Taskflow Inc.,注册于特拉华州。用户为成年人(18岁以上),主要为个体专业人士和小型企业团队。提供免费层级和每月12美元的付费层级。用户可创建项目、任务并共享文件。我们将用户数据存储在AWS美国东部区域。无AI功能。管辖法律:特拉华州法律。”
输出(节选——核心章节):
TASKFLOW 服务条款(TERMS OF SERVICE) 生效日期:[日期] | 版本1.0
⚠️ 模板草案——本文档发布前需经持牌律师审核。
1. 条款接受 通过创建账户或使用Taskflow(“服务”),您(“用户”)同意本服务条款(“条款”)及我们的Privacy Policy。如果您代表企业使用本服务,您声明您有权约束该企业接受本条款。您必须年满18岁才能使用本服务。
2. 服务说明 Taskflow提供基于云的项目和任务管理平台,允许用户创建项目、分配任务、与团队成员协作,并存储和共享文件。我们保留随时修改、暂停或终止服务任何功能的权利,并将提前发出合理通知。
3. 账户注册与安全 您创建账户时必须提供准确信息。您负责维护登录凭证的保密性,并对账户下的所有活动负责。如怀疑账户存在未授权访问,请立即通过security@taskflow.com通知我们。
4. 可接受使用 您同意不:(a) 将服务用于任何非法目的;(b) 上传或传输恶意代码、垃圾信息或未经授权的广告;(c) 试图未经授权访问服务的任何部分或其他用户的账户;(d) 在未获得我们事先书面同意的情况下,使用服务存储、处理或传输敏感个人数据(健康记录、金融账户号码、政府身份证件)。
5. 知识产权 Taskflow Inc.保留服务的所有权利、所有权和利益,包括所有软件、设计和商标。您保留上传至服务的所有内容(“用户内容”)的所有权。通过上传用户内容,您授予Taskflow Inc.有限、非排他性许可,仅为向您提供服务而存储、展示和处理您的用户内容。
6. 订阅与支付 免费层级: 免费提供,但需遵守taskflow.com/pricing页面所述的使用限制。专业层级(每月12美元): 提前按月计费。订阅将自动续费,除非在续费日期前至少24小时取消。不提供部分月份的退款。我们保留提前30天通知变更定价的权利;变更生效后继续使用服务即视为接受新定价。
7. 责任限制 在法律允许的最大范围内,Taskflow Inc.就本条款或您使用服务产生的任何索赔对您承担的全部责任,不超过以下两者中的较大值:(A) 索赔发生前12个月内您支付的费用,或(B) 100美元。在任何情况下,Taskflow Inc.均不承担间接、附带、特殊或后果性损害赔偿责任。
8. 争议解决 本条款受特拉华州法律管辖。任何争议均由美国仲裁协会根据其商业仲裁规则进行有约束力的仲裁,仲裁地点为特拉华州。您放弃陪审团审判权和参与集体诉讼的权利。

Example 2: Privacy Policy for a Mobile App (Consumer, Ad-Supported)

示例2:面向广告支持型消费者移动应用的Privacy Policy

Input: "Draft a Privacy Policy for 'FitTrack,' a free fitness tracking mobile app (iOS and Android). Company: FitTrack LLC, California. We collect: name, email, age, workout data, GPS location (during workouts), and device identifiers. We share data with: Firebase Analytics, Stripe (if premium upgrade), and advertising partners. We do not sell data. Governed by California law. Some users may be 13–17 years old."
Output (excerpt — key sections):
FITTRACK PRIVACY POLICY Effective Date: [DATE] | Last Updated: [DATE]
⚠️ Draft Template — Review by a licensed attorney is required before publication, particularly given CCPA, COPPA, and GDPR implications.
Information We Collect
CategoryExamplesWhy We Collect It
Account DataName, email address, date of birthAccount creation and age verification
Health & Fitness DataWorkout logs, steps, calories, exercise typeCore app functionality
Location DataGPS coordinates during active workoutsRoute tracking feature (opt-in)
Device DataDevice ID, OS version, IP addressSecurity, analytics, crash reporting
Usage DataFeatures used, session duration, in-app clicksProduct improvement
How We Use Your Information We use your information to: (1) provide, operate, and improve the FitTrack app; (2) personalize your experience and fitness recommendations; (3) display interest-based advertising through our advertising partners; (4) communicate with you about your account and service updates; (5) comply with legal obligations.
Information Sharing We share information with: (a) Firebase Analytics (Google) — usage analytics; (b) Stripe — payment processing for premium upgrades (we do not store your full payment card number); (c) Advertising Partners — device identifiers and interest segments for ad targeting. We do not sell your personal information as defined under the California Consumer Privacy Act (CCPA).
Children's Privacy (COPPA) The app is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, contact us at privacy@fittrack.com and we will delete it promptly. Users between 13 and 17 may use the app only with verifiable parental consent. We obtain parental consent through email confirmation: a parent or guardian must confirm from the account registration email address before the minor's account is activated. Health and fitness data of minors is treated with heightened protection and is not shared with advertising partners.
Your California Privacy Rights (CCPA) California residents have the right to: (1) know what personal information we collect and how it is used; (2) request deletion of your personal information; (3) opt out of the sale of personal information (we do not sell personal data); (4) non-discrimination for exercising these rights. To exercise these rights, email privacy@fittrack.com or visit [fittrack.com/privacy-rights].
Your Rights (GDPR — EU Users) If you are located in the European Economic Area, you have rights to: access, rectification, erasure, restriction of processing, data portability, and objection. Our legal basis for processing is contract performance (account data), legitimate interest (analytics), and consent (location, advertising). To exercise your rights, contact dpo@fittrack.com.
Contact Us FitTrack LLC | 123 Market Street, San Francisco, CA 94105 | privacy@fittrack.com
输入: “为名为'FitTrack'的免费健身追踪移动应用(iOS和Android)起草Privacy Policy。公司:FitTrack LLC,位于加利福尼亚州。我们收集的信息包括:姓名、电子邮件、年龄、健身数据、GPS位置(健身期间)及设备标识符。我们与以下方共享数据:Firebase Analytics、Stripe(如用户升级至高级版)及广告合作伙伴。我们不出售数据。受加利福尼亚州法律管辖。部分用户年龄可能在13-17岁之间。”
输出(节选——核心章节):
FITTRACK 隐私政策(PRIVACY POLICY) 生效日期:[日期] | 最后更新:[日期]
⚠️ 模板草案——发布前需经持牌律师审核,尤其需考虑CCPA、COPPA和GDPR的影响。
我们收集的信息
类别示例收集原因
账户数据姓名、电子邮件地址、出生日期账户创建及年龄验证
健康与健身数据健身日志、步数、卡路里、运动类型核心应用功能
位置数据健身期间的GPS坐标路线追踪功能(可选启用)
设备数据设备ID、操作系统版本、IP地址安全、分析、崩溃报告
使用数据使用的功能、会话时长、应用内点击产品改进
我们如何使用您的信息 我们使用您的信息用于:(1) 提供、运营和改进FitTrack应用;(2) 个性化您的体验和健身建议;(3) 通过广告合作伙伴展示基于兴趣的广告;(4) 与您沟通账户及服务更新事宜;(5) 遵守法律义务。
信息共享 我们与以下方共享信息:(a) Firebase Analytics(谷歌)——使用分析;(b) Stripe——高级版升级的支付处理(我们不存储您的完整支付卡号);(c) 广告合作伙伴——设备标识符和兴趣细分,用于广告定向。我们不会出售您的个人信息,此定义符合《加利福尼亚消费者隐私法案》(CCPA)。
儿童隐私(COPPA) 本应用并非面向13岁以下儿童。我们不会故意收集13岁以下儿童的个人信息。如果您认为我们无意中收集了13岁以下儿童的信息,请通过privacy@fittrack.com联系我们,我们将立即删除。13至17岁的用户仅可在获得可验证的父母同意后使用本应用。我们通过电子邮件确认获取父母同意:父母或监护人必须从账户注册邮箱地址发送确认邮件,未成年人账户才能激活。未成年人的健康和健身数据将受到更高程度的保护,不会与广告合作伙伴共享。
您的加利福尼亚隐私权利(CCPA) 加利福尼亚居民享有以下权利:(1) 了解我们收集的个人信息及其使用方式;(2) 请求删除您的个人信息;(3) 退出个人信息出售(我们不出售个人数据);(4) 不因行使这些权利而受到歧视。如需行使这些权利,请发送邮件至privacy@fittrack.com或访问[fittrack.com/privacy-rights]。
您的权利(GDPR——欧盟用户) 如果您位于欧洲经济区,您享有以下权利:访问、更正、删除、限制处理、数据可携性及异议。我们处理数据的法律依据包括合同履行(账户数据)、合法利益(分析)及同意(位置、广告)。如需行使这些权利,请联系dpo@fittrack.com
联系我们 FitTrack LLC | 加利福尼亚州旧金山市场街123号,邮编94105 | privacy@fittrack.com

Best Practices

最佳实践

  • Always include an effective date and version number — users and regulators need to know which version applies to them
  • Use a clickwrap acceptance mechanism (explicit checkbox + "I agree") rather than browsewrap (passive "by using the site you agree") — clickwrap is far more legally defensible
  • Keep the Privacy Policy and ToS as separate documents — bundling them makes each less readable and can cause compliance issues
  • For GDPR compliance, document your legal basis for each category of data processing — consent is not always the right basis
  • Review and update legal documents whenever you: add a major new feature, change your data sharing practices, change your pricing model, or enter a new jurisdiction
  • Store records of when users accepted each version of your Terms — this is critical evidence if a dispute arises
  • 始终包含生效日期和版本号——用户和监管机构需要了解适用的版本
  • 使用点击同意机制(明确的复选框+“我同意”)而非浏览即同意(被动的“使用本网站即表示同意”)——点击同意在法律上更具可执行性
  • 将Privacy Policy和ToS作为独立文档——捆绑在一起会降低可读性,并可能导致合规问题
  • 为符合GDPR要求,记录每类数据处理的法律依据——同意并非总是合适的依据
  • 每当添加重大新功能、更改数据共享实践、更改定价模式或进入新司法管辖区时,审核并更新法律文档
  • 存储用户接受各版本条款的记录——这在发生争议时是关键证据

Common Mistakes

常见错误

  • Using a generic template without customizing for your actual data practices — a Privacy Policy that doesn't match reality creates liability
  • Omitting the arbitration clause or making it non-mutual — courts are increasingly scrutinizing unfair arbitration provisions
  • Failing to address user-generated content rights — if users can post content, you need a license to display and store it
  • Not including a data retention / deletion section — required under GDPR and CCPA and important for user trust
  • Setting the liability cap too low (e.g., $5) — courts sometimes void unconscionably low caps, undermining the entire clause
  • Publishing a Privacy Policy that mentions GDPR or CCPA compliance without actually implementing the required operational practices
  • 使用通用模板而未根据实际数据实践进行定制——与实际情况不符的Privacy Policy会带来法律责任
  • 省略仲裁条款或使其非互惠——法院越来越多地审查不公平的仲裁条款
  • 未解决用户生成内容的权利问题——如果用户可以发布内容,您需要获得展示和存储内容的许可
  • 未包含数据保留/删除章节——GDPR和CCPA要求必须包含,且对用户信任至关重要
  • 设置过低的责任上限(例如5美元)——法院有时会判定不合理的低上限无效,从而削弱整个条款的效力
  • 发布提及GDPR或CCPA合规但未实际实施所需操作流程的Privacy Policy

Tips & Tricks

技巧与窍门

  • Link to your Privacy Policy and ToS in your app store listing, registration page, footer, and any marketing emails — this creates a clear acceptance record
  • Use a "summary table" at the top of your Privacy Policy (e.g., "What we collect | Why | How long") to improve readability and demonstrate good faith to regulators
  • For cookie consent (GDPR), use a consent management platform (CMP) rather than trying to hand-code the consent flow — the technical requirements are complex
  • Version your legal documents with semantic versioning (1.0.0, 1.1.0) and maintain an archive — you may need to prove what a user agreed to at a specific point in time
  • Add a "plain-language summary" section at the top of your ToS — it doesn't replace the legal text but significantly improves user trust and reduces disputes
  • 在应用商店列表、注册页面、页脚及任何营销邮件中链接您的Privacy Policy和ToS——这会创建清晰的接受记录
  • 在Privacy Policy顶部添加“摘要表格”(例如“我们收集的信息 | 用途 | 保留时长”)以提高可读性,并向监管机构展示良好意愿
  • 针对Cookie同意(GDPR),使用同意管理平台(CMP)而非尝试手动编写同意流程——技术要求复杂
  • 使用语义版本控制(1.0.0、1.1.0)对法律文档进行版本管理,并维护存档——您可能需要证明用户在特定时间点同意的条款内容
  • 在ToS顶部添加“简明语言摘要”部分——它不能替代法律文本,但能显著提高用户信任并减少争议

Related Skills

相关技能

  • contract-reviewer
  • legal-summarizer
  • 合同审核工具
  • 法律文档摘要工具