Are you confused about the difference between disclaimers and Privacy Policies, and whether you should have both, one or none of them?

Disclaimers and a Privacy Policies are two of the most important legal protections you can have for your website or app. Both can limit your liability to users depending on the issue.

This article will help you differentiate between the two and show you when each is recommended, and sometimes required.


What are Disclaimers and Privacy Policies?

These protections are often confused for each other because they both can help protect you from legal action. While they may appear to function the same way, their purpose and how they protect your website is what makes them different from each other.

Disclaimers

Disclaimers are statements notifying users of the website's limit or scope of its liability to users when visiting the site. These statements disclaim something, such as liability, errors, omissions, mistakes, or viruses that a customer or visitor may encounter.

Disclaimers are not agreements, as a Privacy Policy or Terms of Conditions are. They are simply statements from the website making users aware of the site's liability limitations.

There is no hard-and-fast rule to what disclaimers you can have, but there are some common ones, including:

  • Disclaimer of Warranty
  • Limitation of Liabilities
  • Third-Party Services
  • Medical/Legal Disclaimers
  • Shipping or Return Policy Disclaimers

The type and amount of disclaimers to include depends on your website and what you provide. Almost every website includes a Disclaimer of Warranty and Limitation of Liability, but niche websites may need to have additional disclaimers because of their services.

For example, ecommerce stores would also have shipping or return policy disclaimers and fitness blogs would provide a medical disclaimer. It's up to you to decide what disclaimers to use.

Disclaimers can be part of a site's Terms of Conditions, which is how they can be sometimes confused for other legal protections. You can include disclaimers in other agreements or have a separate disclaimer page as well.

A key thing to remember about disclaimers is that they are not required by law. This is one of the main distinctions between them and Privacy Policies. Since disclaimers are actually meant to protect the site more than the user, laws leave it up to the website if they want to include this extra protection.

Even though disclaimers are not required, it is highly recommended when creating your website that you include them to safeguard your site.

Privacy Policies

Whereas disclaimers are statements, a Privacy Policy is an actual legal agreement between a user and the website. When you agree to access and use the site, you are agreeing to the terms in the Policy. A Privacy Policy states how your website handles the personal data that is collected from users when they are visiting your site.

As we mentioned above, Privacy Policies are legally required by numerous laws to protect users' private information. The caveat to this is that they are only required when your site collects personal data. If your site doesn't collect personal data then you are not required to have one.

Unlike disclaimers, a Privacy Policy does have required elements you need to include when drafting it. You must have in your Policy:

  • What data is collected
  • How the data is collected and stored
  • How the data is protected
  • User's rights to their data

Another requirement for a Privacy Policy is it must be clearly accessible in multiple places on a website and can not be part of another agreement. This is different from disclaimers as they are not required to be a separate Policy or have a link provided.

The requirements for Privacy Policies are ever-changing as well. With the passing of new laws, Privacy Policies are constantly being updated or new clauses are added to them to keep the website compliant with the law.

Why Should You Have Both?

Both disclaimers and Privacy Policies protect your website from potential liability in their own way. We mentioned above that the key differences between the two are their purpose and what they protect your site from.

A disclaimer's purpose is to notify users of the site's limits on its liability to users and protects your site if a user pursues legal action for using the site.

A Privacy Policy notifies users of how it handles personal information and is included in case there is an issue about whether users were properly notified about the Policy.

How these two can be confused is that they sometimes have overlapping clauses.

For example, you may have a third-party disclaimer and a third-party clause in a Privacy Policy. Both reference the site has third-party links or uses third parties for the function of the website. The difference between the two is how each one handles it.

Take a look at BuzzFeed's Third-Party Sites clause in its Privacy Policy. It states that BuzzFeed features third-party links and shares personal data with them for the site to function:

BuzzFeed Privacy Policy: Third-Party Sites clause

How the clause is different from a disclaimer is it states how the third-parties are used to process or store the user's information. The clause's main function is to inform users, but it is also as a protection for the website from issues down the road over whether users are notified about the use of third parties.

Now take a look at BuzzFeed's Third Party Services Disclaimer in its User Agreement. It doesn't mention personal data but is solely about disclaiming liability for any direct or indirect damages a user may have from these services:

BuzzFeed User Agreement: Third Party Services clause

The disclaimer is solely meant to protect the website from liability from third-party services, even though it puts users on notice of this limitation.

You can see how including both disclaimers and a Privacy Policy is important for your website or app. They are unique from each other, but both safeguard your site against liability issues.

Examples of Disclaimers and Privacy Policies

Examples of Disclaimers and Privacy Policies

If you are still confused about the difference between the two, these examples of disclaimers and clauses in Privacy Policies may help in differentiating them even more.

Disclaimers

Disclaimers of Warranty

A Disclaimer of Warranty is meant to disclaim any promises that a user may not encounter errors, omissions, or inaccuracies on the website. A Disclaimer of Warranty may state the website doesn't promise to make changes or update the content as well.

Apple's Disclaimer of Warranty notifies users that Apple does not promise there won't be issues with the site and that users take the site "AS IS" or as it appears, errors and all.

Apple Terms of Use: Disclaimers clause

Limitation of Liability

The other most common disclaimer is the Limitation of Liability disclaimer. This disclaimer works to limit the website's liability to users for any damages they may have from using the site.

The Guardian's Limitation of Liability is a typical example of what this disclaimer looks like. It is bolded and lists the different causes for damages a user may encounter that The Guardian is not liable for, such as loss of programs, loss due to inaccuracies on the website, and loss of goodwill:

The Guardian Terms and Conditions: Limitation of Liability clause

Both disclaimers and Privacy Policies can be written to fit your website. An example of a site-specific Limitation of Liability disclaimer is from Credit Karma. Since Credit Karma is a financial website, it includes limitations related to finances, loss of profits and business interruptions:

Credit Karma Terms of Service: Limitation of Liability clause excerpt

For niche websites, such as fitness blogs or legal websites, a medical or legal disclaimer is a necessity. Both function the same by informing users the website should not be used as professional advice but is meant for "informational" or "general" purposes.

Weight Watchers includes a Health Notice stating the site is not a medical organization and users should always receive advice from a primary provider before partaking in one of its health plans:

Weight Watchers Terms and Conditions: Health Notices clause excerpt

Shipping Policy

Along the same lines as niche websites, ecommerce stores often have a disclaimer in their Shipping Policies or other legal agreements explaining that the site does not promise goods will be received on time for certain reasons, and that shipping times may vary.

You can see how Blue Apron includes a fewf disclaimers in its Shipping and Handling Policy disclaimer. It reminds users that shipping times are estimates and that the site is not liable if there is a third party delivery service involved when a customer does not receive the package:

Blue Apron Terms of Use: Shipping and Handling clause

Return Policy

Disclaimers are also seen in Return or Refund Policies. Including a disclaimer in these policies is very important in the event that there is a disagreement over a refund or if there is an issue with a returned product.

thredUP's disclaimer in its Return and Refund Policy notifies users of the limit to how long they can return the item, how the item must be returned to receive a refund, and if requirements are not met, thredUP will not refund the cost of the item:

thredUP Terms of Use: Return and Refund Policy clause excerpt

Separate Disclaimer Pages

Disclaimers are commonly found in a Terms of Conditions agreement. But they don't have to only be located there. You can also create a separate disclaimer page that includes all of the disclaimers you wish to present.

Hello Glow provides a disclaimer page through a separate link in its footer.

Hello Glow menu bar with Disclaimer highlighted

The disclaimer page includes disclaimers about medical advice, opinions from the author and a link to an affiliate disclosure:

Hello Glow Disclaimer summary

Privacy Policies

A website can have as many disclaimers it wants and any type. A Privacy Policy, on the other hand, must have certain clauses to be compliant with all of the different privacy laws in the world.

Here are a few of the most important and most common clauses you'll find in a Privacy Policy.

What Information is Collected

A Privacy Policy will always have a clause stating what personal information a site collects, no matter if it is sensitive information such as credit card information or simply a user's name. This clause must include all the information that is collected.

The A+E Networks Privacy Notice states the site collects multiple types of information, ranging from phone number to discussion board posts, along with how it collects that information:

A and E Networks Privacy Notice: Types of Information We Collect and Why clause excerpt

How the Information is Used

A Privacy Policy notifies users of not only what information is collected, but also how that information is used. This is an important clause in case there is an issue later on about whether a website used information for a different purpose that was stated in the Policy.

In Overstock's Privacy and Security Policy, there are clearly-defined uses for the information like marketing and fraud prevention and specific examples of how the data is used:

Overstock Privacy and Security Policy: How We Use the Information We Collect clause

Protection of Information/Security

An important clause in a Privacy Policy that's similar to a disclaimer is the clause that addresses how the collected personal information is protected. These clauses typically state that the data is protected by certain protections, but there is a limit to the site's responsibility. It informs users they are also responsible for protecting their own information and that no protection is full-proof.

Target's security clause includes the safeguards implemented by the site, along with reminding customers that the Target website is not "hacker proof" and users must also protect their information:

Target Privacy Policy: How is Your Personal Information Protected clause

User's Rights

With the enactment of the GDPR and the California Consumer Privacy Act (CCPA), two of the strictest privacy laws in the world, Privacy Policies are now required to include a clause about what a user's rights are to when it comes to their personal information.

Not including this clause can leave your website open to potential legal issues over lack of notification, which is why this clause is an essential part of a Privacy Policy.

Hershey's Privacy Policy states how users may opt-out of certain uses of their information, like marketing emails and cookies, and that users have control over how their information is handled:

Hershey's Privacy Policy: User rights and choices clause

Changes to the Policy

Making users aware of changes to a website or policy is a way to protect your site. This clause should let users know that changes may happen, and how users will be notified of such changes.

Reddit's Privacy Policy states Reddit may make changes to its policy if it wishes and provides the different ways it will notify users of this change:

Reddit Privacy Policy: Changes to this Policy clause

Notification

We stated one of the key differences between a Privacy Policy and disclaimers is that one is legally required and the other is not. This also applies to how users may access them.

A disclaimer can be included in other legal agreements on the site or be its own page. A Privacy Policy must be "clearly accessible" on the website and kept separate. This is typically done by providing a link to the Privacy Policy in the website footer.

Take a look at how Toyota provides a link in its footer to its Privacy Policy:

Toyota website footer with Privacy Policy highlighted

Summary

Privacy Policies and disclaimers are both necessary to protect your website or app from potential legal disputes. However, each protects your site in different ways, which is why its recommended to have both.

When drafting these for your site, here are a few key tips to remember:

  • Purpose

    • A disclaimer notifies users of what a website is not liable for or its limitations of liability
    • A Privacy Policy notifies users of how it handles private information it collects
  • Protection

    • Disclaimers protect you by limiting your liability to users when accessing the site
    • Privacy Policies protect you from any issues arising from whether users are notified about your policies
  • Statement or Agreement

    • A disclaimer is a statement that is either included in one of the agreements on a website or its own page
    • A Privacy Policy is a legal agreement that must be separate from other policies, and a link must be provided to it