
When you run a retail store, you have a wide-ranging legal relationship with customers. This includes your relationship as a buyer and seller, the options for returning goods after a sale, and the way you handle people's personal data. Each of these elements needs clear rules and information, which you can set out in specific legal policies. These policies give you control and certainty.
In this guide we've mainly covered how these legal policies apply to doing business in a physical store rather than online sales.
Use FreePrivacyPolicy.com to generate the necessary legal agreements for your website/app:
- Free Privacy Policy Generator
- Free Terms and Conditions Generator
- Free Cookies Policy Generator
- Free Disclaimer Generator
- Free EULA Generator
- Free Return & Refund Policy Generator
You check our Free Cookie Consent to start making your business legally compliant with the Cookies Directive in the EU.
- 1. Privacy Policies for Legal Stores
- 1.1. What is Personal Information?
- 1.2. Do I Need A Privacy Policy?
- 1.3. What to Include in a Privacy Policy
- 1.3.1. What Personal Information You Collect
- 1.3.2. How and Why You Use Personal Information
- 1.3.3. Whether You Share Personal Information
- 1.3.4. How Users Can Opt Out
- 1.3.5. Personal Information Retention
- 1.3.6. Securing Personal Information
- 1.3.7. User Rights
- 2. Return and Refund Policy for Retail Stores
- 2.1. Do I Need a Return and Refund Policy?
- 2.2. What to Include in a Return and Refund Policy
- 2.2.1. When Returns are Allowed
- 2.2.2. The Returns Process
- 2.2.3. Costs of the Return
- 2.2.4. Exceptions
- 2.2.5. Return Methods and Restocking Fees
- 2.2.6. Timelines
- 3. Terms and Conditions Agreements for Retail Stores
- 3.1. Do I Need a Terms and Conditions Agreement?
- 3.2. What to Include in a Terms and Conditions Agreement
- 3.2.1. Pricing Terms
- 3.2.2. Returns
- 3.2.3. Legal Disputes, Governing Law and Jurisdiction
- 3.2.4. Limits on Liability and Warranty
- 4. Displaying Legal Policies for Retail Stores
- 4.1. What About Displaying Policies in Stores?
- 5. How Do I Get Agreement to Legal Policies for Retail Stores?
- 6. Summary
Privacy Policies for Legal Stores
A Privacy Policy is a document that sets out how you collect and use personal data. Its main aim is to give the data subject (the person the data is about) the information they need to make informed decisions, including whether to give you their data and whether to consent to you using it in a particular way.
With a retail store, this could help them decide whether to be a customer. Having a clear Privacy Policy will build trust and credibility in a potential customer.
What is Personal Information?
While specific definitions vary among different data privacy laws, the most common principle is that personal information is any information that can be used to identify an individual.
For a retail store, common examples of personal information include:
- The customer's name
- The customer's email address
- The customer's mailing address
- The customer's phone number
- The customer's financial details such as a debit card number
Do I Need A Privacy Policy?
If you collect or process any personal information, you will legally need a Privacy Policy. Even if you don't collect such information, you should still have one as authorities and consumers expect to see one.
In the US, retail stores mainly fall under state privacy laws. Not all states have them, and the details vary. In most cases the law applies if you handle personal data about a large number of state residents each year, usually in the tens of thousands. These state laws don't usually require consent to collect or use personal data, but you must inform people about the data use and give them a chance to opt out. A Privacy Policy is the best way to do this.
What to Include in a Privacy Policy
The precise legal requirements for Privacy Policies vary from law to law. The following points may be required, so it's safest to include all of them.
What Personal Information You Collect
You can usually list the types of personal information you collect in categories. These should be specific enough that the list isn't overwhelming, but people can still reasonably figure out if you collect a particular piece of data about them.
Costco lists the types of information it collects:
How and Why You Use Personal Information
Many data privacy laws say you must inform people about the ways you will use personal information.
Again, set out categories that are specific enough to be meaningful but broad enough not to be overwhelming.
Kroger gives both generic and specific examples:
Whether You Share Personal Information
Disclose if you share any personal information with third parties. This includes both selling the data and passing it on without payment. Either list the recipients or give an outline of the type of organization that you share the data with such as "business partners" or "suppliers."
Walmart gives details of the ways it shares data:
How Users Can Opt Out
Let users know how they can opt out of the use of their personal information, even after you have collected it.
Here's how Target does this:
Personal Information Retention
Set out how long you keep personal information. If you don't have a fixed timescale, say how you will decide when to delete data.
Walgreens details its retention policy:
Securing Personal Information
Detail how you protect personal information against unauthorized access, alteration or deletion. You don't necessarily have to list the specific measures, particularly if this could compromise the security but should at least cover the types of protection you use.
Lowes outlines the types of security it uses and its goals:
User Rights
Explain the customer's legal rights regarding their personal data and how to exercise these rights. This could include the right to know what data you hold on them, to correct any errors, and to ask you to delete it if it's no longer relevant or necessary for its original purpose.
Aldi details specific rights and how to exercise them:
Return and Refund Policy for Retail Stores
A Return and Refund Policy sets out whether you accept returns and issue refunds, and your rules surrounding this This could include rules that say you don't accept returns or impose restrictions on them.
Note that a Return and Refund Policy usually only covers cases where the customer has changed their mind after a purchase. It doesn't cover cases where the goods are faulty or not as advertised. That's because most consumer laws say what you must do in such cases rather than letting you set the rules.
Do I Need a Return and Refund Policy?
Whether you legally need a Return and Refund Policy depends on the relevant laws where you have retail stores. These vary between countries and between individual states in the US.
Usually one of two positions applies:
- You can set any rules you like.
- A default set of rules applies, and you can only set and enforce different rules if you publish a clear and prominent policy.
In the latter situation, you will definitely need a Return and Refund Policy if you want to impose any restrictions on returns. Either way, a Return and Refund Policy will build trust and credibility and could make people more likely to make a purchase, knowing what options they have if they change their mind.
What to Include in a Return and Refund Policy
Include the following information in your policy.
When Returns are Allowed
Set out the general position on when you do, and just as importantly do not, accept returns.
Macy's gives a concise but detailed overview of its policy:
The Returns Process
Set out what the customer must do to make a return, including how they must initiate the return (for example, getting a reference number). Detail any conditions such as requiring the original packaging or proof of purchase.
7-11 offers an online tool to start the returns process:
Costs of the Return
Say who will pay for the costs of returning the goods, including shipping fees. Say who will pay for the costs of delivering a replacement if you send it to the customer's home.
H&M explains how the costs vary for different customers:
Exceptions
Detail any exceptions to your usual Return and Refund Policy. It's helpful to explain the reasons for the exceptions if they aren't obvious. Common examples include:
- Perishable goods
- Goods which are custom made
- Underwear and intimate apparel
- Goods such as video or audio recordings which the customer could unlawfully copy before returning
H-E-B details specific rules for particular exceptions:
Return Methods and Restocking Fees
Set out what remedies you offer for returned goods. This could include:
- Repairing faulty items
- Replacing the item
- Offering a cash refund (or refund to the payment card)
- Issuing a credit note or voucher
Detail any fees you impose or deduct such as a restocking fee.
Best Buy details its restocking fees:
Timelines
Set out any timelines and deadlines. This could include any time limit on the customer returning goods after purchase, the time it will take to issue any refund or replacement, and any time limit on using credit notes or vouchers.
TJ Maxx sets out several deadlines:
Terms and Conditions Agreements for Retail Stores
A Terms and Conditions agreement is a set of rules, usually created by the seller, which govern the relationship between the seller and buyer. These rules apply to all transactions and work alongside the specific agreement to sell a particular item at a particular price. The rules will apply in any legal dispute about a transaction.
Do I Need a Terms and Conditions Agreement?
Although retail stores don't legally need a Terms and Conditions agreement, it makes sense to have one. The agreement gives both sides certainty and will demonstrate professionalism and authority to potential customers. It also lets you set the key rules for the way you do business and should strongly help your case if a legal dispute arises.
What to Include in a Terms and Conditions Agreement
While you can set almost any terms you like, you should include the following as a minimum.
Pricing Terms
Set out how your pricing works with taxes and other fees. Detail any fees that may apply for particular payment methods such as card or credit payments. Detail whether you accept payments in foreign currencies and how you determine the exchange rates and any fees.
Giant Eagle sets out a specific policy for payment methods:
Returns
A standalone Return and Refund Policy is the best option. If you have one, refer and link to it in your Terms and Conditions agreement. If you don't have a Return and Refund Policy, detail the key points in the Terms and Conditions agreement, particularly any restrictions you want to enforce.
Menards links to its Return and Refund Policy:
Legal Disputes, Governing Law and Jurisdiction
Say if you want to set any conditions on potential legal disputes. This could include:
- Jurisdiction: Which country, state or region's laws govern any dispute
- Venue: Which court system will hear and settle any dispute
- Dispute resolution: Whether you allow, require or bar any method of resolving the case outside of a court hearing, such as arbitration. If relevant, say if such a method must be used before or instead of a court ruling.
AutoZone selects a jurisdiction and details its dispute resolution requirements:
Limits on Liability and Warranty
Detail any restrictions you place on your legal responsibilities and the customer's legal rights.
Most commonly this includes:
- A limitation of liability (legal responsibility). This could limit the type of liability you will accept, or the financial amount of your liability.
- A warranty disclaimer. This states that you are not making any promises except those you specifically list.
Be aware that consumer laws often restrict what you can put in such clauses. For example, you usually can't limit your liability for harm caused by your own gross negligence. Similarly, you can't usually disclaim the inherent warranty that the goods you sell are fit for the advertised purpose. Including such limitations or disclaimer can be unlawful because they mislead customers about their legal rights.
Nordstrom uses both a limitation of liability and a warranty disclaimer:
Displaying Legal Policies for Retail Stores
Even if your legal policies relate mainly or solely to your sales in retail stores, a website is still the best way to display them. It means customers can check the policies before or after visiting a store. It also means you can be sure to always display the most up-to-date versions of the policies.
Make sure your policies are easy to find on your website. The best way is to include a link to them that appears on every page of your website, for example through a footer menu. You can either link to individual policy pages or link to a dedicated legal policies section.
Gap clearly links to its Privacy Policy in a footer menu:
What About Displaying Policies in Stores?
The main reason you should display a policy in a retail store is when you're legally required to do so. For example, some states in the US say you must prominently display your Return and Refund Policy for it to be valid and enforceable. In some cases, the law specifies what counts as prominent, for example a particular font size.
It may also be useful to have a sign that tells people you have policies and includes the web address where they can read it on your site. This sign is most effective at the point of sale such as a checkout. It may be particularly useful if you actively collect personal information here, for example asking for an email address to send a receipt.
How Do I Get Agreement to Legal Policies for Retail Stores?
Depending on the relevant laws, simply making your policies available may be sufficient and customers can agree to the policies by making a purchase. However, in some cases you may need to prove the customer made an active and informed decision, particularly when consenting to you processing their personal information.
The best way to do this is with a clearly marked signal of consent such as a checkbox or toggle. Do not use a pre-ticked box or pre-set a toggle to consent. Include a link to the relevant policy or display it in a pop-up or drop-down box.
Asda uses a checkbox to collect explicit consent to its Terms & Conditions before somebody can register as a customer:
Summary
Retail stores involve a legal relationship with customers. Legal policies such as a Privacy Policy, returns policy or Terms and Conditions agreement let you set the rules for this relationship.
A Privacy Policy sets out how you collect and use a customer's personal information, along with their rights under any applicable data protection laws.
A Return and Refund Policy sets the rules for when and how customers can return goods after changing their minds. It can include restrictions and requirements.
A Terms and Conditions agreement sets general rules for the buyer-seller relationship including payment terms; liability and other disclaimers; and the way any legal dispute is settled.
While some laws on legal policies specifically require physical notice in your store, the best way to display them is usually on your website with clear navigation and signposting. If you need to prove consent or agreement to a legal policy, use a checkbox or other method to prove active and meaningful consent.