Acceptable Use Policy Template

Acceptable Use Policy Template

Website and app owners should provide their users with an Acceptable Use Policy. It doesn't matter whether you collect personal data from your users or not.

The Acceptable Use Policy basically outlines what services you'll provide, and what you expect from your customers. So, this document is central to minimizing the chance of disputes arising between you and your customers or platform users.

We'll show you how to write one and how to get consent to your Policy's terms.

You might be wondering if an Acceptable Use Policy is the same as a Terms and Conditions Agreement. The answer is yes, it is. They're just different names for the same thing.

Here are some other titles you might see rather than Acceptable Use Policy:

  • Terms of Use
  • Terms of Service
  • User Agreement

An Acceptable Use Policy is not the same as an End User License Agreement (EULA).

Before we go on to look at writing an Acceptable Use Policy, let's be absolutely clear on what they are, what purpose they serve, and what the law has to say about them.

Get compliant today with

Select one of our generators to create the required legal agreements for your business:

Integrate a free Cookies Notice and Cookie Consent banner to comply with the EU ePrivacy Directive and the new GDPR law regarding cookies.

What is an Acceptable Use Policy?

An Acceptable Use Policy is exactly what it sounds like. It tells your customers:

  • What use of your website or app is acceptable
  • What will happen if they try to use your services in a different, unacceptable way

What's included in your Policy varies depending on what services you offer. So, you might include clauses about:

  • Protecting your designs and other IP
  • What type of content users can post in your public forums
  • Subscriptions and other recurring payments

There's no right or wrong way to write your Acceptable Use Policy so long as you include all the clauses you actually need to make your Policy work.

We'll take a look at examples of the most common clauses you'll need below.

Are Acceptable Use Policies Required by Law?

Are Acceptable Use Policies Required by Law?

No, the law doesn't require you to provide an Acceptable Use Policy. However, that doesn't make them any less valuable. Why? Because Acceptable Use Policies form a binding legal contract between you and your customers.

It's good practice to emphasise the Policy's legal status to your customers. Tim Hortons, for example, specifically states that it's a legal contract, so people should only use the services if they agree to the terms:

Tim Hortons Terms of Use: Binding Agreement clause

A legal contract like this gives you important rights. In other words, you can enforce the terms of your Policy against your customers, if need be.

So, for example, if a customer violates your copyright or posts harmful spam on your website, you can take legal action against them, or simply delete their account immediately.

Why Should I Have an Acceptable Use Policy?

Why Should I Have an Acceptable Use Policy?

An Acceptable Use Policy doesn't just give you valuable legal rights. It has other benefits, too:

  • It makes your business more professional and trustworthy
  • You can control what you're liable for if something goes wrong on your website
  • It makes it much easier to simply withdraw your services, or close someone's account

In other words, an Acceptable Use Policy makes everything easier for both you and your customers. You might not need one, legally speaking, but it makes sense to have one.

One final point here: If you draft an Acceptable Use Policy, make sure it's actually enforceable. To enforce a contract like an Acceptable Use Policy, it needs to be:

  • Fair to both parties
  • Easy to understand
  • Legal

You also need the clear consent of both parties before you can enforce the contract terms. In other words, if one party never agrees to the contract, you can't enforce it against them.

Arguably, if you don't tell customers that it's a contract, they can say they didn't realise what they were signing up to. That's why the clause we just looked at from Tim Hortons is so useful. There's no mistaking that it's a legal agreement.

So, you know you need an Acceptable Use Policy and you want to draft one now. Where do you start? Let's take a look.

Acceptable Use Policies: Key Clauses

Acceptable Use Policies: Key Clauses

At a minimum, these are the clauses that should be included in every Acceptable Use Policy. We'll break them down, one by one.

The Date

Always start with the date your Acceptable Use Policy came into force.

You can also include a statement like "last modified" or "last updated" if you amend the document at any time. That way, if someone read your Policy before you made any changes, they'll know it's a good idea to read it again.

Here's an example from Amazon Web Services:

Amazon Web Services Acceptable Use Policy: Updated date section

Purpose of the Policy

Set out what the document actually is i.e. the rules and conditions for using your website or platform.

Introduce your agreement so people know what to expect when they're reading it. Here's an example from Marks and Spencer:

Marks and Spencer Terms and Conditions: About our Terms and Conditions clause

Other Key Agreements

Link to your other important agreements so that customers can read them all at the same time. Agreements to link to include your Returns Policy, Privacy Policy, and Cookies Policy.

Why should you link to other agreements? Because customers should agree to them all before they can use your services, so it makes sense to have links all in the one place.

Walt Disney, for example, links to its Privacy Policy right at the start of its Terms of Use:

Walt Disney Company Terms of Use: Privacy Policy highlighted

The Governing Laws

Determine which territorial, state, or national laws apply to your contractual agreement. This means that both you and your customers know which laws to apply if there's ever a legal dispute.

It's simplest just to apply the laws for the country or territory where you have your main place of business.

Here's an example from Topshop's U.S. store. Although it's targeting U.S. customers, English law applies:

Topshop Terms and Conditions: Governing Law clause

The Acceptable Use Rules

One of the main reasons you should have an Acceptable Use Policy is so you can outline how you expect people to behave on your website or platform. For example, you don't want people posting abusive messages in your forums, and you don't want people stealing or copying your designs.

So, you should:

  • Set out rules of conduct
  • Explain what you'll do if someone violates these rules

Use generalized language so far as possible. This means you can exercise more discretion over what you deem harmful or unacceptable.

As an example, Marks and Spencer tells people they shouldn't use "inappropriate language" or do anything that's possible considered harassment:

Marks and Spencer Terms and Conditions: Rules for Submissions clause excerpt

And the company will remove posts that don't comply with the rules:

Marks and Spencer Terms and Conditions: Right to remove submissions clause

Prohibited Activities

There are some things you should never allow customers or users to do on your website. In other words, there are some activities you should expressly ban because they can do real damage to your business.

Again, it's good to keep the language you use as broad as possible so you can take action against a wider range of unacceptable behavior. Examples of prohibited behavior might include:

  • Tampering with your website
  • Infecting your programs with malware and other viruses
  • Using your platform to conduct illegal activities

AWS, for example, bans people from accessing its internal IT systems without permission:

Amazon Web Services Acceptable Use Policy: No security violations

And Tim Hortons bans any activity that could potentially harm the business or break laws:

Tim Hortons Terms of Service: Prohibited Content and Activities clause

The language is just broad enough to cover a wide range of activities without being so broad that it's unclear and unenforceable.

Your Right of Termination

Make it clear that you can end your services at any time, without giving notice or warning to your customers. This prevents them from taking action against you if you stop services without explanation.

As you can see from Disney here, you should also be clear that you can make changes to the Acceptable Use Policy whenever necessary:

Walt Disney Company Terms of Use: Usage Rules clause

Limits on Contractual Liability

Sometimes things go wrong, and you don't want to be held responsible every time they do. So, you need to limit your liability under contract. Aim to curtail your liability for things like:

  • Service downtime
  • Viruses or malware
  • Errors, omissions, and other inaccuracies

If it's something you can't legally restrict liability for, you still want to set a cap for how much you're willing to pay in compensation.

Here's an example from Disney. The company states it isn't liable for damages or compensation when something happens that's outside of foreseeable control. In any case, customers can't sue for more than $1000:

Walt Disney Company Terms of Use: Limitation of liability clause

The Disclaimers

You shouldn't be held responsible if a customer doesn't enjoy your product or it's unsuitable for whatever special purpose they bought it for. So, you need a disclaimer stating that services are offered "as is" and you can't make any promises.

Again, Disney has a good example for this:

Walt Disney Company Terms of Use: Disclaimers and Limitation on Liability clause

Your Contact Details

People must be able to contact you if they have any questions. So, you need to include at least one, but preferably 2, ways to contact your business. At least one option should be free to use, like email.

Tim Hortons provides an email address for customers:

Tim Hortons Terms of Service: Contact Information clause

Once you've drafted your Acceptable Use Policy, where do you put it, and how do you ensure customers have actually consented to it? Here's what you should know.

Getting Consent to Your Acceptable Use Policy

There are 2 final points you need to be aware of:

  • You should get express and fully-informed consent to your Acceptable Use Policy where possible.
  • To get consent, you need to display your Acceptable Use Policy somewhere obvious before you enter into any other contracts with the customer e.g. a contract of sale.

These 2 points link together. Why? Because it's possible to get consent at the point where you display the Policy. Let's look at some examples to show what we mean.

Other Agreements

You want customers to understand that your Acceptable Use Policy is only one of the contracts they need to agree to before they do business with you. So, link to the Acceptable Use Policy through your other agreements.

This is an example from Steam's Privacy Policy. Steam links the Privacy Policy and other agreements - here, the Steam Subscriber Agreement - by saying that the same definitions are used in each one. People are encouraged to read both policies:

Steam Privacy Policy: Definitions clause with Subscriber Agreement highlighted

You can put a link to your Acceptable Use Policy in the footer on your website. It's a good idea to put the link beside other important policies such as your Cookie Notice and Privacy Policy.

Here's an example from Calastone:

Calastone website footer with Acceptable Use Policy highlighted

You don't need to try to get consent at this point. It's just good for people to be able to easily access your Policy from the moment they land on your site.

Account Registration

On the other hand, you should confirm that users agree to your Acceptable Use Policy before they register for an account. Here's what to do:

  • Draw attention to your Acceptable Use Policy the moment someone signs up for an account
  • Have users click a checkbox to confirm they've read and agreed to the Policy before you open an account for them

Tim Hortons clearly links to its core legal policies on the account signup screen. As you can see, users must click the box to show they've read these policies before they can proceed:

Tim Hortons sign-up form with Agree to Policy and Terms checkbox

Checkout or Download Screen

The same idea applies at the download or checkout screen. Before someone enters a contract of sale with your business, they should have the clear opportunity to read and assent to your Acceptable Use Policy.

Here's an example from Disney. Although customers aren't asked to click a box, there's still an obvious link to the Terms of Use above the "submit order" button. So, customers can read the terms before they confirm their order:

Walt Disney Company: Submit Order form with Terms of Use highlighted

So, you can get implied consent to an Acceptable Use Policy, but really, it's far better to use a checkbox and get express consent.

Express consent is also the only standard of consent recognized by EU Member States when it comes to data protection, so if you're selling to EU citizens, it's a good idea to just always use checkboxes.


An Acceptable Use Policy tells people what they can expect from your platform, and what you need from them in return.

At minimum, include the following clauses:

  • Legal status of agreement
  • Date and introduction
  • Warranty
  • Disclaimer
  • Contact details
  • Acceptable use rules
  • Banned behavior
  • Termination rights
  • Jurisdiction

Always provide links to your other main agreements. Link to your Acceptable Use Policy somewhere obvious like your footer or at a checkout screen, and always get express consent to the Policy where possible.