4 min read

Share this Blog

Rate this Post

Why Copying Other People’s Terms of Use and Privacy Policy is a Bad Idea

Jelena Djukanovic

Jelena Đukanović

Attorney at Law


The time has come to launch your website or app, however, you are only one step away, so you started thinking about creating the website’s terms of use and privacy policy.

Initially, these procedures may appear straightforward, potentially leading you to underestimate their significance. However, they frequently play a critical role in determining the success of your business. As you approach the final stages, having invested considerable resources, you may face a temptation: should you simply replicate another company’s website terms of use and privacy policy? 

However, to answer this question, it is first necessary to consider the risks that such a move carries and whether this seemingly “easier path” is actually more profitable?

Initially, this option may seem like a good business move. On the one hand, it saves time and money, the two of the most important resources, while on the other hand, you take over the terms of use and privacy policy from a company whose business is similar to yours, that is, a company that performs the same or similar activity.

You might ask what’s the problem with that?

There are several reasons why you should not go down this path, and it is actually more cost-effective in the long run to create original documents tailored just for you, rather than exposing yourself to numerous risks.


What Are Terms of Use and Privacy Policy, and Why Are They Important?

Terms of Use are rules and conditions that define legal relationships between the owner of a website or app and the users who access and use the website or app. It is a type of contract that the site/app owner concludes with the user and typically contains information about intellectual property, limitations of liability, rules for using content, protective measures, service provision terms, and other important information. Thanks to the terms of use, on the one hand, a clear framework is established for using the site and for protecting the interests of the site owner, while on the other hand, guidelines are provided to users about their rights and obligations when using the site.

On the other hand, Privacy Policy is a legal document that describes how the private data of users are collected, used, and stored when using the website or app. This policy covers information about the types of data that are collected (such as personal name, date of birth, etc.), purposes of collection, ways of processing, sharing or transferring data to third parties, data protection measures, as well as user rights related to their personal data. The Privacy Policy aims to provide users with transparency about how their data is used and protected, as well as to ensure compliance with relevant personal data protection laws.

After explaining the meaning of these terms, the next step is to answer the question:

Why Do I Need Original Terms of Use and Privacy Policy?

Replicating the terms of use or privacy policy of another company poses a range of potential issues and significant risks to your business. It is crucial to develop your own distinct terms of use and privacy policy to ensure they align with the specific requirements of your business. 

1. You Can’t Be Entirely Sure What You’re Taking Over

Even though the terms of use and privacy policy of another company may seem suitable for your business at first glance, keep in mind that at the end of the day, you don’t fully know what you’re implementing.

In this way, you expose yourself to the risk that the company from which you take over the terms of use and privacy policy has itself taken them from another company, or that they were generated by some type of online generator.

This further means that you are practically getting a copy of a copy, which certainly won’t suit your needs. In addition, the owners of the site or application often can’t notice all the oversights made by another company, so by copying someone else’s content, you’ll also copy all the mistakes and oversights contained in those documents.


2. Copyright Infringement and Financial Penalties

The content of the terms of use and privacy policy of a company can be protected by copyright, the violation of which entails the payment of fines for economic offenses and misdemeanors that, according to domestic regulations, can amount to up to 3,000,000 dinars. Of course, in addition, you may be obliged to pay damages to the person whose copyright you violated, and to that should be added high court and attorney fees.

Although this amount is quite high in itself, one should not lose sight of the fact that it can be much higher if the content of a multinational or foreign company is copied. In this way, you expose yourself to the risk of paying fines according to foreign regulations, as well as the costs of the opposing party’s lawyer and court fees.

Known for a large number of disputes due to copyright infringement, the United States has its own special regulations that determine fines in an amount that is even five times higher than the amounts prescribed by domestic laws! In these disputes, if the court assesses that the copyright infringement was committed intentionally, it can impose a fine of up to $150,000 per copied part.[1]

If you violate someone else’s copyright, not only do you expose yourself to financial risk, but also to damage the reputation of the company that would gain a bad reputation with this, which is particularly problematic not only for companies that have been operating for many years and have a built reputation, but also for new companies and start-ups that are just trying to break into the market and build their name. High penalties that follow such violations are not something that any company, especially not a “young” company, needs.

Remember, one copied privacy policy or terms of use could mean millions in fines.


3. Inadequate Representation of Your Business and Brand

Each company has its unique services and products and accordingly adapts its activities to the company’s brand. By copying the Terms of Use or Privacy Policy of another company, you cannot accurately represent your business and the specificity of your services or products.

In other words, by copying the Terms of Use and Privacy Policy of another company, you will surely not cover the specific needs of your business nor the goals your company wants to achieve. Terms and policies should reflect your values, which are unique to you, not to others, especially not to competitor companies. On the other hand, you may end up copying the terms of use and privacy policy from a presentation website, while your site deals with providing services or selling goods.

These two types of sites are diametrically different, and more complex sites through which the purchase of products or provision of services is carried out involve the conclusion of certain contracts, such as sales contracts or licensing agreements. In that case, it is necessary to align your Terms of Use and Privacy Policy with specific laws, such as the Consumer Protection Law and the E-Commerce Law.


4. Compliance with Legal Regulations

Laws and regulations relating to privacy protection and terms of use vary from country to country. Of course, the same regulations are not relevant if a company operates in the United States, within the European Union, or only in Serbia.

If the terms of use of the site and privacy policy are not created in accordance with the regulations of the country in which you operate or whose citizens you are targeting, they practically have no value, because in that way they regulate something that cannot apply to you.

For example, if your site provides e-commerce store services, you are obliged to inform consumers before concluding a contract for the sale of goods about the business name, registration number, headquarters address, and telephone number.

In addition, it is your duty to acquaint them with all the details of the contract being concluded, such as the conditions for returning goods and complaints, extrajudicial dispute resolution, and more.

Finally, bear in mind that certain regulations may apply to your business, regardless of where your company’s headquarters is located. The most common example of this extraterritorial application of regulations is personal data protection regulations.

For example, even if you have not registered your company in the territory of the EU, you may be subject to the obligations and strict penalty provisions provided by the GDPR, if:

  • you offer goods or services to persons physically located in the EU (for example, your site is intended for selling clothes to customers from the EU), or
  • you monitor the behavior of individuals located in the EU, provided that their behavior takes place within the Union (for example, you conduct marketing activities targeted at individuals located in the EU through cookies).

5. Changing Legal Regulation

Laws and regulations are constantly changing, especially regulations in the field of privacy and data protection. This is a dynamic area that is still evolving, so it is possible that by copying the policies of another company you miss outdated rules that no longer apply and miss important changes in regulations that govern this area.


6. The Risk of Losing Users or Investors

Service users and investors are not inclined to cooperate with a company that does not demonstrate originality and authenticity in its operations. A website or app is often the best “advertisement” for your company and a good way to attract new clients or users, as it provides a way for potential users to get acquainted with your company. For this reason, if your target group gets the impression that your company has just taken credit for someone else’s work, you create negative feedback in the market and diminish the possibility of expanding your business.

Furthermore, past experiences have revealed that investors hesitate to engage with companies embroiled in litigation related to copyright infringement. This reluctance stems from concerns that the company may be involved in other unlawful activities, thereby shaping a negative perception about the company. 


7. Taking on unnecessary responsibility

In most cases, the terms of use and privacy policy of one company will not be fully applicable to another company.

One of the reasons is the obligations that companies take on themselves through these documents. Such obligations must be aligned with the actual state of your business, as well as the needs of both the company and users. As already indicated, there are significant differences depending on whether you have a presentation website or a more complex site through which you provide services or sell certain products. For these reasons, your responsibilities will not be the same, which in turn means that copying others’ terms and policies will cause you more harm than benefit.

If you simply take over someone else’s documents, you may unintentionally agree to users copying certain content or you may give them certain guarantees that you initially did not want to give. For this reason, it is necessary for a professional to draft the terms of use and privacy policy to protect your business so that you do not guarantee more than you wish.


You are the owner of company X that has its official website X and you have decided to copy the terms of use and privacy policy from website Y, which is owned by company Y. You made this decision thinking that company Y has been operating for many years, so you thought it was the safest option. However, your company actually needs a presentation website, while company Y is also involved in the sale of goods/providing services, which is not within your scope of activity. In this way, you open the question of using data such as personal name, date of birth, bank account number which would be necessary for an e-store, while in reality, you are only collecting IP address data. The problem arises when a client/user reads the privacy policy and gets the impression that you are collecting more data than necessary, or more than they know they entered while using the site


8. Leaving a gap in regulating your rights and obligations

Unlike the prior risk where you assume more responsibilities and obligations than desired, there’s also the inverse risk where you fail to regulate everything essential for the functioning of your website. 


In this case, you are the owner of company A which has its website A and engages in online sales. You’ve decided to copy the terms of use and privacy policy from another company B, not knowing that it is just a presentation site. This way, you have failed to fulfill your legally stipulated obligations to provide all necessary information to consumers, which according to domestic regulations can lead to a financial penalty of 2,000,000.00 RSD. This essentially means, in addition to monetary penalties due to violations of intellectual property rights, additional financial penalties occur, in this case due to the failure to provide necessary information to the consumer


Even though the Terms of Use and Privacy Policy can be available through just one “click”, the consequences of such an action last much longer. By creating original documents, you protect your company from risks that it would otherwise face. In addition, not only do you avoid lengthy court and other proceedings, but you also regulate both your rights and obligations, as well as the rights and obligations of users in the way that is most favorable for you.

Similar Articles

3 min read

Zunic Law


Latest Articles

Ready to get started?

If you are not sure about what the first step should be, schedule consultations with one of our experts.





Not Just Another Newsletter

Forget boring legal analysis and theory. Receive timely updates,
news and reminders that can actually help your business.