Terms of Service
Overview
This skill generates well-structured, comprehensive Terms of Service (ToS), Privacy Policies, and End-User License Agreements (EULAs) tailored to web applications, SaaS platforms, and mobile apps. The drafts cover the full range of standard legal topics: user eligibility and account terms, acceptable use, intellectual property, payment and subscription terms, data handling and privacy, disclaimers and limitation of liability, termination, and dispute resolution. Outputs are written in clear, modern language that is accessible to users while remaining legally substantive. All drafts should be reviewed and adapted by a licensed attorney before publication.
When to Use
- Launching a new SaaS product, web app, or mobile app that requires user-facing legal agreements
- Updating outdated ToS to reflect new features, business models, or regulatory requirements (GDPR, CCPA, COPPA)
- Drafting a standalone Privacy Policy for a product that collects any user data
- Creating a EULA for downloadable software or a mobile application
- Developing an Acceptable Use Policy (AUP) for a platform with user-generated content
- Building a legal agreements page that consolidates ToS, Privacy Policy, and Cookie Policy
When NOT to Use
- As a final, legally reviewed document without attorney review for any production product
- For highly regulated industries (healthcare/HIPAA, financial services/FINRA, children's products/COPPA) without specialized legal counsel
- When you need jurisdiction-specific compliance advice (e.g., EU GDPR Data Processing Agreements, CCPA service provider addenda)
- To document agreements between businesses (B2B contracts) — use a services agreement or MSA instead
- For open-source software licenses (use established SPDX licenses instead)
Quick Reference
| Document | Purpose | Key Sections |
|---|---|---|
| Terms of Service | Governs user relationship with the service | Eligibility, acceptable use, IP, payment, liability, termination, disputes |
| Privacy Policy | Explains data collection, use, and user rights | Data collected, legal basis, third-party sharing, retention, user rights, contact |
| EULA | Governs license to use software | License grant, restrictions, IP ownership, warranty disclaimer, termination |
| Acceptable Use Policy | Defines prohibited user behaviors | Prohibited content/actions, enforcement, reporting |
| Cookie Policy | Explains cookie use and consent | Cookie types, purpose, opt-out mechanism |
Instructions
-
Gather product context before drafting — Collect: product name, company name and jurisdiction, product type (SaaS, mobile app, marketplace, API), data collected from users, subscription/payment model (free, freemium, paid tiers), target audience (consumers, businesses, children?), and key features that may have specific legal implications (AI/ML, UGC, payments, health data).
-
Draft the Terms of Service using this standard structure:
- Acceptance of Terms — How users agree (clickwrap, browsewrap); age/eligibility requirements
- Description of Service — What the product does; scope of service
- Account Registration and Security — Account creation, credential responsibility, account suspension
- Acceptable Use Policy — Prohibited conduct, prohibited content, enforcement rights
- Intellectual Property — Company IP ownership; license grant to users; user-generated content license back to company
- Payment and Subscription Terms — Pricing, billing cycles, auto-renewal, refund policy, price changes
- Privacy — Reference to Privacy Policy; GDPR/CCPA compliance statement if applicable
- Disclaimers of Warranties — "As-is" disclaimer; no guarantee of uptime or results
- Limitation of Liability — Liability cap (typically fees paid in last 12 months); exclusion of consequential damages
- Indemnification — User indemnifies company for user's misuse or content
- Termination — Grounds for termination; effect of termination; data export window
- Dispute Resolution — Arbitration clause, class-action waiver, governing law, jurisdiction
- Changes to Terms — How changes are communicated; continued use = acceptance
- Contact Information — Legal contact email/address
-
Draft the Privacy Policy using this standard structure:
- Information Collected — Categories: account data, usage data, device data, cookies, third-party data
- Legal Basis for Processing (required for GDPR) — Consent, contract performance, legitimate interest
- How Information Is Used — Service delivery, analytics, marketing, legal compliance
- Information Sharing — Service providers, analytics vendors, payment processors; no selling of personal data (or disclose if sold per CCPA)
- Data Retention — How long data is kept; deletion policy
- Security — Reasonable security measures; breach notification commitment
- User Rights — Access, correction, deletion (right to be forgotten), portability, objection, opt-out of sale
- Children's Privacy — COPPA compliance; no knowing collection from users under 13
- International Transfers — Standard contractual clauses or other mechanisms for cross-border transfers
- Contact / DPO Information — How to exercise rights; Data Protection Officer if applicable
-
Draft the EULA (if applicable) covering:
- License grant (personal, non-exclusive, non-transferable, revocable)
- License restrictions (no reverse engineering, no sublicensing, no commercial use if free tier)
- IP ownership (all rights reserved to licensor)
- Updates and support terms
- Warranty disclaimer and limitation of liability
- Termination on breach
-
Tailor for jurisdiction and audience — Add GDPR-specific sections (legal basis, DPO, data subject rights) for EU users; add CCPA-specific sections (right to know, opt-out of sale, non-discrimination) for California users; add COPPA language if any users may be under 13.
-
Apply plain-language principles — Use short sentences. Avoid Latin phrases. Define jargon on first use. Use "you" for the user and "we" or "[Company Name]" for the company. Use active voice.
-
Add version control and effective dates — Every legal document must include a version number and effective date at the top. Include a changelog or "last updated" date. Explain how users will be notified of changes.
-
Review for completeness against a checklist — Confirm the ToS includes all 14 sections listed in step 2; the Privacy Policy includes all 10 sections in step 3; the EULA includes all 7 items in step 4.
-
Add a prominent disclaimer at the top of the draft — Note that the document is a template draft requiring attorney review before publication.
-
Recommend legal review triggers — Flag specific circumstances that require mandatory attorney review: collecting health data (HIPAA), financial data (GLBA), operating in the EU (GDPR DPA), serving children under 13 (COPPA), processing payments (PCI DSS), or operating in highly regulated industries.
Examples
Example 1: Terms of Service for a B2C SaaS Project Management App
Input: "Draft a Terms of Service for 'Taskflow,' a SaaS project management app. Company: Taskflow Inc., incorporated in Delaware. Users are adults (18+), primarily individual professionals and small business teams. Free tier and $12/month paid tier. Users create projects, tasks, and can share files. We store user data on AWS US-East. No AI features. Governing law: Delaware."
Output (excerpt — key sections):
TASKFLOW TERMS OF SERVICE Effective Date: [DATE] | Version 1.0
⚠️ Draft Template — This document requires review by a licensed attorney before publication.
1. Acceptance of Terms By creating an account or using Taskflow ("Service"), you ("User") agree to these Terms of Service ("Terms") and our P