What Legal Pages Does Every Website Need in 2026?

If you've just launched a website — or you're about to — this is the checklist you need. These aren't optional extras. They're the baseline.

The three pages every website needs

1. Privacy Policy

Required if: you collect any personal data from visitors. That includes email addresses, names, payment details, IP addresses, or anything tracked via cookies or analytics.

In the UK and EU, this is a legal requirement under GDPR the moment you collect personal data from users. In the US, several states (California, Virginia, Colorado) have their own privacy laws with similar requirements.

What it covers:

• What data you collect
• Why you collect it
• How you store and protect it
• How long you keep it
• User rights (access, deletion, correction)
• Whether you share it with third parties

Who needs it: Everyone with a website that has any kind of sign-up, contact form, analytics, or cookie.

2. Terms and Conditions (Terms of Service)

Required if: people use your product, service, or platform.

Technically not legally required in most jurisdictions — but practically essential. Without them you have no written agreement with your users, no way to enforce your rules, and no protection if something goes wrong.

What it covers:

• What your service is and what it isn't
• Rules for using it
• Who owns the content and intellectual property
• What happens if someone breaks the rules
• Your liability limits
• How disputes are resolved

Who needs it: Any website with users, customers, or anyone doing anything beyond just reading.

3. Cookie Policy

Required if: your website uses cookies or tracking tools of any kind. That includes Google Analytics, Facebook Pixel, Hotjar, Intercom, or any third-party embed.

Under UK GDPR and the Privacy and Electronic Communications Regulations (PECR), you must tell users what cookies you use, why, and get their consent before non-essential cookies are set.

What it covers:

• What types of cookies your site uses
• Which specific cookies and what they do
• Which are essential vs optional
• How users can manage or refuse cookies

Who needs it: Almost every website. If you use Google Analytics, you need this.

The pages you might also need

Depending on your product, you may need additional pages:

Refund Policy

Required in the UK under the Consumer Rights Act 2015 if you sell to consumers. Digital products have specific rules — you need to be clear about whether downloads and SaaS subscriptions are refundable.

GDPR Compliance Statement

More detailed than a standard privacy policy — used when you want to demonstrate formal compliance, particularly for B2B products where enterprise customers ask for it before signing contracts.

EULA (End User Licence Agreement)

If you're distributing software, apps, or digital products with a licence attached, an EULA defines what users can and can't do with it.

Where to put them

All legal pages should be:

• Linked in the footer of every page
• Accessible before sign-up (not hidden behind a login)
• Linked in your sign-up flow with a checkbox: "I agree to the Terms and Privacy Policy"

The footer links are non-negotiable. If someone can't find your privacy policy in under 10 seconds, you have a compliance problem.

Generate all three in minutes

InkTerms creates personalised legal documents for your website — privacy policy, terms and conditions, cookie policy, and more. Answer a short questionnaire about your product and download your documents instantly.

Need this document for your business? InkTerms generates it in minutes — tailored to your answers, in plain English.