Click to start searching

Communications and advertising

Make sure your group understands how the law can affect what you can and can’t communicate.

Content last updated 30/10/2023

Setting up and managing a website



  • link your domain name to your website
  • arrange for your website to be hosted
  • determine the features of your new website
  • build your website (through a building tool or web developer)
  • secure your website through implementing security measures such as SSL certifications and regular backups to protect your website and its data, and
  • promote your website


  • hosting and domain registration – a clause on who is responsible for purchasing and registering a domain name and arranging for the hosting of the website
  • Content Management System (CMS) – a clause specific to the type of CMS (software that helps the user create, manage, and modify the content on a website without the need for technical knowledge) that will be used
  • Search Engine Optimisation (SEO) – any SEO requirements for the website, including keywords, meta descriptions or any other on-page optimisation elements


  • ensuring encrypted communications with secure HTTP when transferring information
  • using pdf files (scanned or generated) with appropriate locks on usage
  • using flash routines with locks on usage
  • using JavaScript routines
  • using content protection plugins to prevent unauthorised copying of your website content
  • including exclusion commands to prevent indexing of certain areas of your site by search engines, and
  • educating your website users about copyright law and the important of respecting intellectual property rights

  • checking that any designers or contractors you use to provide content have the relevant approvals and licences to use the material they include on your website, and
  • if you are developing content, checking that you have purchased any licences required and have received appropriate consents

  • provide a link in the form of an http://www.website.com.au/ type address, which visitors to your site can click to be taken to the site, or
  • ‘frame’ the site so that the content still appears to be on your website, but contains a mini-site within a frame showing the content of the other website



  • definitions of any terms or phrases contained in the terms and conditions that may be unclear to users
  • the terms of use of the website, including a limitation of your organisation's liability for the user's use of the website
  • who is entitled to seek services from your organisation via the website (if access is limited)
  • who is eligible to use the website and any age restrictions that may apply
  • any terms around provision of services that your organisation provides through the website
  • that information and materials displayed on the website are owned or licensed by you and must not be copied, and how users are entitled to use it
  • disclaimer or limitation on liability in relation to links to other websites and their content, and in connection with services provided by them
  • if you have forums or comment sections, rules around how comments can be made, behaviour expected, and that you may moderate content if it is deemed inappropriate
  • a statement of the law and jurisdiction applicable to any disputes about the site (remember that the Internet is global)
  • if you collect personal information from users, a reference to your privacy policy
  • the reservation of rights such as modification or termination of the website, and the retention of rights implied by law
  • contact information for users who have queries about the terms and conditions or the website in general

Caution

Do not simply adopt another organisation’s terms and conditions. The circumstances between organisations vary considerably.

It’s generally worth engaging someone with legal experience in this area to develop specific terms and conditions for your website to make sure you’ve covered everything relevant to your organisation and that the protections you need are put in place.

Your terms and conditions should include the date when they were last modified.

As with other information on your website, it’s important for a user to know when your terms and conditions were last updated so they know whether they have changed since they last viewed your site. Depending on the functionality of the website, it may also be advisable to retain a copy of each modified page of the website to allow you to check how the site appeared at a particular time when it was viewed by a user.

Finally, users should be able to download and print your terms and conditions.


For a detailed guide to the Privacy Act requirements, including:

  • whether the Privacy Act covers your organisation
  • the definition of certain terms such as ‘personal information’ and ‘reasonably identifiable’, and
  • recent updates on privacy law that may affect you,

see our webpage on privacy.

  • the kinds of information you collect and hold
  • how you collect the information (including any automatic collection by the website, such as through cookies)
  • how the information is stored and secured, including any security measures or protocols that are in place to protect user data
  • the purposes for which it is collected and used (for example, to provide services or for marketing purposes)
  • whether you are likely to disclose the information overseas (and if so, where)
  • how the person may access and correct their information
  • how a person can opt out of certain types of data collection or sharing (for example, through unsubscribing from email lists or adjusting browser settings), and
  • how the person may make a complaint

  • use lawful and fair practices to collect personal information, and
  • only collect personal information if it is reasonably necessary for the organisation’s functions or activities

  • who the organisation is and how to contact them
  • the purposes for collecting the information and who the organisation may disclose the information to, and
  • how to access the information or make a complaint

Your organisation may also have an obligation to comply with the Notifiable Data Breaches Scheme. If it has this obligation and a data breach occurs that is likely to result in serious harm to people whose personal information is involved in the breach, you will have to act quickly to take certain steps. Among these, you may be required to notify affected people and the Office of the Australian Information Commissioner. You should seek legal advice about whether this scheme applies to your organisation.

See our webpage on privacy for more information.



Apply for free legal help


Provide feedback

0