Legal Basics for Nonprofit Websites

Posted on Feb 1, 2016

By Cheryl R. Olson, CPA, CGMA and
Co Author Paul L. Havel, Intellectual Property Team Leader, Miller Nash Graham & Dunn LLP

(Originally published on NetRaising | a web consultancy)

You’ve created the perfect website. You’ve spent countless hours with website designers and consultants. You’ve spent weeks writing and rewriting copy, perfecting your message, choosing the right graphics, and making sure your website tells your story.

But what about that legal mumbo jumbo every website seems to have? No one reads that stuff, right? Do you really need to create a Terms of Use page for your website? While not required by law, some legal mumbo jumbo is really smart to have, and we encourage you to consider including the following “legal pages” on your nonprofit website.

Terms of Use

The terms of use page sets the rules for using your website. Again, these are not required by law, but every website should have a terms of use. These terms are intended to be a contract that governs the relationship between the website owner and each website user. Terms of use can vary drastically, depending on what information is on your website and what website functions are offered.

For example, if your website has social networking elements or content contributed by users, you may want to include a disclaimer that states each person is responsible for the content that they contribute or post and that you do not review, endorse, or approve of their content. In addition, you may want to reserve the right to remove content that is offensive.

If you are providing your own content, you may want to let your users know that, while they have a license to view your content, they may not reproduce it, distribute it, or otherwise use the content in any other way without your prior written consent. A terms of use policy serves to benefit you because it sets forth conditions of use, various disclaimers, and other language protecting you as the website operator or owner. The terms of use will be the contractual relationship between you and a user should a dispute arise.

The sophistication of the terms of use will depend upon the sophistication of your organization. Here are some of the key items in a website terms of use:

  • Limitation of Liability – limit your organization’s liability in certain situations, again depending on the sophistication of your website and what your website contains and allows.
  • Website copyright/DMCA policy. This policy is intended to provide a legal safe harbor under the Digital Millennium Copyright Act (DMCA) to protect online service providers from copyright infringement liability resulting from certain acts by their users. The DMCA requires you to appoint an agent and register that agent with the U.S. Copyright office. The agent is the designated person at the organization to receive complaints regarding copyright infringement.
  • Set governing law and venue – your terms of use should also mention where your website is operating in terms of the governing law. For example, “These terms of use are governed by the laws of Oregon.” You can also set the “venue” for any disputes, which would likely be in the state in which you reside.
  • Set forth the permissible use of the website – viewing content, downloading for personal use, linking, etc.

Privacy Policies

There are several federal and state statutes that govern data privacy:

  • The Americans with Disability Act
  • The Cable Communications Policy Act of 1984
  • Children’s Online Privacy Protection Act (COPPA)*
  • Computer Fraud and Abuse Act
  • Computer Security Act
  • Consumer Credit Reporting Control Act
  • California Online Privacy Protection Act
  • Health Insurance Portability and Accountability Act (HIPAA)
  • International Issues

If you collect any information from users, you should have a privacy policy. Organizations can use the following questions to craft an appropriate privacy policy:

  1. What kind of information does the organization collect?
  2. How does the organization use the data collected?
  3. How does the organization protect the data it collects?
  4. Does the organization share the collected data with others, and if so, what is shared and with whom?
  5. Do users/customers of the organization have control over their personal data, and if so, what kind of control do they have?

Some states may actually require a privacy policy.  The California Online Privacy Protection Act basically says that, if you are a nonprofit with a website and you want to do some type of commerce with a resident of the state of California through that website, then your organization is required by California state law to post your privacy policy on your website.

Some accountability groups, such as the Charities Review Council may also require a privacy policy.  One of their standards requires a privacy policy on the organization’s website or by request, which describes how donor information is collected and used, provides the opportunity for donors to “opt-out” of making their information available or shared, and includes a discontinue contact policy.

Copyright Notices

Regardless of the type of organization or what your website does, it should always include a notice about copyright protection. For example, “Copyright Symbol ©, Organization Name, Year 2015.”


Disclaimers are like a simplified version of a terms of use. They are used on sites where there is a lot of user submitted content that isn’t moderated by the site owners or where there are many links to external pages.

Accessibility Information

Sections 504 and 508 of The Rehabilitation Act of 1973 require many government sites, as well as the sites of organization’s receiving federal funding, to be accessible. One feature of an accessible site is to have access keys to various parts of the pages. Adding an accessibility key can be helpful so that new customers know which keys do what on your site. Accessibility information pages can also include links to contact pages when a page is inaccessible or help finding alternatives for things like videos or audio streams.

Abuse or complaints contact information

While complaint or feedback pages are not really legal pages, they can be useful, especially for sites that get a lot of customer interaction. Feedback links can help customers by giving them a place to complain before they go to a lawyer, thus reducing legal issues.

Patents, Trademarks, and other Corporate Policies

If your website or organization has relevant patents and trademarks, you should have a page that details them. If there are other corporate policies that you want your customers to know about, you should have pages for those as well.

Anti-Discrimination Policy

An organization’s anti-discrimination policy, also called an equal opportunity employer policy, covers practices related to hiring, promoting and terminating employees. Based on some state and federal laws, certain types of employers are required to have this policy. In addition, certain funding sources, such as the U.S. Department of Education, require non-discrimination language. Some funding sources specify where the language needs to be, such as on program materials and/or on the organization’s website, so be sure you’ve read through the requirements in accepting funds. Even if not required, this is a good policy to have in place.

Website Finance Basics for Nonprofits

While not required, having your financial information available on your website is a common industry practice.

IRS Forms

You are required to have your IRS Form 990, 990-T and Form 1023/1024 available for public inspection per the Internal Revenue Service. Many organizations post those documents on their website. While not required, it is a best industry practice. You might also look at your organization’s IRS Form 990, Part VI, Section C, Question 18 and see if you checked the box that says “it’s on our website.”

Annual Reports

Although nonprofit organizations aren’t required to prepare an annual report, they are a valuable communication tool to share the accomplishments of the organization. By having the resource on your website, you can share your successes beyond your existing supporters.

Audited Financial Statements

Some organizations are cautious about sharing financial information, but posting your audited financial statements to your website is another great way to show that the organization is transparent. GuideStar is another vehicle that gives you the opportunity to share financial information beyond the IRS Form 990.


Today, many organizations are now posting their financial policies on their website, such as their Fiscal Policies Manual, Gift Acceptance Policy, Operating Reserve Policy and Investment Policy for greater transparency.


In addition to posting financial policies, more organizations are starting to post their governance documents on their website as well. One document that is seen most often on a website is the Code of Ethics Policy. Additionally, some associations are posting all of their key governance policies, beyond the Code of Ethics Policy, on their website, including Bylaws, Committee Charters, Board Governance Policy, Conflict of Interest Policy, Public Reporting and Transparency Policy, Whistleblower Policy, Document Retention and Destruction Policy, and Executive Compensation Policy. Other organizations are including their key operational policies, such as Personnel Policies and Nondiscrimination Policy.

In the age of free and quick information, your website is often the first place the media, watch dog groups, donors and curious citizens will go. Make sure the organization has designated someone to stay on top of required and recommended information that should be included on the website and that all of the information is kept accurate and current.

© Clark Nuber PS, 2016. All Rights Reserved


This article or blog contains general information only and should not be construed as accounting, business, financial, investment, legal, tax, or other professional advice or services. Before making any decision or taking any action, you should engage a qualified professional advisor.

Posted by:

Media Contact

Melissa Takade
Director of Marketing
Clark Nuber
Phone: 425-454-4919
Contact Melissa

Who We Serve

Articles Archives

  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013