Should I have a contract and/or terms and conditions of sale or use when providing goods or services over the Internet?

Yes. The Internet is simply a new means for providing goods and services. While there may be some distinct issues created by that new media, it is important to address the basics. You are forming a deal for buying or selling a good or service, and there should be clear terms and conditions governing that deal.

What kind of terms and conditions should be included, and where should they go?

To address the second question first, this depends on whether you are physically providing a product or service beyond the computer screen, and whether you are entering a contract that requires your customer’s signature. If the entire transaction occurs over the Internet then you have to assure that there is a clear and readily accessible statement governing purchase and use. If a physical product is being purchased by an end user whom you may never see, then you will also need a written set of terms and conditions included with the physical product and/or in your manuals. If the agreement involves direct negotiations and a signed written contract, then that contract should address terms and conditions, but you may very well want or need terms and conditions on your web site as well.

As to the terms and conditions themselves, you should be considering the same issues involved in any transaction, for example: a clear description of what you are providing; a clear and legally precise statement of what warranties, if any, that you are providing, and maybe more importantly, what warranties you are not providing; limitations on your potential liability; and indemnification terms. In the borderless cyberworld, you should also be setting forth, to the extent possible, which law will govern any disputes, and specifically where those disputes will be heard if an action arises. Also, since we are in the cyberworld, you need to consider and include language protecting you against liability for such phenomena as hackers, viruses, trojan horses and password misuse. The bottom line is that potential risks must be identified and addressed before any problem arises, so that you can be sure you are doing the most you can to protect your business.