• Home
  • Imprint
  • Privacy policy
  • Terms
  • Agile and lean law firm
  • Ideal partner
  • Contact
  • Videos
ITMediaLaw - Rechtsanwalt Marian Härtel
  • en English
  • de Deutsch
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
Kurzberatung
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
      • Ideal partner
      • About lawyer Marian Härtel
      • Video series – about me
      • Why a lawyer and business consultant?
      • Principles as a lawyer
      • Focus on start-ups
      • Nerd und Rechtsanwalt
      • Ideal partner
      • How can I help clients?
    • Über die Kanzlei
      • How clients benefit from my network of colleagues, partners and service providers
      • Quick and flexible access
      • Agile and lean law firm
      • Team: Saskia Härtel – WHO AM I?
      • Price overview
    • How can I help clients?
    • Sonstige Informationen
      • Einwilligungen widerrufen
      • Privatsphäre-Einstellungen ändern
      • Historie der Privatsphäre-Einstellungen
      • Privacy policy
    • Testimonials
    • Imprint
  • Leistungen
    • Focus areas of attorney Marian Härtel
      • Support with the foundation
      • Games law consulting
      • Advice in e-commerce
      • Support and advice of agencies
      • Legal advice in corporate law: from incorporation to structuring
      • Legal compliance and expert opinions
      • Streamers and influencers
      • Cryptocurrencies, Blockchain and Games
      • Outsourcing – for companies or law firms
    • Arbeitsschwerpunkte
      • Games and esports law
        • Esports. What is it?
      • Corporate law
      • IT/IP Law
      • Consulting for influencers and streamers
        • Influencer & Streamer
      • Contract review and preparation
      • DLT and Blockchain consulting
        • Blockchain Overview
      • Investment advice
      • AI and SaaS
  • Artikel/News
    • Langartikel / Guides
    • Law and computer games
    • Law and Esport
    • Law on the Internet
    • Blockchain and web law
    • Online retail
    • Data protection Law
    • Copyright
    • Competition law
    • Copyright
    • EU law
    • Law on the protection of minors
    • Labour law
    • Tax
    • Kanzlei News
    • Other
  • Videos/Podcasts
    • Videos
    • Podcast
      • ITMediaLaw Podcast
      • ITMediaLaw Kurz-Podcast
  • Knowledge base
  • Contact
ITMediaLaw - Rechtsanwalt Marian Härtel
Home Other

Why providers of SaaS or online stores should not ask their users to agree to terms and conditions or privacy policies

15. January 2025
in Other
Reading Time: 4 mins read
0 0
A A
0
Alena Piatrova | Shutterstock

Alena Piatrova | Shutterstock

Key Facts
  • T&Cs only need to be "effectively included"; active user consent is not required.
  • GTCs should be provided in a clearly visible manner before the contract is concluded, e.g. by means of links.
  • A consent requirement can cause legal uncertainties and user inconvenience.
  • General Data Protection Regulation does *not* require active consent to the privacy policy, but only a duty to inform.
  • Incorrect references to consent can falsely suggest the need for consent.
  • The separation of information and consent is crucial to ensure that documents are legally compliant.
  • Fewer hurdles create more trust; focus on transparency and clear information.

In my consulting practice, I often encounter the question of whether providers of SaaS solutions or online stores should ask their users to actively agree to general terms and conditions or privacy policies. This is often done out of uncertainty or the desire to be legally protected. However, the exact opposite can be the case: in many cases, such a request is not necessary and can even cause legal problems. In this article, I explain why consent to general terms and conditions is superfluous, why requesting consent for data protection declarations can be problematic and how you as a provider can proceed in a legally correct manner.

Content Hide
1. Why consent to general terms and conditions is not necessary
1.1. What does “reasonable perceptibility” mean?
1.2. Why a consent requirement can be problematic
1.3. Practical tip:
2. Why consent to the privacy policy can be problematic
2.1. Why consent is not required
2.2. Problems with the request for consent
2.3. Practical tip:
3. How can providers proceed in a legally correct manner?
4. Conclusion: Fewer hurdles create more trust

Why consent to general terms and conditions is not necessary

The General Terms and Conditions govern the contractual rights and obligations between you as the provider and your users. Under German law (Section 305 (2) of the German Civil Code (BGB)), general terms and conditions only need to be “effectively included” for them to become part of the contract. The active consent of the user is not required for this. The decisive factor is that the GTC can be reasonably perceived by the user, i.e. that they are easily accessible before the contract is concluded.

What does “reasonable perceptibility” mean?

  • The GTC must be made clearly visible before the contract is concluded – for example, via a link in the order process or during registration.
  • The user must have the opportunity to read the GTC at their leisure before concluding the contract.
  • A note such as “By using our services, you accept our GTC” is sufficient to ensure inclusion.

Why a consent requirement can be problematic

  • Legal uncertainty: If you require active consent and a user refuses, this could be interpreted as a rejection of the contract. The contract may then not be concluded.
  • User-friendliness: A consent requirement represents an unnecessary hurdle for your users and could deter potential customers.
  • Misunderstandings: The request for consent falsely suggests that there is no obligation to the GTC without it – which is not legally correct.

Practical tip:

Make sure that your T&Cs are clearly visible and easily accessible – for example, via a link in the footer of your website or during the ordering process. Avoid checkboxes for consent and instead use clear statements such as “By using our services, you accept our terms and conditions.”

Why consent to the privacy policy can be problematic

The General Data Protection Regulation (GDPR) stipulates that users must be informed about the processing of their personal data. This information obligation is fulfilled by the privacy policy. Contrary to what is often assumed, however, the user’s active consent to the privacy policy is not required – and in many cases this would even be legally incorrect.

Why consent is not required

  • The processing of personal data is generally based on one of the legal bases of Art. 6 GDPR (e.g. contract fulfillment or legitimate interest). Consent pursuant to Art. 6 para. 1 lit. a GDPR is only required in exceptional cases (e.g. for marketing measures).
  • The data protection declaration serves only to inform the user about data processing – it does not constitute consent.

Problems with the request for consent

  • False signal effect: The request for consent could falsely suggest that all data processing must be based on consent – which is incorrect.
  • Invalid consent: If you request consent when consent is not required, this could be interpreted as unauthorized processing.
  • Increased liability risks: An unclear distinction between information obligations and consent can lead to your entire privacy policy being deemed invalid.

Practical tip:

Ensure that your privacy policy is easily accessible – for example, via a link in the footer of your website or during the registration process. Do not require active consent to the privacy policy, but inform your users clearly and transparently about data processing in accordance with Art. 12 GDPR.

How can providers proceed in a legally correct manner?

Instead of actively asking your users for consent, you should take the following measures:

  1. Ensure reasonable perceptibility:
    Place links to your terms and conditions and your privacy policy in clearly visible places – for example in the order process or when a user registers.
  2. Use notices instead of checkboxes:
    Formulations such as “By using our services, you agree to our terms and conditions” are sufficient to ensure inclusion.
  3. Obtain consent only when necessary:
    Only request active consent if this is really necessary – for example for marketing purposes or the use of cookies (except technically necessary cookies).
  4. Clear separation of information and consent:
    Ensure that your privacy policy is exclusively informative and is not mixed with consent mechanisms.
  5. Legally compliant design of your documents:
    Have your general terms and conditions and data protection declarations checked regularly to ensure that they comply with current legal requirements.

Conclusion: Fewer hurdles create more trust

Asking for active consent to terms and conditions or a privacy policy may seem sensible at first glance – but it actually harbors unnecessary risks and hurdles for your users. Instead, you should focus on clear information, transparency and simple processes. This way, you not only meet all legal requirements, but also create trust with your customers. If you need support with the design of your terms and conditions or privacy policy or have any questions on the subject, I will be happy to advise you!

Beliebte Beträge

The legal protection of a business plan

5b698c02ae6e02ed43d05d01c467b658
24. September 2024

A business plan is an indispensable strategic document for start-ups and company founders. It serves as a roadmap for business...

Read moreDetails

As a teenager, make e-sports men/streamers self-employed?

As a teenager, make e-sports men/streamers self-employed?
2. January 2020

The industry of streamers and e-sports enthusiasts is very young compared to other industries and therefore also for lawyers and...

Read moreDetails

Liability of influencers and agencies for advertised products – legal risks and current developments

Liability of influencers and agencies for advertised products – legal risks and current developments
10. May 2025

Influencer marketing has become an integral part of modern advertising. Influencers recommend products and services of all kinds on social...

Read moreDetails

Confidentiality strategy for startups: NDAs, trade secret law and practical measures

Confidentiality strategy for startups: NDAs, trade secret law and practical measures
28. April 2025

Start-ups thrive on innovative ideas, creative concepts and unique technologies. Whether it's a novel algorithm, a special business idea, a...

Read moreDetails

Setting up a business abroad for OnlyFans-Business: opportunities & risks

Setting up a business abroad for OnlyFans-Business: opportunities & risks
11. May 2025

Running your own OnlyFans business often raises the question for creators and agencies based in Germany: Is it worth setting...

Read moreDetails

Right of withdrawal for tradesman services: massive legal uncertainty to continue in 2025

Right of withdrawal for tradesman services: massive legal uncertainty to continue in 2025
8. May 2025

In 2025, many tradespeople and service providers still face an often underestimated problem: contracts concluded with consumers outside of business...

Read moreDetails

NIS2 compliance 2025: relevance for SaaS and media start-ups

Risks when using and offering no-code platforms as SaaS
2. May 2025

Why another contribution to the NIS2 Directive? Do we really need a separate blog post on the NIS2 Directive in...

Read moreDetails

Software development: The new concept of defects according to §§ 327 ff. BGB

Software development: The new concept of defects according to §§ 327 ff. BGB
7. May 2025

On January 1, 2022, the German legislator fundamentally reformed the regulations for consumer contracts for digital products. For software developers...

Read moreDetails

Regulation (EU) 2024/1083 – The European Media Freedom Act (EMFA) at a glance

Regulation (EU) 2024/1083 – The European Media Freedom Act (EMFA) at a glance
6. May 2025

In May 2024, the European Media Freedom Act (EMFA) was published in the Official Journal of the EU with Regulation...

Read moreDetails
  • Home
  • Imprint
  • Privacy policy
  • Terms
  • Agile and lean law firm
  • Ideal partner
  • Contact
  • Videos
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Contact
  • Leistungen
    • Support with the foundation
    • Focus areas of attorney Marian Härtel
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Games law consulting
    • Support and advice of agencies
    • Legal advice in corporate law: from incorporation to structuring
    • Cryptocurrencies, Blockchain and Games
    • Investment advice
    • Booking as speaker
    • Legal compliance and expert opinions
    • Legal advice in corporate law: from incorporation to structuring
    • Contract review and preparation
  • About lawyer Marian Härtel
    • About lawyer Marian Härtel
    • Agile and lean law firm
    • Focus on start-ups
    • Principles as a lawyer
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Why a lawyer and business consultant?
    • Focus on start-ups
    • How can I help clients?
    • Team: Saskia Härtel – WHO AM I?
    • Testimonials
    • Imprint
  • Videos
    • Video series – about me
    • Information videos – about Marian Härtel
    • Videos on services
    • Blogpost – individual videos
    • Shorts
    • Third-party videos
    • Podcast format
    • Other videos
  • Knowledge base
  • Podcast
  • Blogposts
    • Lange Artikel / Ausführungen
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Labour law
    • EU law
    • Corporate
    • Competition law
    • Copyright
    • Tax
    • Internally
    • Other
  • en English
  • de Deutsch
Kostenlose Kurzberatung