TermsBuilder

Legal Documents Built for WooCommerce Stores

WooCommerce is self-hosted, so your legal pages, plugin disclosures, checkout terms, and PCI scope are yours to get right, not a platform vendor's.

WooCommerce provides more control than a hosted platform, and that control comes with responsibility for everything a customer touches. Your host, theme, checkout extensions, payment gateways, shipping plugins, and marketing tools all become part of the factual record your privacy policy and terms have to account for. A merchant who treats the site as one simple shop still has to document a layered stack of plugins, processors, and analytics tools.

You carry more of the payment-security burden on WooCommerce than on a managed platform. PCI DSS 4.0.1 became mandatory on March 31, 2025, and two of its requirements target ecommerce pages, one to inventory and authorize every script that runs on a payment page and one to detect tampering aimed at skimming card data. If your gateway keeps card entry inside a hosted iframe or a redirect through Stripe, PayPal, or Square, your scope stays light, but a checkout plugin that touches card fields pulls more of that burden onto you and your host.

Once you add subscription, membership, or product-bundle extensions, renewal terms fall under state automatic renewal laws. California's amended law took effect July 1, 2025, and it requires consent to the renewal terms, a cancel path as easy as signup, and a reminder before a free trial converts to paid. The Eighth Circuit vacated the FTC's federal click-to-cancel rule on July 8, 2025, but the Restore Online Shoppers' Confidence Act and the state laws still apply, so your renewal language has to match them.

Your privacy policy has to name the specific tools your plugins load, from analytics to the Meta pixel to email and form services, because each one that sees customer data is a disclosure you owe and, increasingly, a wiretapping suit you want to avoid. Eight new state privacy laws took effect in 2025, several reaching stores with as few as 35,000 customers in a state, and the FTC's 30-day shipping rule and economic nexus sales-tax thresholds apply to you the same as any other retailer. TermsBuilder builds your terms and privacy policy from how your store operates, because a physical-goods shop, a subscription store, and a members-only site face different renewal, fulfillment, and data questions. Our questionnaire asks about your plugins, gateways, hosting, and data practices, then generates the terms and privacy policy your setup requires rather than a generic template.

What Your Documents Will Cover

  • Terms for orders, refunds, fulfillment, and account use
  • Privacy disclosures for plugin-driven data collection across your stack
  • Payment gateway and checkout disclosures aligned with your PCI DSS 4.0.1 scope
  • Subscription and membership renewal terms under state auto-renewal laws
  • Click-to-cancel and renewal-consent language where extensions bill on a schedule
  • Cookie-consent and tracking-pixel disclosures that support a wiretapping defense
  • Third-party sharing disclosures for analytics, forms, and marketing plugins
  • State privacy law coverage and opt-out rights as the 2025 laws expand
  • Shipping and delivery terms consistent with the FTC 30-day rule
  • Hosting, sub-processor, and vendor disclosures for a self-hosted stack

Get Your WooCommerce Legal Documents

Buy a single document, save with the bundle, or add Auto Updates to keep everything current.

Terms & Conditions

$99one time
  • Single document tailored to your business
  • Download plus hosted version
  • Keep it forever
Buy Terms

Privacy Policy

$99one time
  • Privacy Policy and Cookie Policy tailored to your business
  • Download plus hosted versions for both
  • Keep both forever
Buy Privacy
Best Value

Bundle

$149one time
  • Terms & Conditions, Privacy Policy, and Cookie Policy
  • Save $49 vs. buying separately
  • Download plus hosted versions for all three
Buy Both
Standalone

Auto Updates

$299/year
  • Includes Terms & Conditions, Privacy Policy, and Cookie Policy
  • Ongoing updates with active subscription
  • Can be started now or added later
Start Auto Updates

A Cookie Policy is included with Privacy Policy, the Bundle, and Auto Updates.

Related Reading

GDPR Compliance for WooCommerce Stores

WooCommerce doesn't make a store subject to the GDPR by itself. The real exposure comes from EU targeting, behavioral tracking, and the plugin stack that collects, shares, and retains customer data.

What Your Refund Policy Legally Requires (And What It Doesn't)

Most businesses aren't legally required to accept ordinary buyer's-remorse returns, but refund language creates real exposure through disclosure duties, shipping rules, state law, and the promises you make to customers.

Privacy Policy Requirements by State in 2026

State privacy laws change privacy policy drafting in different ways. Some states add website disclosure rules, some change the opt out path, and some require a separate notice.