Your company’s website is a storefront, a marketing channel, and increasingly, a place where business transactions happen. But most business owners treat their Terms of Service as an afterthought—copying language from another site, using a free template, or skipping them entirely.
That’s a significant gap. Your Terms of Service (ToS) are a binding agreement between your company and every person who uses your website. Done well, they limit your liability, establish how disputes are resolved, and protect your intellectual property. Done poorly—or not at all—they leave your business exposed.
Minnesota has specific laws that affect what your website must include, and recent legislation has raised the bar significantly. This guide covers what Minnesota business owners need to know.
Why Terms of Service Matter for Your Business
A Terms of Service agreement is a contract. When a user interacts with your website, especially if they make a purchase, create an account, or submit information, your ToS governs the legal relationship between your business and that user.
Here’s what properly drafted Terms of Service do for your business:
Limit your liability. Without a limitation of liability clause, your company could face disproportionate exposure from a website malfunction, a content error, or a service failure. Well-drafted ToS cap your potential damages.
Establish dispute resolution. Would you rather resolve a customer dispute in a Minnesota court under Minnesota law, or get dragged into litigation across the country? Your ToS can determine the forum, the governing law, and whether disputes go to arbitration or court.
Protect your intellectual property. Your website content, branding, software, and proprietary processes have value. Your ToS should clearly define ownership and restrict unauthorized use.
Manage user conduct. If your site includes user accounts, submissions, reviews, or community features, your ToS set the rules for acceptable behavior and give you the authority to remove users or content.
Comply with the law. Several Minnesota statutes impose specific requirements on businesses operating websites. Your ToS is one of the primary vehicles for meeting those obligations.
The Enforceability Question: Clickwrap vs. Browsewrap
Before diving into what your ToS should say, it’s worth understanding whether they’ll actually hold up in court. The answer depends on how you present them to users.
Clickwrap Agreements (Enforceable)
A clickwrap agreement requires the user to take a specific action to indicate consent—checking a box, clicking “I Agree,” or completing a similar affirmative step. Courts, including federal courts in the Eighth Circuit (which covers Minnesota), consistently enforce clickwrap agreements because the user has clearly assented to the terms.
If your website involves transactions, account creation, or data collection, use a clickwrap mechanism. It is the most reliable way to ensure your ToS are binding.
Browsewrap Agreements (Risky)
A browsewrap agreement relies on a link at the bottom of the page—”By using this site, you agree to our Terms of Service”—without requiring any affirmative action from the user. Courts have repeatedly found browsewrap agreements unenforceable, particularly when the link to the terms is inconspicuous or the user had no reason to know the terms existed.
The takeaway: If your terms are only accessible through a small link in the footer, they may not protect you when you need them most. At a minimum, make the link conspicuous. For critical transactions, require affirmative consent.
What Your Minnesota Business Website ToS Should Include
1. Acceptance of Terms
Start with clear language establishing that using the website constitutes acceptance of the terms. If you use a clickwrap mechanism (recommended), reference the specific action that constitutes acceptance.
Be explicit about what triggers the agreement: visiting the site, creating an account, making a purchase, or all of the above. This clarity matters if the enforceability of your ToS is ever challenged.
2. Limitation of Liability
This may be the single most important clause in your Terms of Service. A limitation of liability clause caps the amount of damages a user can recover from your company.
Minnesota enforceability standards: Courts in Minnesota generally enforce limitation of liability clauses in commercial agreements between sophisticated parties. However, the clause must be:
- Conspicuous — Courts look for language that stands out, such as bold text or capital letters
- Clear and unambiguous — Vague limitations are interpreted against the drafter
- Not unconscionable — A limitation that eliminates all remedies may be struck down
Under Minnesota’s UCC provision (Minn. Stat. Section 336.2-302), a court can refuse to enforce a clause it finds unconscionable. However, when two experienced business parties have negotiated the agreement, limitation of liability provisions are generally presumed conscionable.
Practical guidance: Cap liability at the amount the user paid for services, or a defined dollar amount. Exclude consequential, incidental, and indirect damages. Make the limitation conspicuous in the document.
3. Governing Law and Dispute Resolution
Specify that your ToS are governed by Minnesota law and that disputes will be resolved in Minnesota courts. This is a forum selection clause, and it protects your business from having to litigate in another state.
Forum selection clauses and enforceability: Courts are more likely to enforce a forum selection clause in a clickwrap agreement than in a browsewrap arrangement. If your ToS are presented through an inconspicuous footer link, a court in another jurisdiction may refuse to honor your Minnesota forum selection clause.
Arbitration clauses: Some businesses include mandatory arbitration provisions. In Minnesota, arbitration clauses are generally enforceable under both the Federal Arbitration Act and the Minnesota Uniform Arbitration Act (Minn. Stat. Ch. 572B). Arbitration can be faster and less expensive than litigation, but it also limits the user’s ability to pursue class actions—which may be a strategic consideration depending on your business model.
4. Intellectual Property Protection
Your website likely contains copyrighted content, trademarks, and potentially trade secrets. Your ToS should:
- State that all website content is owned by your company (or licensed to it)
- Prohibit unauthorized reproduction, distribution, or modification
- Address user-generated content—if users can post reviews, comments, or submissions, specify who owns that content and what license your company receives to use it
- Include a DMCA takedown procedure if your site hosts user content
5. User Conduct and Account Terms
If your website allows account creation, set clear expectations:
- Prohibited activities (scraping, unauthorized access, misuse)
- Account termination rights—your right to suspend or terminate accounts for violations
- Password and security responsibilities
- Age restrictions (if applicable)
6. Payment Terms and Refund Policies
If your website processes payments:
- Clearly state pricing, billing cycles, and payment methods
- Describe your refund or cancellation policy
- Address automatic renewals—Minnesota has specific requirements for automatic renewal disclosures under Minn. Stat. Section 325G.132, which requires clear and conspicuous disclosure of the automatic renewal terms before the consumer subscribes
7. Disclaimers
Include appropriate disclaimers for:
- Accuracy of information — If your site provides educational or informational content, disclaim that it does not constitute professional advice
- Third-party links — Disclaim responsibility for content on linked third-party websites
- Warranty disclaimers — Disclaim implied warranties to the extent permitted by law, using conspicuous language (typically in capital letters)
Minnesota-Specific Legal Requirements
Beyond the standard ToS provisions, Minnesota law imposes specific obligations on businesses operating websites.
Minnesota Consumer Data Privacy Act (MCDPA)
The Minnesota Consumer Data Privacy Act took effect on July 31, 2025, and imposes significant requirements on businesses that collect personal data from Minnesota residents.
Who it applies to: Businesses that conduct business in Minnesota or produce products or services targeted to Minnesota residents, and that during a calendar year either (a) control or process personal data of 100,000 or more consumers, or (b) control or process personal data of 25,000 or more consumers and derive more than 25% of gross revenue from the sale of personal data.
What it requires:
- Privacy notices explaining what personal data you collect, how you use it, how long you retain it, and what rights consumers have
- Consumer rights including the right to access, correct, delete, and obtain a copy of their personal data
- Opt-out mechanisms for targeted advertising, sale of personal data, and profiling
- Universal opt-out recognition — Your website must recognize and honor universal opt-out signals sent through browser settings or extensions
- Consent requirements — Consent must be “freely given, informed, and unambiguous.” Burying consent in broad Terms of Service language is not sufficient
Enforcement: The Minnesota Attorney General has enforcement authority. After January 31, 2026, the AG can pursue violations without first providing a 30-day cure period.
What this means for your ToS and privacy policy: Your website almost certainly needs a standalone privacy policy that addresses MCDPA requirements. Your ToS should reference this privacy policy and incorporate it by reference. The days of a generic privacy paragraph buried in your ToS are over.
Data Breach Notification (Minn. Stat. Section 325E.61)
If your business collects personal information through your website (and nearly every business does), you have obligations under Minnesota’s data breach notification statute.
Key requirements:
- If unencrypted personal information is breached, you must notify affected Minnesota residents “in the most expedient time possible and without unreasonable delay”
- Personal information includes a name combined with Social Security number, driver’s license number, financial account numbers, or health information
- If a breach affects more than 500 people, you must notify consumer reporting agencies within 48 hours
- Information that is encrypted is generally exempt, provided the encryption key was not also compromised
Practical impact for your website: If your site collects customer data—names, emails, payment information, account credentials—you should have a data security plan in place and reference your data practices in your privacy policy. Your ToS should include a provision addressing how you handle data and what happens in the event of a breach.
Minnesota Consumer Fraud Act (Minn. Stat. Section 325F.69)
The Consumer Fraud Act prohibits any “fraud, false pretense, false promise, misrepresentation, misleading statement or deceptive practice” in connection with the sale of merchandise. This statute applies to your website in several ways:
- Truthful representations — Product descriptions, pricing, service capabilities, and claims on your website must be accurate
- No deceptive practices — Bait-and-switch tactics, hidden fees, and misleading terms are prohibited
- Unfair or unconscionable acts — Practices that are “oppressive” or “unscrupulous” are actionable, even if they don’t involve outright fraud
For your ToS: Ensure that the terms match the actual customer experience. If your ToS describe a refund process, follow it. If your website makes service promises, your ToS shouldn’t contradict them. Consistency between your marketing, your website, and your terms is both a legal requirement and a trust-building practice.
Automatic Renewal Disclosures
Under Minn. Stat. Section 325G.132, if your business offers subscriptions or memberships that automatically renew, you must:
- Clearly and conspicuously disclose the automatic renewal terms before the consumer subscribes
- Provide a simple mechanism for cancellation
- Send a renewal reminder before each renewal period
This applies to any subscription-based service offered through your website. If you charge recurring fees, review your current renewal disclosures against these requirements.
Building Your ToS: Practical Steps
Step 1: Audit Your Website’s Functions
Before drafting terms, understand what your website actually does:
- Does it process payments?
- Does it collect personal data? (If there’s a contact form, the answer is yes.)
- Does it allow user accounts or logins?
- Does it host user-generated content?
- Does it use cookies, analytics, or tracking tools?
- Does it offer subscriptions or automatic renewals?
Each function creates specific legal obligations that your ToS need to address.
Step 2: Draft a Standalone Privacy Policy
Your privacy policy should be separate from your ToS. The MCDPA requires specific disclosures that are distinct from your contractual terms. A standalone privacy policy is easier for consumers to find, easier for you to update, and more likely to satisfy regulatory requirements.
Step 3: Implement Proper Consent Mechanisms
For e-commerce, account creation, or data collection: use clickwrap consent. Require users to affirmatively agree before proceeding. A checkbox with a link to the full ToS and privacy policy is the current standard.
For informational websites without transactions: a conspicuous banner or footer notice with links to your ToS and privacy policy provides a baseline. But if you’re collecting any data (even through analytics tools), your MCDPA obligations may require more.
Step 4: Make Your Terms Accessible and Readable
- Use plain language where possible—courts look more favorably on terms that a reasonable person can understand
- Use headers and sections for easy navigation
- Make limitation of liability, arbitration clauses, and other significant terms conspicuous
- Provide the effective date and note when terms were last updated
Step 5: Review and Update Regularly
Minnesota law in this area is evolving. The MCDPA is new. Federal privacy legislation may follow. Your ToS should be reviewed at least annually to ensure compliance with current requirements.
Common Mistakes Minnesota Business Owners Make
Using a generic template without customization. Free templates may not address Minnesota-specific requirements, particularly the MCDPA, data breach notification, and automatic renewal statutes. A template is a starting point, not a finished product.
Burying the terms. If users have to hunt for your ToS, enforceability weakens. Make them accessible from every page, and use clickwrap for transactions.
Ignoring the privacy policy. Under the MCDPA, a privacy policy is no longer optional for businesses that collect personal data from Minnesota residents. It must be separate, detailed, and accessible.
Setting it and forgetting it. Laws change. Your business changes. Terms drafted three years ago may not reflect current operations or legal requirements. Annual review is a reasonable cadence.
Contradicting your own marketing. If your website promises “hassle-free returns” but your ToS says “all sales final,” you have both a legal problem and a trust problem.
Key Takeaways
-
Terms of Service are a binding contract. Treat them with the same care you would give any business agreement.
-
Use clickwrap consent for transactions. Browsewrap (a link in the footer) is far less likely to be enforceable.
-
Minnesota has specific requirements. The MCDPA, data breach notification statute, Consumer Fraud Act, and automatic renewal law all affect what your website must disclose and how.
-
Your privacy policy needs to be separate and specific. Generic privacy language in your ToS no longer meets Minnesota’s requirements.
-
Limitation of liability and forum selection clauses protect your business—but only if they’re conspicuous, clear, and presented through an enforceable consent mechanism.
-
Review your terms annually. Minnesota privacy and consumer protection law is actively evolving.
For guidance on Terms of Service tailored to your business website, contact Aaron Hall.
Aaron Hall is a Minneapolis business attorney who represents business owners and their companies in contracts, employment law, intellectual property, litigation, and business matters.