tags:

views:

22

answers:

1
Q: 

End User Agreement - what should be stored?

Hi,

We have an end user agreement for one of our sites. When the end user reads agreement, he'll have an option to accept that agreement by ticking a checkbox and submitting a form.

My question is what data should I store in database and should I store any data at all? The concern that I have, is that user may say that he never ticked that box and never accepted the agreement.

Initially I was going to store the following data:

  1. User Contact Details (Name, address, etc).
  2. Date time when he has accepted the agreement
  3. Copy of the agreement.

Then I was going to encrypt all that data and store in in a database.

What other precautions should I take?

+1  A: 

This is a legal question rather than a technical one : the best person to ask would be a lawyer.

From a technical standpoint, if your application is account-based, you can store in each account whether the owner of that account accepted the end user agreement, and prevent them from doing any critical activity (such as logging in) if they have not accepted yet.

Even if there are no accounts, you can use the session to prevent the user from doing critical activities if they have not accepted the end user agreement within the same session.

Victor Nicollet  2010-09-17 09:41:39
DO i need to store any other information or send an email with a confirmation saying that they have accepted the agreement? We should have some sort of "paper trail" - something that we can use as a proof if needed.
vikp  2010-09-17 09:47:05
The concept of proof is vague and ultimately up to a lawyer to decide. I suspect that if a technical expert mandated by the court can guarantee that your application does not allow people who did not accept the agreement to do X (and can also guarantee based on your server logs that the code did not change since that person did X) then it would be an acceptable proof that the person accepted the agreement.
Victor Nicollet  2010-09-17 09:51:31
That answers my question. Thank you
vikp  2010-09-17 09:52:12

related questions

License guidelines for using log4net in a commercial application
Visual Web Developer Express and .NET, et al.
How to host licensed .Net controls in unmanaged C++ app?
How does the Licenses.licx based .Net component licensing model work?
How do I implement license management for on-site installation of webapps (preferably cross-platform)?
Ever Heard of a License Transfer Fee upon Acquisition?
What is an OPPL License and what are its implications?
Software evaluation licensing
Using icons licensed under GPL or LGPL in a closed source commercial software?
Are there any good icon sites to complement Apache License 2.0?
What are the best liberal software licenses (i.e. non viral/GPL)?
How do you choose an open-source license?
What are the differences between GPL v2 and GPL v3 licenses?
Apache licence vs BSD vs MIT
Proprietary plug-ins for GPL programs: what about interpreted languages?
Ethernet MAC address as activation code for an appliance?
Corporate-Friendly Open Source Licenses
SQL Server Device or User CAL
Best way to license Microsoft software as an independent developer
Why the proliferation of open source licenses?
Arguments for going open source
Migrating from MySQL to PostgreSQL
Best License for Selling Open Source Software
Open Source Licensing Options for ASP.NET MVC Application?
IKVM and Licensing