Policies your small business should have in place

Privacy Policy

Your privacy policy should be housed on your website and is probably the most important of all your business policies.  If you collect personal customer information such as name, address, date of birth etc, you must advise the customer, how you are going to use that information and more importantly how you are going to store that information.  

If you use a third-party software or app to collect data, you need to check their privacy policy and make sure you include a reference to them in your policy.  You must also let customers know who the chief privacy officer for your company is, along with how to contact them, should the customer need to raise a complaint.  In Canada, privacy is taken very seriously and consumers have the right to put in complaints to the privacy ombudsman if they are not satisfied with the way you are handling their information.  This can lead to hefty fines so be sure to have this at the top of your policy list.

The following are the 3 big Privacy and Anti-Spam regulations that should be adhered to depending on where your customers are and who you are marketing to.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).


California Consumer Privacy Act (CCPA)

This landmark law secures new privacy rights for California consumers, including The right to know about the personal information a business collects about them and how it is used and shared; The right to delete personal information collected from them (with some exceptions).


Canada’s Anti-Spam Legislation (CASL)

Canada’s anti-spam legislation (CASL) protects consumers and businesses from the misuse of digital technology, including spam and other electronic threats. It also aims to help businesses stay competitive in a global, digital marketplace.


Cancellation Policy

Outlining your cancellation policy is not a legal requirement but you should have one in place so that you can effectively deal with clients when the need arises.  Be clear in your own mind about how cancellations work.  If having a customer cancel last minute is going to cost you money – maybe you have resources booked that also have a cancellation policy, or maybe you turned other paying customers away to “save a spot” for this one, then you absolutely have a right to put a timely cancellation policy in place.

 Customers should always be able to cancel what they have ordered from you, be it a service or product – after all, shit happens, but the time scale in which they can cancel and the financial penalty for doing so (see refunds) is what your policy should be concerned with.

 For services provided that are appointment-based, it is not unusual to have a 24-48 minimum cancellation policy, which means that they cannot cancel an appointment without financial implications 24-48 hours before the appointment.  Regarding product-based cancellations, it would depend on whether the product is custom-made, whether you are ordering an item, especially for that customer, whether the item is returnable (can it be sold to another customer) or whether the item is faulty or damaged. For businesses that offer online training or support where materials have been sent out, you need to consider that the client has already previewed your precious materials that they only get to see as a paying customer, they can’t unsee that!

Your cancellation policy can be formed any way you like – maybe you don’t accept cancellations, period!  That’s ok, but you should communicate this somehow to the client before they make a decision to buy from you, otherwise, this is a surefire way to end up with bad reviews on Social Media or worse a BBB complaint!  Cancellation policies can be housed on your website, within your terms and conditions, in your contract for services or on your booking form, as long as a potential client can find the policy and read it you are covering your ass!

Refund Policy

Your Refund policy is directly connected to your cancellation policy and the two usually go hand in hand. There is no law requiring that you have to give refunds, but you should have a policy in place to help you make decisions should a customer ask for a refund.

Many businesses offer “money-back guarantees” as part of their selling process, but they are very clear, in the small print about how you qualify for that guarantee.  Other businesses offer store credit instead of a full refund and if a product has been specially ordered for a customer there can be a “restocking fee”.  

As part of the Diligent Assistant refund policy, we generally don’t give refunds. Our business is service-based and we required that if a customer is not satisfied with a task or service that we carry out, they bring this to our attention upon being invoiced so we can come to an amicable resolution.  If a client refuses to pay an invoice 2 weeks later because they were not happy with the quality of our work, they still have to pay!  Here in Canada if you are not satisfied with a product or service, you have to give the business an opportunity to put it right, you cannot just demand a refund!

With both the cancellation policy and the refund policy, you do not have to stick rigidly to it once you have communicated it to a client or customer.  If you feel that you want to make an exception to your policy and “make it right” for a customer, you can.  The idea behind these business policies is that the customers are informed before they make a purchasing decision as to how they can cancel or get a refund if the situation should occur.  For those of you who do not like confrontation or have experienced “difficult clients” before, the refund and cancellation policies are great tools to refer to when dealing with these situations and it helps you with your decision-making process.  No more wondering if you “should have”, your policy will guide you!

Terms and Conditions

Your Terms and Conditions are usually a larger document that generally houses your business policies on refund and cancellation.  Many companies today have a “terms of service” that talks specifically about website use and this can make up the bulk of your terms and conditions.

If you have materials that you send out to a client or customer for training purposes, you may want to include a paragraph about reproducing your materials, maybe the use of your logo or branding or other items that are specific to your business.  If you ship any items to a customer, or you have deadlines that you need to meet,  you may want to talk about delivery timelines and circumstances that are outside of your control.

Take a look at some of the vendors that you deal with and have a look at their terms and conditions, this will usually give you a good idea as to what should be included in yours.  If they don’t have any – well that is a good indicator as to how well organized that company is and an indication of their business ethics and dealings.

Remember terms and conditions should house Refund and Cancellation policies, or at the very least those should be found somewhere separately.


If your company is involved with helping a client to produce certain results – weight loss, beautiful skin, growing a social media presence, gaining more clients or sales, and you use claims as part of your selling process – 60 days to lose 20lbs, grow your social media presence in just 1 week, then you need a disclaimer on your website or in your terms and conditions to protect yourself against being sued.

Most of these types of “promises” are based on the client or customer committing to certain actions – you can’t promise to help a customer lose 10 lbs in a month if they are constantly eating cake or burgers!  Your disclaimer needs to highlight that these results are produced under “typical” circumstances and require a commitment from the customer. Again, there is no legal requirement to have one of these in place but unlike the other business policies, this one can land you in trouble if you do not protect yourself.

Protect yourself and your company!

All of these business policies need to be accessible to the customer.  You can’t tell a customer “oh that’s too bad, it’s listed in my terms and conditions” if you didn’t give them an opportunity to read the terms and conditions before they made a commitment to purchase – i.e paid or signed a contract.  The best place to house them is on your website where they can be accessed 24/7.  

If you run a business where having the client read these policies is crucial, you can also put checkboxes or initials on a booking form or contract that indicates they have read and understood these business policies.  If you want to make absolutely sure that you have covered yourself against any legal, moral or financial penalties should a customer or client wish to pursue one, always get these business policies checked over by your lawyer and you might want to consider some kind of insurance.