Free Refund Policy Generator for Marketplace — US Compliant

🇺🇸 Key US Requirements

The United States has a sectoral approach to data privacy — no single federal law covers all businesses, but multiple laws apply depending on your industry and the data you collect. Key federal laws include COPPA (children's data), HIPAA (health data), GLBA (financial data), and CAN-SPAM (email marketing). FTC enforcement can result in significant penalties for deceptive data practices.

• Privacy policy must accurately describe actual data practices (FTC Act Section 5)
• COPPA compliance required if your site knowingly collects data from children under 13
• CAN-SPAM compliance for all commercial email communications
• State laws may apply: California (CCPA), Virginia (VCDPA), Colorado (CPA), and others
• "CalOPPA" requires a privacy policy for any site accessible to California residents
• HIPAA Business Associate Agreements required if handling health data

Marketplace — Specific Considerations

Marketplaces are data controllers for both buyers and sellers, making their privacy obligations more complex than single-sided platforms. You're responsible for how third-party sellers handle buyer data transacted through your platform, and you must disclose data sharing between parties, dispute resolution processes, and rating/review systems.

Data typically collected by Marketplace businesses: buyer and seller profiles, transaction history, messaging data, payment details, reviews and ratings, ID verification data

• Buyer-seller data sharing disclosures
• Third-party seller responsibilities
• Dispute resolution data processing
• Identity verification data handling
• Escrow and payment holding terms