GDPR Art. 13 requires that privacy information be provided at the time personal data is collected — which means the Privacy Policy must be linked at or before the registration form submit button, not discoverable only through the footer. CCPA §1798.130(a)(5)(A) requires a "conspicuous link" to the privacy policy on the homepage and at points of collection. eprivacy Art. 5(3) requires consent and disclosure at the point of tracking. A footer-only privacy link does not satisfy these requirements — regulators look for proximity of the link to the data collection action. Missing legal links at checkout also directly enable chargebacks: payment processors expect that users had access to refund terms before completing a transaction.
Info because missing legal links at registration and checkout, while a compliance gap, is remediated by a single-line addition per surface rather than an architectural change.
Add legal links to footer, registration form, and checkout page in a single pass. Each surface has a specific requirement.
// 1. Footer — legal nav group
// components/Footer.tsx
<div className="flex flex-wrap gap-4 text-sm text-muted-foreground">
<a href="/terms">Terms of Service</a>
<a href="/privacy">Privacy Policy</a>
{hasPayments && <a href="/refund-policy">Refund Policy</a>}
{hasUGC && <a href="/acceptable-use">Acceptable Use</a>}
</div>
// 2. Registration form — below the submit button
// app/register/page.tsx
<p className="text-xs text-muted-foreground text-center">
By creating an account, you agree to our{' '}
<a href="/terms" className="underline">Terms of Service</a>{' '}and{' '}
<a href="/privacy" className="underline">Privacy Policy</a>.
</p>
// 3. Checkout — near the payment button
// app/checkout/page.tsx
<p className="text-xs text-muted-foreground text-center">
By completing your purchase, you agree to our{' '}
<a href="/terms" className="underline">Terms of Service</a>{' '}and{' '}
<a href="/refund-policy" className="underline">Refund Policy</a>.
</p>
ID: legal-pages-compliance.accessibility-currency.linked-from-registration
Severity: info
What to look for: Enumerate every relevant item. Check three specific surfaces for legal page links. (1) Footer — inspect the footer component for links to Terms, Privacy Policy, and any other applicable legal pages. Check both the link text and the href. (2) Registration/signup form — inspect the registration page and form for a legal acknowledgment near the submit button. This can be a checkbox ("I agree to the Terms of Service and Privacy Policy"), inline text ("By signing up, you agree to..."), or a visible link in proximity to the signup CTA. (3) Checkout flow — if payment features are present, inspect the checkout page for a reference to the Terms of Service and Refund Policy. Users completing a purchase should have access to the legal terms governing that purchase. Check whether the linked text targets the correct route (not a broken link, not /).
Pass criteria: At least 1 of the following conditions is met. Footer includes links to all applicable legal pages. Registration flow includes at minimum a reference to Terms and Privacy Policy before form submission. Checkout flow (if present) references Terms and Refund Policy. All links point to valid, existing routes.
Fail criteria: Footer has no legal links. Registration form has no Terms or Privacy reference. Checkout has no reference to Terms or Refund Policy. Legal links in footer point to 404 routes.
Skip (N/A) when: Application has no footer component, no registration flow, and no checkout flow. This would be an API-only service — extremely rare for a project with legal pages.
Detail on fail: Specify which surfaces are missing. Example: "Footer component found but has no links to /terms or /privacy. No legal navigation." or "Registration form found but no legal acknowledgment or link to Terms/Privacy near the submit button." or "Stripe checkout integration present but no reference to Terms or Refund Policy on the pricing or checkout pages.".
Remediation: Add legal links to all three surfaces systematically:
// 1. Footer — add legal nav section
// components/Footer.tsx
<div className="border-t mt-8 pt-6 flex flex-wrap gap-4 text-sm text-muted-foreground">
<a href="/terms">Terms of Service</a>
<a href="/privacy">Privacy Policy</a>
{hasPayments && <a href="/refund-policy">Refund Policy</a>}
{hasUGC && <a href="/acceptable-use">Acceptable Use</a>}
</div>
// 2. Registration form — add below the submit button
// app/register/page.tsx
<p className="text-xs text-muted-foreground text-center">
By creating an account, you agree to our{' '}
<a href="/terms" className="underline hover:text-foreground">Terms of Service</a>
{' '}and{' '}
<a href="/privacy" className="underline hover:text-foreground">Privacy Policy</a>.
</p>
// 3. Checkout — add near the payment button
// app/checkout/page.tsx
<p className="text-xs text-muted-foreground text-center">
By completing your purchase, you agree to our{' '}
<a href="/terms" className="underline">Terms of Service</a>
{' '}and{' '}
<a href="/refund-policy" className="underline">Refund Policy</a>.
</p>