1. Client Responsibility for Compliance.

The Client acknowledges that they have sole and exclusive responsibility for ensuring that the Website, its content, and its business operations comply with the evolving laws and regulations of any jurisdiction where the Client offers goods or services. Compliance is a dynamic legal requirement, and the Client is responsible for monitoring changes to these laws. The Agency does not provide ongoing legal monitoring services. This includes, but is not limited to:

Privacy & Data: The EU/UK GDPR, Canada’s PIPEDA/Law 25/Bill C-27, and US State laws (CCPA/CPRA).

Consumer Rights: EU consumer protection laws, including the 14-day right of withdrawal.

Accessibility: The European Accessibility Act (EAA) and the Accessibility for Ontarians with Disabilities Act (AODA).

Online Governance: The EU Digital Services Act (DSA) regarding content moderation and “dark patterns.”

AI & Automation: The EU AI Act and regulations regarding automated data processing or algorithmic transparency.

2. Agency Status & Third-Party Agreements.

Where the Agency handles personal data on behalf of the Client, the parties agree that the Client is the “Data Controller” and the Agency is the “Data Processor.”

Administrative Actions: To ensure the functional deployment of infrastructure (such as hosting, analytics, or security tools), the Client authorizes the Agency to accept standard Third-Party Data Processing Agreements (DPAs) or Terms of Service on the Client’s behalf as a technical necessity for service deployment. The Agency does not review these third-party terms for legal sufficiency.

Client Instructions: The Agency will process data only on the instructions of the Client. If the Client requires the Agency to enter into specific, non-standard DPAs or “Standard Contractual Clauses” (SCCs), these must be disclosed in writing prior to the project and may be subject to additional legal review fees.

3. Accessibility & Interface Design.

Unless specifically outlined in a Statement of Work, the Agency builds websites to standard usability. The Agency does not warrant that the Website meets WCAG 2.1 Level AA, the EAA, or other specific international accessibility mandates unless the Client explicitly requests, and pays for, a dedicated accessibility audit and implementation in the Statement of Work.

4. International Use & Legal Disclosures.

The Agency provides the technical “vessel” for the Client’s business. It is the Client’s responsibility to provide and maintain all legal text, including Privacy Policies, Terms of Service, and the categorization of cookies within Cookie Consent configurations. The Agency is not a law firm and does not provide legal advice regarding the sufficiency of these documents.

5. Indemnification.

The Client shall indemnify, defend, and hold the Agency harmless against any claims, fines, penalties, or legal fees arising from:

  • The Client’s failure to implement or maintain required legal disclosures.
  • Non-compliance with privacy, accessibility, or trade laws in any jurisdiction.
  • The Agency’s acceptance of third-party terms (e.g., Google DPA) performed in the course of setting up the Client’s infrastructure.