diff --git a/backend/migrations/0029_serviceuser_agreed_privacy_policy.py b/backend/migrations/0029_serviceuser_agreed_privacy_policy.py
new file mode 100644
index 00000000..d09c0570
--- /dev/null
+++ b/backend/migrations/0029_serviceuser_agreed_privacy_policy.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.15 on 2023-02-22 10:56
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('backend', '0028_project_uuid'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='serviceuser',
+            name='agreed_privacy_policy',
+            field=models.BooleanField(default=False),
+        ),
+    ]
diff --git a/backend/models.py b/backend/models.py
index ee452c42..cbcc7749 100644
--- a/backend/models.py
+++ b/backend/models.py
@@ -53,6 +53,7 @@ class ServiceUser(AbstractUser):
     receive_mail_notifications = models.BooleanField(default=True)
     doc_format_pref = models.IntegerField(choices=UserDocumentFormatPreference.USER_DOC_FORMAT_PREF,
                                           default=UserDocumentFormatPreference.JSON)
+    agreed_privacy_policy = models.BooleanField(default=False)
 
     @property
     def has_active_project(self):
diff --git a/backend/rpc.py b/backend/rpc.py
index d4981312..22e8bd26 100644
--- a/backend/rpc.py
+++ b/backend/rpc.py
@@ -3,6 +3,7 @@
 import datetime
 
 import json
+import os
 from urllib.parse import urljoin
 from django.conf import settings
 from django.contrib.auth import authenticate, get_user_model, login as djlogin, logout as djlogout
@@ -26,7 +27,7 @@
 from backend.rpcserver import rpc_method, rpc_method_auth, rpc_method_manager, rpc_method_admin
 from backend.models import Project, Document, DocumentType, Annotation, AnnotatorProject, AnnotationChangeHistory, \
     UserDocumentFormatPreference
-from backend.utils.misc import get_value_from_key_path, insert_value_to_key_path
+from backend.utils.misc import get_value_from_key_path, insert_value_to_key_path, read_custom_document
 from backend.utils.serialize import ModelSerializer
 
 log = logging.getLogger(__name__)
@@ -98,9 +99,10 @@ def register(request, payload):
     username = payload.get("username")
     password = payload.get("password")
     email = payload.get("email")
+    agreed_privacy_policy = True
 
     if not get_user_model().objects.filter(username=username).exists():
-        user = get_user_model().objects.create_user(username=username, password=password, email=email)
+        user = get_user_model().objects.create_user(username=username, password=password, email=email, agreed_privacy_policy=agreed_privacy_policy)
         _generate_user_activation(user)
         djlogin(request, user)
         context["username"] = payload["username"]
@@ -941,6 +943,31 @@ def admin_update_user_password(request, username, password):
     user.save()
 
 
+##################################
+### Privacy Policy/T&C Methods ###
+##################################
+
+@rpc_method
+def get_privacy_policy_details(request):
+
+    details = settings.PRIVACY_POLICY
+
+    custom_docs = {
+        'CUSTOM_PP_DOCUMENT': read_custom_document(settings.CUSTOM_PP_DOCUMENT_PATH) if os.path.isfile(settings.CUSTOM_PP_DOCUMENT_PATH) else None,
+        'CUSTOM_TC_DOCUMENT': read_custom_document(settings.CUSTOM_TC_DOCUMENT_PATH) if os.path.isfile(settings.CUSTOM_TC_DOCUMENT_PATH) else None
+    }
+
+    details.update(custom_docs)
+
+    url = {
+        'URL': request.headers['Host']
+    }
+
+    details.update(url)
+
+    return details
+
+
 ###############################
 ### Utility Methods         ###
 ###############################
diff --git a/backend/tests/test_models.py b/backend/tests/test_models.py
index f895a463..016989fa 100644
--- a/backend/tests/test_models.py
+++ b/backend/tests/test_models.py
@@ -23,6 +23,10 @@ def check_model_fields(self, model_class, field_name_types_dict):
 
 class TestUserModel(TestCase):
 
+    def test_agree_privacy_policy(self):
+        user = get_user_model().objects.create(username="test1", agreed_privacy_policy=True)
+        self.assertTrue(user.agreed_privacy_policy)
+
     def test_document_association_check(self):
         user = get_user_model().objects.create(username="test1")
         user2 = get_user_model().objects.create(username="test2")
diff --git a/backend/utils/misc.py b/backend/utils/misc.py
index 7cd91153..d50c686b 100644
--- a/backend/utils/misc.py
+++ b/backend/utils/misc.py
@@ -39,3 +39,13 @@ def insert_value_to_key_path(obj_dict, key_path, value, delimiter="."):
             return True
 
     return False
+
+
+def read_custom_document(path):
+    """
+    Reads in a text file and returns as a string.
+    Primarily used for reading in custom privacy policy and/or terms & conditions documents.
+    """
+    with open(path) as file:
+        doc_str = file.read()
+    return doc_str
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 746a030e..9b3a896c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,6 +15,14 @@ services:
       - SUPERUSER_USERNAME
       - SUPERUSER_PASSWORD
       - SUPERUSER_EMAIL
+      - PP_HOST_NAME
+      - PP_HOST_ADDRESS
+      - PP_HOST_CONTACT
+      - PP_ADMIN_NAME
+      - PP_ADMIN_ADDRESS
+      - PP_ADMIN_CONTACT
+    volumes:
+      - ./custom-policies:/app/custom-policies/
     depends_on:
       - db
 
diff --git a/docs/docs/developerguide/README.md b/docs/docs/developerguide/README.md
index 60aaa6da..d0853340 100644
--- a/docs/docs/developerguide/README.md
+++ b/docs/docs/developerguide/README.md
@@ -120,7 +120,7 @@ To run separately:
   ```
 
 ## Deployment using Docker
-Deployment is via [docker-compose](https://docs.docker.com/compose/), using [NGINX](https://www.nginx.com/) to serve static content, a separate [postgreSQL](https://hub.docker.com/_/postgres) service containing the database and a database backup service (see `docker-compose.yml` for details).
+Teamware can be deployed via [docker-compose](https://docs.docker.com/compose/), using [NGINX](https://www.nginx.com/) to serve static content, a separate [postgreSQL](https://hub.docker.com/_/postgres) service containing the database and a database backup service (see `docker-compose.yml` for details).
 
 1. Run `./generate-docker-env.sh` to create a `.env` file containing randomly generated secrets which are mounted as environment variables into the container. See [below](#env-config) for details.
 
@@ -218,6 +218,20 @@ email:
     # You will also need to set user and passwordSecret if your
     # mail server requires authentication
 
+privacyPolicy:
+# Contact details of the host and administrator of the teamware instance, if no admin defined, defaults to the host values.
+  host:
+    # Name of the host
+    name: "Service Host"
+    # Host's physical address
+    address: "123 Example Street, City. Country."
+    # A method of contacting the host, field supports HTML for e.g. linking to a form
+    contact: "<a href='mailto:info@examplehost.com'>Email</a>"
+  admin:
+    name: "Dr. Service Admin"
+    address: "Department of Example Studies, University of Example, City. Country."
+    contact: "<a href='mailto:s.admin@example.ac.uk'>Email</a>"
+
 backend:
   # Name of the random secret you created above
   djangoSecret: django-secret
@@ -304,3 +318,46 @@ This package includes the script linked in the documentation above, which simpli
   DJANGO_GMAIL_API_CLIENT_SECRET='google_assigned_secret'
   DJANGO_GMAIL_API_REFRESH_TOKEN='google_assigned_token'
   ```
+
+
+#### Teamware Privacy Policy and Terms & Conditions
+
+Teamware includes a default privacy policy and terms & conditions, which are required for running the application.
+
+The default privacy policy is intended to be compliant with UK GDPR regulations, which may comply with the rights of users of your deployment, however it is your responsibility to ensure that this is the case.
+
+If the default privacy policy covers your use case, then you will need to include configuration for a few contact details.
+
+Contact details are required for the **host** and the **administrator**: the **host** is the organisation or individual responsible for managing the deployment of the teamware instance and the **administrator** is the organisation or individual responsible for managing users, projects and data on the instance. In many cases these roles will be filled by the same organisation or individual, so in this case specifying just the **host** details is sufficient.
+
+For deployment from source, set the following environment variables:
+
+* `PP_HOST_NAME`
+* `PP_HOST_ADDRESS`
+* `PP_HOST_CONTACT`
+* `PP_ADMIN_NAME`
+* `PP_ADMIN_ADDRESS`
+* `PP_ADMIN_CONTACT`
+
+For deployment using docker-compose, set these values in `.env`.
+
+If the host and administrator are the same, you can just set the `PP_HOST_*` variables above which will be used for both.
+
+##### Including a custom Privacy Policy and/or Terms & Conditions
+
+If the default privacy policy or terms & conditions do not cover your use case, you can easily replace these with your own documents.
+
+If deploying from source, include markdown (`.md`) files in a `custom-policies` directory in the project root with the exact names `custom-policies/privacy-policy.md` and/or `custom-policies/terms-and-conditions.md` which will be rendered at the corresponding pages on the running web app.  If you are not familiar with the Markdown language there are a number of free WYSIWYG-style editor tools available including [StackEdit](https://stackedit.io/app) (browser based) and [Zettlr](https://www.zettlr.com) (desktop app).
+
+If deploying with docker compose, place the `custom-policies` directory at the same location as the `docker-compose.yml` file before running `./deploy.sh` as above.
+
+An example custom privacy policy file contents might look like:
+
+```md
+# Organisation X Teamware Privacy Policy
+...
+...
+## Definitions of Roles and Terminology
+...
+...
+```
\ No newline at end of file
diff --git a/frontend/src/AnnotationApp.vue b/frontend/src/AnnotationApp.vue
index fa13225d..2f0f0cf9 100644
--- a/frontend/src/AnnotationApp.vue
+++ b/frontend/src/AnnotationApp.vue
@@ -2,14 +2,16 @@
   <div id="app">
     <navbar></navbar>
     <router-view :key="$route.fullPath"></router-view>
+    <pagefooter></pagefooter>
   </div>
 </template>
 <script>
 import navbar from './components/navbar.vue';
+import pagefooter from './components/pagefooter.vue';
 import {initToast} from "@/utils";
 
 export default {
-  components: { navbar },
+  components: { navbar, pagefooter },
   mounted() {
     initToast(this)
   }
diff --git a/frontend/src/components/navbar.vue b/frontend/src/components/navbar.vue
index b7a9f05a..af7e6d2b 100644
--- a/frontend/src/components/navbar.vue
+++ b/frontend/src/components/navbar.vue
@@ -27,7 +27,6 @@
               <b-icon-box-arrow-up-right
                   style="position: relative; font-size: 0.8em; padding-bottom: 0.2em;"></b-icon-box-arrow-up-right>
             </b-nav-item>
-            <b-nav-item to="/about">About</b-nav-item>
           </b-navbar-nav>
 
 
diff --git a/frontend/src/components/pagefooter.vue b/frontend/src/components/pagefooter.vue
new file mode 100644
index 00000000..ab4052ff
--- /dev/null
+++ b/frontend/src/components/pagefooter.vue
@@ -0,0 +1,28 @@
+<template>
+  <div id="footer">
+    <div>
+      <b-navbar type="light" variant="light" toggleable="md" fixed="bottom">
+        <b-navbar-nav align="right" :small=true>
+          <b-nav-text>v{{ appVersion }}</b-nav-text>
+          <b-nav-item to="/privacypolicy">Privacy Policy</b-nav-item>
+          <b-nav-item to="/cookies">Cookies Policy</b-nav-item>
+          <b-nav-item to="/terms">Terms & Conditions</b-nav-item>
+          <b-nav-item to="/about">About</b-nav-item>
+        </b-navbar-nav>
+      </b-navbar>
+    </div>
+  </div>
+</template>
+<script>
+
+import {version} from '../../../package.json'
+
+export default {
+  data: () => ({
+    appVersion: version
+  }),
+}
+</script>
+
+<style>
+</style>
diff --git a/frontend/src/router/index.js b/frontend/src/router/index.js
index 16a5c424..1a2afd17 100644
--- a/frontend/src/router/index.js
+++ b/frontend/src/router/index.js
@@ -21,6 +21,18 @@ const routes = [
         component: () => import(/* webpackChunkName: "about" */ '../views/About.vue'),
         meta: {guest: true},
     },
+    {
+        path: '/privacypolicy',
+        name: 'Privacy Policy',
+        component: () => import('../views/PrivacyPolicy.vue'),
+        meta: {guest: true},
+    },
+    {
+        path: '/terms',
+        name: 'Terms & Conditions',
+        component: () => import('../views/TermsAndConditions.vue'),
+        meta: {guest: true},
+    },
     {
         path: '/login',
         name: 'Login',
diff --git a/frontend/src/store/index.js b/frontend/src/store/index.js
index cd4455b2..e5355b3f 100644
--- a/frontend/src/store/index.js
+++ b/frontend/src/store/index.js
@@ -72,6 +72,15 @@ export default new Vuex.Store({
             await rpc.call("logout");
             commit("updateUser", params);
         },
+        async getPrivacyPolicyDetails() {
+            try{
+                let response = await rpc.call("get_privacy_policy_details");
+                return response
+            }catch (e){
+                console.error(e)
+                throw e
+            }
+        },
         async register({dispatch, commit}, params) {
             try{
                 const payload = {
diff --git a/frontend/src/views/PrivacyPolicy.vue b/frontend/src/views/PrivacyPolicy.vue
new file mode 100644
index 00000000..f705e2cc
--- /dev/null
+++ b/frontend/src/views/PrivacyPolicy.vue
@@ -0,0 +1,157 @@
+<template>
+  <div class="container" v-if="!privacyPolicyDetails.CUSTOM_PP_DOCUMENT">
+    <h1>{{ productName }} Privacy Policy</h1>
+
+    <p>Last updated: {{ lastUpdated }}</p>
+    
+    <h2>Definitions of Roles and Terminology</h2>
+    <p>
+    For the purposes of this privacy policy the following roles are defined. Note that in some cases, the Host and Administrator (and/or the Project Manager) may constitute the same individual or organisation.
+
+    <ul>
+    <li><strong>{{ productName }}</strong>: The open source software that implements a {{ productName }} server, developed by GATE.</li>
+    <li><strong>{{ productName }} Instance</strong>: A single running implementation of {{ productName }} running at a unique URL. User accounts and data on a single instance are not shared with or transferable to other instances and administrators/project managers do not necessarily have the same privileges on other instances.</li>
+    <li><strong>Host</strong>: The individual or organisation responsible for maintaining the deployment of this {{ productName }} instance either on their own hardware or that of a third-party provider. The host may also be responsible for installing {{ productName }}, updating, running and ceasing the running of the {{ productName }} instance.</li>
+    <li><strong>Administrator</strong>: The individual(s) or team of individuals responsible for the creation and management of user accounts and projects across the entire {{ productName }} instance. Administrators have {{ productName }} user accounts with elevated privileges.</li>
+    <li><strong>Project Manager</strong>: Individuals with user accounts with elevated privileges on the {{ productName }} instance to create and delete projects.</li>
+    <li><strong>Annotator</strong>: The default user account type for individuals registering with a {{ productName }} instance, used primarily for users who are assigned annotation tasks. Annotators do not have access to manage projects or users. Note that the act of annotation can also be performed by users who are project managers or administrators.</li>
+    </ul>
+    </p>
+    <h2>Contact Details</h2>
+    <p>
+    <div style="width: 100%; overflow: hidden;">
+        <div style="width: 600px; float: left;">
+          <h3>Host</h3>
+          <p>Name: {{ privacyPolicyDetails.HOST_NAME }}</p>
+          <p>Address: {{ privacyPolicyDetails.HOST_ADDRESS }}</p>
+          <p>Contact: <span v-html="privacyPolicyDetails.HOST_CONTACT"></span></p>
+        </div>
+        <div style="margin-left: 620px;">
+          <h3>Administrator</h3>
+          <p>Name: {{ privacyPolicyDetails.ADMIN_NAME }}</p>
+          <p>Address: {{ privacyPolicyDetails.ADMIN_ADDRESS }}</p>
+          <p>Contact: <span v-html="privacyPolicyDetails.ADMIN_CONTACT"></span></p>
+        </div>
+    </div>
+    </p>
+    <h2>The type of personal information we collect</h2>
+    <p>
+    We collect the following information:
+      <ul>
+      <li><strong>User Credentials</strong>: used for administrating user accounts: Email address, username, password. Passwords are not stored or accessible as plain text.</li>
+      <li><strong>Document and Annotations</strong>: Documents are the text files uploaded by project managers and annotations are the labels given to them during the annotation process by annotators. Project managers are responsible for both of these types of data and administrating what is stored. Since annotations may contain free text input for annotators to fill in, it is the responsibility of project managers to warn annotators against entering any personal information into fields like this. Project managers are also responsible for meeting the requirements of the rights of users, explained below in “Your data protection rights”.</li>
+      </ul>
+    </p>
+
+    <h2>How and why {{ productName }} collects personal information</h2>
+    <p>
+      Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
+    </p>
+
+    <h3>To carry out our contract with you</h3>
+    <p>
+      When you register for a {{ productName }} account, {{ productName }} collects your username, email address and password which are used to: 
+      allow you to log in and use {{ productName }} securely; verify your identity before using the service; contact you if required regarding 
+      your data, account or updates to the terms of service.
+      
+      When project managers and/or administrators upload documents for annotation and annotations are made, 
+      data is stored for the purposes of managing annotation tasks and providing {{ productName }}’s functionality.
+    </p>
+
+    <h3>When we believe it is in our legitimate interests</h3>
+    <p>
+      When you use {{ productName }} the host stores your IP address in the form of request logs, which are used to monitor and diagnose any issues with the web service. 
+      Such logs are not shared except if necessary to comply with a legal obligation, and are deleted once they are no longer required, typically within a few weeks of their creation.
+    
+      When {{ productName }} projects are either completed or deleted, aggregated, anonymous data including the number of documents, 
+      number of annotators, number of annotations are sent to the developers of {{ productName }}, GATE. {{ productName }} is provided as free, 
+      open source software and collecting usage statistics allows GATE to demonstrate its usage to funders, 
+      allowing us to support its development and maintenance.
+    </p>
+
+    <h2>How we store personal information</h2>
+    <p>
+
+      Your information is securely stored.
+
+      Data is kept within a {{ productName }} instance as long as the instance is running; or until it is deleted. 
+      Once an instance is no longer running, data will be kept for a duration according to the agreement between the host and administrator.
+    </p>
+
+    <h2>Your data protection rights</h2>
+    <p>
+      Under data protection law, you have rights including:<br>
+      
+      <strong>Your right of access</strong> - You have the right to ask the host or administrator(s) for copies of your personal information.<br>
+
+      <strong>Your right to rectification</strong> - You have the right to ask the host or administrator(s) to rectify personal information you think is inaccurate. 
+      You also have the right to ask the host or administrator(s) to complete information you think is incomplete.<br>
+
+      <strong>Your right to erasure</strong> - You have the right to ask the host or administrator(s) to erase your personal information in certain circumstances. 
+      Please use the facilities within {{ productName }} to delete your account if required, at which point any annotations or documents will remain, but your account will be anonymised.<br>
+
+      <strong>Your right to restriction of processing</strong> - You have the right to ask us to restrict the processing of your personal information in certain circumstances.<br>
+
+      <strong>Your right to object to processing</strong> - You have the right to object to the processing of your personal information in certain circumstances.<br>
+
+      <strong>Your right to data portability</strong> - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.<br>
+      <br>
+      You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.<br>
+      
+      Please contact the host and/or administrators at the contact details above if you wish to make a request.<br>
+
+    </p>
+
+    <h2>How to complain</h2>
+    <p>
+      If you have any concerns about the use of your personal information in {{ productName }}, 
+      you can make a complaint to the host and or administrator at the contact details above.
+      You can also complain to the Information Commissioner’s Office (ICO) if you are unhappy with how your data is used.
+      <br>
+      The ICO’s address:<br>
+      Information Commissioner’s Office<br>
+      Wycliffe House<br>
+      Water Lane<br>
+      Wilmslow<br>
+      Cheshire<br>
+      SK9 5AF<br>
+      United Kingdom<br>
+      <br>
+      Helpline number: 0303 123 1113<br>
+      ICO website: <a href="https://www.ico.org.uk">https://www.ico.org.uk</a>
+      <br><br><br>
+    </p>
+
+  </div>
+
+  <div class="container" v-else>
+    <MarkdownRenderer :content="privacyPolicyDetails.CUSTOM_PP_DOCUMENT"></MarkdownRenderer>
+  </div>
+</template>
+<script>
+
+import {mapActions} from 'vuex'
+import MarkdownRenderer from "@/components/MarkdownRenderer";
+
+export default {
+  name: "Privacy Policy",
+  title: 'Privacy Policy',
+  components: {MarkdownRenderer},
+  data: () => ({
+    lastUpdated: "9th March 2023",
+    productName: "Teamware",
+    privacyPolicyDetails: {}
+  }),
+  methods:{
+    ...mapActions(["getPrivacyPolicyDetails"]),
+    async fetchPrivacyPolicyDetails(){
+      this.privacyPolicyDetails = await this.getPrivacyPolicyDetails();
+    }
+  },
+  mounted() {
+    this.fetchPrivacyPolicyDetails();
+  }
+
+
+}
+</script>
diff --git a/frontend/src/views/Register.vue b/frontend/src/views/Register.vue
index 33f42d16..2c866837 100644
--- a/frontend/src/views/Register.vue
+++ b/frontend/src/views/Register.vue
@@ -19,6 +19,8 @@
         <b-form-input type="password" v-model="form.confirmpassword" placeholder="Type password again to confirm"/>
       </b-form-group>
 
+      <p>By registering to use Teamware, you confirm that you are over 18 years of age and have read and agreed to Teamware's <a href="/privacypolicy" target="_blank">privacy policy</a> and <a href="/terms" target="_blank">terms & conditions</a>.</p>
+      
       <transition name="fade">
         <div class="alert alert-warning" role="alert" v-if="error">
           {{ error.message }}
diff --git a/frontend/src/views/TermsAndConditions.vue b/frontend/src/views/TermsAndConditions.vue
new file mode 100644
index 00000000..edd14129
--- /dev/null
+++ b/frontend/src/views/TermsAndConditions.vue
@@ -0,0 +1,129 @@
+<template>
+  <div class="container" v-if="!privacyPolicyDetails.CUSTOM_TC_DOCUMENT">
+    
+    <h1>Terms & Conditions</h1>
+    <p>
+    Last updated: {{ lastUpdated }}
+    <br><br>
+    These terms and conditions (the “Terms and Conditions”) govern the use of {{ productName }}. {{ productName }} is owned and operated by the Host on behalf of the Administrator. {{ productName }} is a service.
+    <br>
+    By using {{ productName }}, you indicate that you have read and understand these Terms and Conditions and agree to abide by them at all times.
+    </p>
+    <h2>Definitions</h2>
+    <p>
+    <ul>
+    <li><strong>Host</strong>: The individual or organisation responsible for maintaining the deployment {{ productName }} either on their own hardware or that of a third-party provider. The host may also be responsible for installing {{ productName }}, updating, running and ceasing the running of {{ productName }} at {{ privacyPolicyDetails.URL }}.</li>
+    <li><strong>Administrator</strong>: The individual(s) or team of individuals responsible for the creation and management of user accounts and projects across {{ privacyPolicyDetails.URL }}.</li>
+    </ul>
+    </p>
+    <p>
+    <h2>Intellectual Property</h2>
+    All content published and made available using {{ productName }} is the property of the Host, Administrator and {{ productName }}’s creators. 
+    This includes but is not limited to images, text logos, documents, downloadable files and anything that contributes to the composition of our Site.
+    </p>
+    <h2>Acceptable Use</h2>
+    <p>
+    As a user of {{ productName }}, you agree to use {{ productName }} legally, not to use {{ productName }} for illegal purposes, and not to:
+    <br>
+    <ul>
+    <li>Harass and mistreat other users of {{ productName }};</li>
+    <li>Violate the rights of other users of {{ productName }};</li>
+    <li>Violate the intellectual property rights of the {{ productName }} owners or any third party to {{ productName }};</li>
+    <li>Hack into the account of another user of {{ productName }};</li>
+    <li>Act in any way that could be considered fraudulent; or</li>
+    <li>Post any material that may be deemed inappropriate or offensive.</li>
+    </ul>
+    If it is believed that you are using {{ productName }} illegally or in a manner that violates these Terms and Conditions, the Host reserves the right to limit, suspend or terminate your access to {{ productName }}. The Host also reserves the right to take any legal steps necessary to prevent you from accessing {{ productName }}.
+    </p>
+    <h2>User Contributions</h2>
+    <p>
+    Users may post the following information on {{ productName }}:
+    <ul>
+    <li>Documents; and</li>
+    <li>Annotations.</li>
+    </ul>
+    By adding information to {{ productName }}, you agree to not act illegally or violate these Terms and Conditions.
+    </p>
+    <h2>Accounts</h2>
+    <p>
+    When you create a {{ productName }} account, you agree to the following:
+    <br>
+    You are solely responsible for your account and the security and privacy of your account, including passwords or sensitive information attached to that account; and
+    All personal information you provide to use through your account is up to date, accurate, and truthful and that you will update your personal information if it changes.
+    <br>
+    The Host reserves the right to suspend or terminate your account if you are using {{ productName }} illegally or if you violate these Terms and Conditions.
+    </p>
+    <p>
+    <h2>Limitation of Liability</h2>
+    The Host and our directors, officers, agents, employees, subsidiaries, and affiliates will not be liable for any actions, claims, losses, damages, liabilities and expenses including legal fees from your use of {{ productName }}.
+    </p>
+    <h2>Indemnity</h2>
+    <p>
+    Except where prohibited by law, by using {{ productName }} you indemnify and hold harmless the Host and our directors, officers, agents, employees, subsidiaries, and affiliates from any actions, claims, losses, damages, liabilities and expenses including legal fees arising out of your use of {{ productName }} or your violation of these Terms and Conditions.
+    </p>
+    <h2>Applicable Law</h2>
+    <p>
+    These Terms and Conditions are governed by the laws of the Country of England.
+    </p>
+    <h2>Severability</h2>
+    <p>
+    If at any time any of the provisions set forth in these Terms and Conditions are found to be inconsistent of invalid under applicable laws, those provisions will be deemed void and will be removed from these Terms and Conditions. All other provisions will not be affected by the removal and the rest of these Terms and Conditions will still be considered valid.
+    </p>
+    <h2>Changes</h2>
+    <p>
+    These Terms and Conditions may be amended from time to time in order to maintain compliance with the law and to reflect any changes to the way we operate {{ productName }} and the way we expect users to behave using {{ productName }}. We will notify users by email of changes to these Terms and Conditions or post a notice on the site.
+    </p>
+    <h2>Contact Details</h2>
+    <p>
+    Please contact us if you have any questions or concerns. Our contact details are as follows:
+    <br><br>
+    <div style="width: 100%; overflow: hidden;">
+      <div style="width: 600px; float: left;">
+        <h3>Host</h3>
+          <p>Name: {{ privacyPolicyDetails.HOST_NAME }}</p>
+          <p>Address: {{ privacyPolicyDetails.HOST_ADDRESS }}</p>
+          <p>Contact: <span v-html="privacyPolicyDetails.HOST_CONTACT"></span></p>
+        </div>
+        <div style="margin-left: 620px;">
+          <h3>Administrator</h3>
+          <p>Name: {{ privacyPolicyDetails.ADMIN_NAME }}</p>
+          <p>Address: {{ privacyPolicyDetails.ADMIN_ADDRESS }}</p>
+          <p>Contact: <span v-html="privacyPolicyDetails.ADMIN_CONTACT"></span></p>
+      </div>
+    </div>
+    <br><br>
+    </p>
+
+  </div>
+
+  <div class="container" v-else>
+    <MarkdownRenderer :content="privacyPolicyDetails.CUSTOM_TC_DOCUMENT"></MarkdownRenderer>
+  </div>
+</template>
+<script>
+
+import {mapActions} from 'vuex'
+import MarkdownRenderer from "@/components/MarkdownRenderer";
+
+export default {
+  name: "Terms & Conditions",
+  title: 'Terms & Conditions',
+  components: {MarkdownRenderer},
+  data: () => ({
+    lastUpdated: "9th March 2023",
+    productName: "Teamware",
+    privacyPolicyDetails: {}
+  }),
+  methods:{
+    ...mapActions(["getPrivacyPolicyDetails"]),
+    async fetchPrivacyPolicyDetails(){
+      this.privacyPolicyDetails = await this.getPrivacyPolicyDetails();
+    }
+  },
+  mounted() {
+    this.fetchPrivacyPolicyDetails();
+  }
+
+
+}
+</script>
diff --git a/generate-docker-env.sh b/generate-docker-env.sh
index 52d97e9f..a9985b25 100755
--- a/generate-docker-env.sh
+++ b/generate-docker-env.sh
@@ -36,7 +36,9 @@ case $BRANCH in
 esac
 
 # Populate .env with either existing or default values of the environment variables
-cat > .env <<EOF
+exec 3> .env
+
+cat 1>&3 <<EOF
 # GATE Teamware Docker Deployment Configuration
 # Add values to the variables here, most existing values will be kept after running generate-docker-env.sh
 # Anything that is left blank will be filled with a default value.
@@ -108,10 +110,39 @@ DJANGO_EMAIL_SECURITY=${DJANGO_EMAIL_SECURITY:-tls}
 
 # If the server requires you to identify yourself with a client certificate,
 # Add these variables at the bottom of this file, after the DO NOT EDIT line
-# 
+#
 # DJANGO_EMAIL_CLIENT_KEY=/path/to/private.key
 # DJANGO_EMAIL_CLIENT_CERTIFICATE=-/path/to/certificate.pem
 
+# Privacy Policy and T&C Details
+PP_HOST_NAME="${PP_HOST_NAME:-GATE}"
+PP_HOST_ADDRESS="${PP_HOST_ADDRESS:-Department of Computer Science, The University of Sheffield, Regent Court, 211 Portobello, Sheffield, S1 4DP. UK}"
+PP_HOST_CONTACT="${PP_HOST_CONTACT:-<a href='https://gate.ac.uk/g8/contact' target='_blank'>Contact GATE</a>}"
+
+# If admin (responsible for managing users) is not the same as the host
+# (who manages the underlying server) then set their details separately
+EOF
+
+if [ -n "$PP_ADMIN_NAME" ]; then
+  echo "PP_ADMIN_NAME=\"${PP_ADMIN_NAME}\"" 1>&3
+else
+  echo "# PP_ADMIN_NAME=\"Administrator's name\"" 1>&3
+fi
+
+if [ -n "$PP_ADMIN_ADDRESS" ]; then
+  echo "PP_ADMIN_ADDRESS=\"${PP_ADMIN_ADDRESS}\"" 1>&3
+else
+  echo "# PP_ADMIN_ADDRESS=\"123 Anywhere Street, Sometown\"" 1>&3
+fi
+
+if [ -n "$PP_ADMIN_CONTACT" ]; then
+  echo "PP_ADMIN_CONTACT=\"${PP_ADMIN_CONTACT}\"" 1>&3
+else
+  echo "# PP_ADMIN_CONTACT=\"<a href='mailto:admin@example.com'>Contact the admin</a>\"" 1>&3
+fi
+
+cat 1>&3 <<EOF
+
 ### DO NOT EDIT THIS COMMENT
 ### generate-docker-env.sh will not touch anything below this line
 EOF
diff --git a/teamware/settings/base.py b/teamware/settings/base.py
index be398b8b..793e8f69 100644
--- a/teamware/settings/base.py
+++ b/teamware/settings/base.py
@@ -235,3 +235,22 @@
 TELEMETRY_ON = False
 TELEMETRY_BASE_URL = 'https://reports.gate.ac.uk/'
 TELEMETRY_PATH = 'phone_home'
+
+"""
+Privacy Policy Settings
+"""
+
+CUSTOM_PP_DIR = 'custom-policies'
+CUSTOM_PP_DOCUMENT_PATH = os.path.join(CUSTOM_PP_DIR, 'privacy-policy.md')
+CUSTOM_TC_DOCUMENT_PATH = os.path.join(CUSTOM_PP_DIR, 'terms-and-conditions.md')
+
+PRIVACY_POLICY = {
+    'HOST_NAME': os.getenv('PP_HOST_NAME', 'No name configured.'),
+    'HOST_ADDRESS': os.getenv('PP_HOST_ADDRESS', 'No address configured.'),
+    'HOST_CONTACT': os.getenv('PP_HOST_CONTACT', 'No contact link configured.'),
+}
+PRIVACY_POLICY.update({
+    'ADMIN_NAME': os.getenv('PP_ADMIN_NAME', PRIVACY_POLICY['HOST_NAME']),
+    'ADMIN_ADDRESS': os.getenv('PP_ADMIN_ADDRESS', PRIVACY_POLICY['HOST_ADDRESS']),
+    'ADMIN_CONTACT': os.getenv('PP_ADMIN_CONTACT', PRIVACY_POLICY['HOST_CONTACT'])
+})