I don’t know what to write in both of these pages before I publish my project. I would greatly appreciate if someone would help me in this regard as I know nothing about the legal side of hosting open source apps nor do I want to spend too much time on this.
For context, my project is a web app that I specifically made sure to be as private as possible. All data generated by the user is made to be completely stored locally in the browser with no trackers or analytics installed. The data can be modified and deleted as per the user’s will along with the ability to import and export the data as JSON files. A local account is required to save progress else the data will be wiped on exiting the site and the core functionalities of the site do not depend on whether an account has been created or not. The only privacy risk would be occasional loading of external resources like image links which I couldn’t find a viable alternative to.
Frankly this is just a small side FOSS project which I do not intend to capitalise on. I still want to mention the TOS and the Privacy Policy just in case, but I couldn’t be bothered to write all this legal matter by hand.
my understanding is that terms of service would be helpful but not needed if someone trued to sue because you blocked access to the site. I would not expect ToS for a site like you are explaining, but if it did it would say “the web admin will ban you if you are naughty, you have been warned”
For privacy policy i think what you wrote to give us context is near perfect. Explain how your app stores data, be specific about encryption at rest and in motion. If your app is designed to hold name, email address, billing info you should highlight that in your policy. including a (monitored) contact email for questions would be nice, but not needed imo unless you are storing PII
For further context, the website is virtually completely local and could be self-hosted. Aside from hosting the project itself, there is no central server to manage any aspect of the users’ interaction with the site or allow communication with other users. There is no sensitive data stored barring the name of the user for which a pseudonym would be just as acceptable.
I think mentioning the ToS and privacy policy is pointless for creating an app like this. If it is possible, I would rather write them myself or omit them altogether.