The issue of Privacy Policies has been simmering for a while now in the online world and recently with the Facebook-Cambridge Analytica scandal in the headlines, it has come to a full boil.
Having a comprehensive and easy-to-understand Privacy Policy not only protects you and your business, but it also can alleviate any concerns your clients may have around these sensitive issues.
A number of countries around the world require you to have a Privacy Policy if your website collects or uses personal information about its citizens. Even though you may not intentionally solicit business from outside the US, the Internet is a global community and you never know where a user, or potential client, may reside.
So, what is personal information?
It is anything that can identify a person, including but not limited to:
- First and last names
- Email Addresses
- Mailing Addresses
- Social Security numbers
If your website collects or uses personal information from citizens in these countries, you’ll need a Privacy Policy.
US
The state of California has its own privacy law–The California Online Privacy Protection Act (CalOPPA). It requires you to provide a clearly linked Privacy Policy on your website.
The EU
As of May 25, 2018, the General Data Protection Regulation (GDPR) will become law.
You’ll need to comply with the GDPR law:
- if you offer products or services to citizens of the EU
- or if you collect information from citizens of the EU
It doesn’t matter where your business is headquartered or located. This is a complex law with a number or requirements, including having a Privacy Policy.
Australia – See: Privacy Act 1988 (Privacy Act)
UK – See: The Data Protection Act (DPA)
Canada – See: Personal Information Act (PIPEDA)
Other countries requiring a Privacy Policy include:
– India
– Singapore
– Malaysia
– South Korea
– Vietnam
Common third-party services like Google Products have Privacy Policy Requirements too. For instance, Google Analytics requires you to post a Privacy Policy if you use their service.
In your privacy policy, let your users know:
– What personal information you collect.
– How you collect it.
– How you use it.
– How you protect it.
– If you share it with third parties.
– How users can control any of this.
Write your Privacy Policy in clear, easy-to-understand language and post it in a conspicuous way for your users to review.
This will keep you compliant with most Privacy Policy requirements.
If you need help writing your Privacy Policy
Given that writing a Privacy Policy can seem like a daunting task, there are services available that can help. You may want to take a look at iubenda. With their service, you fill out a form providing relevant information about the information you collect as well as any third-party services your website uses, i.e., Google Analytics, Salesforce, MailChimp, etc., and it will generate a Privacy Policy meeting the legal requirements of the various global jurisdictions. Then they generate a code snippet that can be inserted into your website creating a Privacy Policy tailored to your website and business. One of the helpful features of this service is that as laws change, the Privacy Policy is updated automatically to comply with the new laws. It costs $27.00 a year. I have test driven this application and seems to live up to its claims.
Of course, there are other services out there and some are free. Just do a Google search for Privacy Policy generator.
As always, if you need help implementing this or any other service or feature, don’t hesitate to let us know. We’ll be happy to take care of it for you.
Written by Web Developer Kerry Wolfe