We’re all guilty of it.
While lazily ignoring the fine print is typical behavior for consumers, businesses can’t create those privacy policies with the same laissez-faire attitude.
Here’s the good news:
Read on to learn:
This post is for informational purposes and is not intended for legal use. If you want more information, please contact a legal advisor.
This personal data can include the user’s:
- Financial Information
- Social Security Number
- IP Addresses
Your policy should be easily accessible to visitors on every page of your website and mobile app. You can usually find it toward the bottom of the page.
Privacy policies are legally required if you collect personal data. It serves as protection for your company and users.
Third-Party services that require privacy policies include:
- Google Analytics, Google AdSense, and Google Play
- Apple App Store
- Advertising plug-ins
- Email newsletter services
If you do business around the country or world, your policy will have to take those regions’ laws into account. There are notable privacy laws worldwide, such as the Privacy Act of 1988 in Australia or the Personal Information Protection and Electronic Documents Act in Canada.
Here’s the good news:
Here are a couple that might affect your business.
CalOPPA in the United States
The specific standards of CalOPPA cover:
- How the website handles “Do Not Track” requests
- Information on the use of third parties who collect user data through the website
GDPR in the European Union
General Data Protection Regulation (GDPR) is a European Union (EU) data protection law for anyone who does business in EU countries.
- Processing data in an ethical manner
- Advising users of the eight rights they’re allotted under the GDPR
- Keeping data only as long as needed
For example, Google and YouTube will pay $170 million for violating children’s privacy laws and collecting information without parental consent. Google has also faced trouble in multiple countries, including the United Kingdom, France, and Spain.
Other companies, like Delta Airlines, went to court to challenge their fine for violating CalOPPA. Delta won its case, but many smaller companies don’t have the resources to fight such a battle.
- Your business name and contact information
- What data you collect
- How you collect data
- Why you collect data
- How users can opt-out
- How your data is shared with a third party
- How long you retain the data
- How you’ll protect the data you collect
- What the dispute resolution process is
- What will happen if your business transfers ownership
When describing how you use the information, it can be easy to overlook the obvious.
- Marketing purposes
- Improving content
- Notifying users of updates for your business
- Running analytics
- Advertising purposes
Children’s Online Privacy Protection Rule (COPPA)
- Research the specific requirements for your business depending on the audience, region, and third-party services used
- Familiarize yourself with policies from similar sites, but don’t plagiarize
- Draft a policy yourself or use a free generator or template on the internet
- Take the extra precaution of hiring a lawyer to look it over
As your business grows and evolves, likely so will your policy. Remember to update your policy frequently. If your policy is years out of date It won’t instill much confidence in new customers.
If you change the way you collect data or use a new service, update your plan. And even if you’re not making changes, it’s in your best interest to review your policy and update the date at least once a year.
Ready to create a website that’s secure for your customers? Check out Bluehost’s hosting packages today.