Website Privacy Policies

What is a Privacy Policy, and do I really need one?

A Privacy Policy helps website owners comply with privacy laws by providing specific disclosure requirements such as how their website collects, uses, and discloses personally identifiable information as well as all the disclosures required by the privacy laws that apply to you.

A comprehensive Privacy Policy is required to comply with privacy laws

Today’s modern websites are built to provide a great user experience and motivate prospective customers to reach out and inquire about what you have to offer. This is done through the use of tools such as contact forms, website analytics, and more.

 

Contact forms ask users to submit their ‘name’ and ‘email’, which are examples of personally identifiable information. When a website uses analytics, it collects each visitor’s IP address and shares that personally identifiable information with third-party data analytics providers. These are just a few examples of the many ways websites collect and share personally identifiable information.

Penalties for non-compliance

The collection of personally identifiable information is regulated under multiple privacy laws. For example, in the US, there are numerous state privacy laws that can apply to businesses, regardless of their location, and fines for non-compliance start at $2,500 per “infringement” (per website visitor). Each of these privacy laws has specific disclosure requirements that have to be added to your Privacy Policy to be compliant.

It’s also important to note that privacy laws in other countries could apply to you if you collect the personal information of, do business with, or provide services to residents of those countries.

 

On top of that, over two dozen privacy bills have been proposed on a state-level, each with their own unique disclosure requirements and penalties for not complying. If passed, some of these bills would enable citizens to sue businesses (of any size or location) for collecting their personally identifiable information without an up to date and compliant Privacy Policy. Due to the ever-changing nature of privacy laws, we recommend that you not only have a comprehensive Privacy Policy in place but that you also develop a strategy to keep your policies up to date when these laws are amended or when new laws are implemented.

Google requires your website to have a Privacy Policy

Outside of the legal requirements, Privacy Policies are required to use popular third-party tools. For example, a website utilizing Google Analytics is required by Google to have a Privacy Policy. You can find this requirement within section 7 of Google’s Terms of Service.

Google has also recently announced that it is requiring all websites using AdSense to have a cookie consent banner since AdSense uses cookies and collects personally identifiable information, which is regulated under multiple privacy laws. Google now requires it to ensure that websites using AdSense comply with those laws.