We always ask clients to provide content for a privacy policy when we’re building websites. Although some clients already have a website, they’re still surprised that we’re asking for this content.
Then comes the questions, ‘Why does my website need a privacy policy?’, or ‘What should the policy include’? First, all websites should have a policy, regardless of the products or services you offer, or even the industry that you’re in. Secondly, you should not use another website’s policy because the details of their policy may not apply to your business.
When you’re creating Facebook API keys for your website, your app will not be approved if you cannot verify that your site has a privacy policy. Even Google Analytics requires a privacy policy.
Why does a website need a privacy policy?
To help you understand the importance of a privacy policy for your website and common details you should include, check out our questions and answers below.
Q: Why does my website need a privacy policy?
A: If your website collects data to identify an individual, you’re legally required to have a privacy policy. The 1% that’s not collecting data such as no newsletter sign up, you still will need a policy in order to use common marketing tools. Besides, this is one of those ‘when in doubt’ situations. Including one on your website can save you legal hassles if you redesign your website and forget that you never created one, but now are collecting data.
Q: Does every page on my site need to link to the privacy policy?
A: No, that’s not necessary. However, I do recommend that you place the privacy policy link in the footer of your website along with your copyright info. That area is considered a global area of the site, and is dynamically included on every page. That way, it’ll be in a consistent location for people to click on it and go to your policy page.
Q: What information should I include in my privacy policy?
A: Keep in mind that states have different privacy laws. While some states data privacy is similar, California has the most unique laws governing individual data privacy.
So, what to include in your policy? Tell people what personal identifiable information (PII) you collect, what third parties you might share it with. And that you’ll let them know about future updates to your policy. For example, if you collect email addresses, you need to state what you do with them. Same thing goes for tracking visitors’ browser habits.
In addition to what the law requires, you should also stay informed about what some commercial advertising platforms requires as well. Especially if you’re using any such marketing tools.
Q: Do I need a lawyer to create my policy?
A: Short answer is no. There is no legal requirement that a lawyer be involved when writing your privacy policy, and most businesses don’t need to consult one. On the other hand, big brands that spend thousands of dollars monthly on various advertising and marketing strategies, have their own in-house counsel to advise them.
Q: When should I update my policy?
A: You need to update your policy when how you use PII has changed or if you make changes to the type of PII that you collect.
I hope you have a better understanding as to why your website needs a privacy policy. We include a privacy policy on every website that Envisager Studio builds. A standard privacy policy will suffice for most sites. However, if you’re working with data covered by HIPAA or international, you may need more than a standard policy.
About the Author
Leave a Reply