What is a Privacy Policy
A Privacy Policy helps website owners comply with privacy laws by providing specific disclosure requirements such as how their website collects, uses, and discloses personal data and the disclosures required by the laws that apply to you
A comprehensive Privacy Policy is required to comply with privacy laws
Today’s modern websites are built to provide a great user experience and motivate prospective customers to reach out and inquire about what you have to offer. This is done through the use of tools such as contact forms, website analytics, and more.
Contact forms ask users to submit their ‘name’ and ‘email’, which are examples of personal data. When a website uses analytics, it collects each visitor’s IP address and shares that personal data with third-party data analytics providers. These are just a few examples of the many ways websites collect and share personal data.
The collection of personal data is regulated under multiple privacy laws. For example, a privacy law is in place to protect the personal data of UK residents with fines up to about £18 million or 4% of annual global turnover, whichever is greater. This privacy law (the UK Data Protection Act) requires websites to provide a Privacy Policy with specific disclosures. Privacy laws protect citizens of a specific country (or state or province), and can apply to businesses regardless of their location.
On top of that, new privacy laws are being proposed throughout the world, with several
countries proposing multiple laws to protect their citizens. Due to the ever-changing nature of privacy laws, I recommend that you not only have a comprehensive Privacy Policy in place but that you also develop a strategy to keep your policy up to date when these laws are amended or when new laws are implemented.
It’s important to also note that laws outside of the UK can apply to your business as well if you do business, collect the personal information, or provide services to residents in other countries with privacy laws.
Google requires your website to have a Privacy Policy
A website utilising Google Analytics is required by Google to have a Privacy Policy. You can find this requirement within section 7 of Google’s Terms of Service: https://marketingplatform.google.com/about/analytics/terms/us/
Google has also recently announced that it is requiring all websites using AdSense to have a cookie consent banner since AdSense uses cookies and collects personally identifiable information, which is regulated under multiple privacy laws. Google is now required to ensure that websites using AdSense comply with those laws.
What is a Terms of Service Agreement
A Terms of Service Agreement limits the liability of businesses by stating the rules to using the website. When a website offers links to third-party websites, a Terms of Service can help explain to users that the business is not responsible if a user clicks those links. So, if a third-party link brings a user to a hacked website, the Terms of Service disclosure can help prevent you from being sued.
A Terms of Service agreement can also help you comply with consumer protection laws and reduce the likelihood of investigation by the authorities for violation of these laws. The UK has a stringent consumer protection law that requires specific disclosures to be made. Failing to make these disclosures could open you up to liability that could have been avoided with a comprehensive Terms of Service agreement.
There are many additional disclosures that a Terms of Service can make, but these two are the most popular and are easy ways to protect your website and your business.
What is a Cookie Policy and cookie consent banner?
Cookies are little snippets of code that get inserted into the user’s browser and device when visiting a website. They can help ensure a website properly functions (aka essential and functional cookies). They can also track website visitors for analytics and advertising purposes (aka marketing cookies).
Several privacy laws, including the UK Data Protection Act and e-privacy directive, require users to provide consent prior to implementing non-essential cookies on their browsers.
This is commonly done through a cookie consent banner, which will ask your website visitors to choose their consent settings. It is important to identify what privacy laws apply to you, and determine if you are required to provide a cookie consent solution on your website along with a Cookie Policy further describing the purpose of each cookie.
How to get a Privacy Policy and Terms of Service for your website
If you have the budget, I recommend hiring a solicitor who focuses on privacy law to write your website policies, monitor privacy laws, and update your policies when the laws change or when new laws go into effect. If you do not have the budget to hire a privacy solicitor for your website policies, I recommend using Termageddon.
Termageddon is a comprehensive website policies generator and will update your website policies when privacy laws change or new laws go into effect, helping you stay compliant and avoid privacy related fines and lawsuits, and they do it at a fraction of the cost of a solicitor. Although Termageddon is a technology company (not a legal services provider), it was founded by a privacy and contracts solicitor and the tool has been recognised as a trusted tech vendor by the largest international privacy organisation in the world (iapp.org).
If Termageddon sounds like a good solution for your business, the license costs $119/year (~£93.58/yr including VAT), and I charge a one-time setup fee of £100 + VAT to create the policy pages. If you would like to waive the one-time setup, you can complete the form yourself and I will simply insert/test the code, which is included in your website build.
You will have full access to your policies with your own Termageddon account, and you will be notified via email when new laws go into effect and when your policies are being updated or when new disclosures require additional questions that need to be answered.
There are of course plenty of free and paid terms generators. I do an Ecosia search if you're wanting to go another route.