What is A Privacy Policy?

Have you been planning to write a privacy policy for your business but don’t know where to start?

Are you operating a website or mobile app that collects any information from visitors?

Do you need to inform clients about data collection?

Great. This post will surely be of great help in determining the importance of creating a Privacy Policy.

Most people have heard the term “privacy policy” thrown around or have seen it on services or websites they use. But what many people don’t realize is that creating a privacy policy is just as important for businesses as it is for consumers.

No matter how a company wants to operate, whether through a website or mobile app, it is important to always consider a privacy policy. A privacy policy is a statement that shows how an organization handles customers’ personal information such as name, address, and phone number. It can be one of the most important documents that a business creates for its customers. Without privacy laws evolving at a rapid pace these days, many businesses could end up violating federal, state, or even international laws if they do not maintain a privacy policy on their website or app.

The importance of a privacy policy varies from one state or country to another depending on local laws. To determine if your business needs to adhere to these laws usually depends on a couple of things. First, whether or not you are offering goods or services to people who live in that area. If either of these two things applies to you, then the safe answer is likely that you should have a privacy policy in place for your business.

Whatever the state or country, there is always a need to consider having a privacy policy when doing business online. The data that you are collecting on your website or app can determine the specific points that your privacy policy will need to address. It is generally a good idea to have a privacy policy in place for your website or app simply to prevent any future issues that may arise with customers or new laws that are passed in your state or country. It is also just good business to let your customers know how you are handling their data.

Data Collected

The data you collect on your website can vary depending on the goals of your website. Common types of data collection on a website that you may not always think about can include basic information such as name, address, e-mail address, IP address, and device identifiers. These are collected through a simple contact form on a website, an ecommerce checkout, or even by using Google Analytics on your website.

Tired of repeatedly seeing cookie acceptance popups on some websites? The truth is, some sites use cookies to collect information from clients. These are used to help track the visitor’s usage and access preferences on the services offered by the website.

Aside from this, there is also information that is automatically collected such as log-in information, usage information, and even location information. Note that this information is automatically collected and stored.

All data collected depends on which services are used and authorized by the user. These are mainly used for the improvement of specific products and services offered by the website. These are also used to easily communicate with the clients.

Promotion of Safety and Security

Is information collected safely?

In doing business, the safety and security of all collected information from the customers should be put into priority. When customers visit a business, one of the things they expect is that their privacy will be respected. This means that the business will not collect personal information from them without their consent and will not sell or give it away to other business or organizations.

Note that a privacy policy is just a document. Your customers are allowed to know how their data is used and handled. It does not necessarily process or protect anything. However, it lets your customers know that you are being responsible with their data and have a public document stating exactly how it is being handled.

PRIVACY POLICY AS REQUIRED BY LAW

There are many different laws and requirements regarding customer data and privacy policies based on the location of your business. Currently, there is no federal law in the US dictating the requirement of a privacy policy for your business. However, there are a number of state laws that have been passed and more states are following this trend every year. California, Virginia, and Colorado have state laws in place already and Utah has just passed one that will go into effect in 2023.

If we look at the state of California as an example, if a business attracts customers that reside in the state, then a privacy policy is required by CCPA and CaloPPA.

California Consumer Privacy Act, also known as CCPA which took effect in January 2020, gives consumers more control over the personal information that businesses collect from them. It applies to any business that impacts people in California. This law also provides the consumers four (4) different rights, namely:

(1)   Right to know about the information collected from them,

(2)   Right to delete information collected from them,

(3)   Right to opt-out from selling their personal information, and

(4)   Right to non-discrimination in the exercise of the CCPA rights.

On the other hand, California Online Privacy Protection Act or CaloPPA, currently considered the broadest privacy law in the US, was created to protect the rights and personal information of all California residents.

Similarly, if the website visitors include those coming from Europe, then the said site is required by the GDPR to have a privacy policy. The General Data Protection Regulation (GDPR) is a European Union’s data protection law that mandates how personal data should be used by the organization. Seven (7) key principles of this law are set out right at the start. These are the fundamental building blocks for good data protection practice. Failure to comply with these principles may result in a substantial fine stated in Article 83 (5) (a). These principles are as follows:

(1)   Lawfulness, fairness, and transparency

(2)   Purpose limitation

(3)   Data minimization

(4)   Accuracy

(5)   Storage limitation

(6)   Integrity and confidentiality, and

(7)   Accountability

Also as stated earlier, Utah has just passed one law last March 25, 2022 that will go into effect in December 31, 2023. The Utah Consumer Privacy Act is intended to protect collected data and information from the Utah residents and from businesses that operates in the said state or those business whose target customers are located in Utah.

CUSTOMERS EXPECTATION

Of course, customers expect honesty and transparency. People indeed want to be always in control of their information which is why displaying privacy policy on the site is very important. Showing them how the site handles personal information can help them trust the business even more. Just make sure to always create a clear, concise, and transparent privacy policy for the clients.

REQUIRED BY THIRD-PARTY SERVICES

This reason may not apply to all sites but famous and well-known services such as Google Ads, Facebook, and Apple uses third-party services. The top priority of this kind of service is to ensure compliance with any international laws while storing cookies as the client uses them.

If you are planning on using third-party services with your website or app, make sure to first check their privacy policy requirements.

BRAND PERSONALITY

The privacy policy can also showcase brand personality. If your brand identify fits the script, then this would be a great opportunity to connect with your customers using your unique voice. For example, adding humor and wit to your privacy policy comply with laws and also gain customer trust and loyalty.

An example, take a look at the privacy policy of Tumblr. Tumblr uses a creative approach to catch your attention and let you know that a real person has put some thought into this privacy policy.

         “Tumblr may determine your location by using drone technology and live video feeds.  Ha ha, no, we just check out your IP address or any location data you attach to a post. Normal stuff.”

Witty right? Aside from using wit and humor, there are some companies that showcases their privacy policy by creating video clips. Take for example the UK’s Information Commissioner’s Office (ICO).

The ICO is a non-departmental public body that reports directly to the Parliament of the United Kingdom. It deals with Data Protection Act 2018, the General Data Protection Regulation and other Data Privacy related acts in the UK.

Being one in authority to uphold information rights, the ICO created their privacy policy through a less than two-minute video clip which you can check through https://ico.org.uk/global/privacy-notice/.

PRIVACY POLICY GENERATORS

Reading all the information given and discussed above could get one excited to create a privacy policy for their business. There are many privacy policy services available online but choosing the right one for your business is important.

One example of a privacy policy generator that we strongly recommend is Termageddon. Termageddon is the longest-running Privacy Policy Generator. The company is founded and run by a licensed privacy attorney who also serves as the Chairman of the American Bar Association – ePrivacy Committee. This generator helps the business monitor privacy laws and keep the privacy policy always up to date.

Aside from this, Termageddon updates itself and keeps your privacy policy up to date. The updates are specific to your website and the information you originally provided to the generator. This generator handles everything including the hard parts. There is no need for worry since all team members of Termageddon stay on top of the privacy laws so you don’t have to

A privacy policy is very important for any business operating online and collecting data. It is one of the first things that clients look for when using a site and is becoming a legal requirement in more states each year. Having a privacy policy can not only keep your business compliant with ever-changing laws but can also attract more customers.

Need some help in creating your privacy policy? Check out Termaggedon to see more of what this privacy policy generator can do for you or email us for more information. We would be very happy to help you with this one.