Privacy Policy? Why Your Website Needs a Privacy Policy
If you have a website, blog, or mobile app, you need a privacy policy. Privacy policies explain what data you collect from your users or visitors, how you use that information, and what steps you take to protect that information.
Reasons Why Your Website Needs a Privacy Policy
Federal Law
In the United States, there is no single comprehensive federal law regulating the collection and use of personal data. The U.S. has a patchwork system of federal and state laws and regulations that sometimes overlap and sometimes even contradict each other. In addition, there are also many guidelines or “best practices” created by various agencies and industry groups that are not enforced, but are considered self-regulatory frameworks.
Some of the most prominent federal privacy laws include:
- The Federal Trade Commission Act. This is a federal consumer protection law that prohibits unfair and deceptive practices and has been applied to offline and online privacy and data security policies. The FTC is also the primary enforcer of COPPA – the Children’s Online Privacy Protection Act – which applies to the online collection of information from children.
- The Financial Services Modernization Act. This regulates the collection, use and disclosure of financial information. It applies broadly to financial institutions and to other businesses that provide financial services and products.
- The Health Insurance Portability and Accountability Act. HIPAA regulates medical information. It applies broadly to health care providers, data processors, pharmacies and other entities that come into contact with medical information.
- The Fair Credit Reporting Act. This applies to consumer reporting agencies – lenders and credit card companies.
- The Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) The CAN-SPAM act regulates the use of e-mail addresses. There was another Act that also regulated the use of phone numbers.
- The Electronic Communications Privacy Act and the Computer Fraud and Abuse Act. These two regulations govern the interception of electronic communication and hacking.
If you collect, store, or share personal data like emails, names, or payment information, you need to explain what you plan to do with your visitors’ and/or customers’ personal data.
State Laws
There are many laws at the state level that regulate the collection and use of personal data. Most states have enacted some form of privacy legislation. California leads the way in the privacy arena, with multiple privacy laws, some of which have national reach.
Build Trust
Privacy policies can build trust. To build trust even faster, make your privacy policy comply with the new EU GDPR requirements. Create a privacy policy that is obvious, transparent, and clearly written.
Provide Peace of Mind
Privacy policies should provide peace of mind because they explain clearly what you plan on doing with their personally identifiable information.
Improve Credibility
Adding a privacy policy link in the footer of every page of your website adds credibility and professionalism. Conversely, NOT having a privacy policy may raise a red flag and chase potential customers away. Now that privacy policies are required by EU’s GDPR, this is more important than ever.
Fulfill Third-Party Requirements
Many third-party programs that are part of websites – Google Analytics, Ad Networks, CRM systems, ECommerce Tools – actually already require users to display a privacy policy. As an example, read section 7. Privacy of Google Analytics Terms of Service.
The European Union’s General Data Protection Regulation (GDPR)
The European Union’s new GDPR regulation – in full enforcement on May 25, 2018 – safeguards the personal data of individuals in the EU. What is interesting about this regulation is that even though it’s EU-based, it applies broadly to any online entity that may have, either now or in the future, a visitor from the European Union.
Leave a Reply
Want to join the discussion?Feel free to contribute!