Here are 10 quick frequently asked questions about privacy policy pages on websites.
Does my website really need a Privacy Policy?
Yes. Since you are collecting personal information (e.g. name and email on your contact form), you are required to have a Privacy Policy. Currently, the following laws require Privacy Policies for most websites:
General Data Protection Regulation (GDPR);
UK Data Protection Act 2018;
California Online Privacy and Protection Act of 2003 (CalOPPA);
California Privacy Protection Act (CCPA);
Personal Information Protection and Electronic Documents Act (PIPEDA);
Delaware Online Privacy and Protection Act (DOPPA);
Nevada Revised Statutes Chapter 603A;
There are also about a dozen other states that are proposing their own privacy laws that would require most businesses to have a Privacy Policy and would affect how that Privacy Policy is written, requiring you to make changes on a pretty regular basis.
Can I write these policies myself?
While technically you could write these policies yourself, we do not recommend that you do so. There are a lot of laws, cases and legal opinions on how to write these policies correctly. If you have not spent years studying law and cases, it is very likely that the policy you write would be incomplete, incorrect and non-compliant. Also, there are currently a lot of new privacy laws that are being proposed and passed, meaning that you’d have to constantly stay up to date with these laws and amend your Privacy Policy yourself every time. This would take a lot of time and effort on your part and would take you away from your actual business.
Can I ask my attorney to write these policies for me?
If you have a data privacy attorney on staff, you should definitely ask him or her to write this up for you. Just as a heads up, if you want to ask your outside attorney to draft these for you, that’s a great idea but it may be a bit pricey. Also, lawyers that do not work in the privacy field often use Termageddon solutions for their Privacy Policies so that’s something to think about as well.
Is my business too small for anyone to care about this?
Some of the laws that are being proposed or passed do not limit enforcement and liability to large companies only so your small business could be liable as well. Also, consumers do not distinguish between small and large businesses when it comes to protecting their privacy and are less likely to buy from companies that do not respect their privacy.
Why is the privacy policy service a recurring fee?
We use Termageddon and it charges a yearly fee for this service because it automatically updates your policies whenever the law changes. Over the last year, two new privacy laws went into effect in the US - California and Nevada and we have seen some changes in the United Kingdom as well. Also, there are about a dozen other states that are proposing new privacy laws as well. Termageddon charges a yearly fee because that’s a lot of research, studying and changes to your Privacy Policy that they undertake for you.
Can I just copy and paste someone else’s Privacy Policy?
You could try and copy and paste someone else’s Privacy Policy, rewrite it to fit your website and then paste it onto your website. However, by doing so, you’d be committing copyright infringement, which could get you sued. Also, you don’t know whether that policy is compliant with the current laws and it won’t auto-update for you, meaning that you’ll have to keep track of the changes to the law which are increasing.
Having us generate a policy for you is much easier, less time consuming and safer.
Can I use a template?
Using a template that you found online is definitely tempting, especially since there are so many free ones out there. However, when you use a template, you can’t be sure who wrote it so you don’t know whether it’s correct or even compliant with the legal requirements. Also, a template does not automatically update, meaning that you’ll have to keep track of all of the constantly changing laws, which I’m going to guess is something that you don’t have time for.
How do I know if I’m collecting personal information on my website?
You are collecting personal information on your website if you have a contact form that asks for the user’s name, email, or phone number. Also, you’re collecting personal information if you ask for the user’s email to sign them up for an email newsletter.
My site is pretty secure, does that mean that I don’t need to have a Privacy Policy?
While having a secure site is awesome, it’s not related to the need to have a Privacy Policy. You need to have a Privacy Policy if you collect personal information on your website, regardless of how secure that personal information is once it’s given to you.
There’s currently no privacy laws in my state, does that mean that I don’t need a Privacy Policy?
The laws that are in place and that are proposed protect the residents of that state, not the businesses. As you know, people from California aren’t just going to websites of businesses located in California, they go to websites all over the United States. This means that you need a Privacy Policy if you collect personal information on your website, regardless of where you are physically located.