iyop icon

Does My Website Need a Privacy Policy?

With your host, Kyle Van Deusen

Improve Your Online Presence
Improve Your Online Presence
Does My Website Need a Privacy Policy?

In This Episode...

As a website owner you can be held legally liable for the information you collect. Ensure you have acquitted protection by getting familiar with the basics.

Show Transcript

Today we are going to be talking about data privacy and the role you play as someone who owns a website. 

The fact of the matter is, at least at this point in time, the way the law sits— if you own a website, you are almost certainly obligated to have some sort of privacy policy that goes along with it. 

A lot of this has come about because of the nefarious ways businesses have decided to use our information. Even though you might not think about it on a daily basis, you’re giving companies a ton of your private information every day. 

Now, most of this is voluntary and you might be entering your name or your address to buy something or even your telephone number just thinking into use for those purposes. But unless you read all the fine print, there’s no telling what people are going to do with your data. 

That’s why a lot of times you’ll have the little I agree box or here’s the link to our privacy policy. Even though we don’t read those things, those are legally binding contracts that are telling you what people can do with your information. 

So if you have a website, you actually need to have a privacy policy if you’re collecting any personally identifiable information on your visitors. 

The reason I say most businesses need one of these is because if you have as little as a contact form something that just says, “Hey, give me your name and email address and send me a message” that constitutes collecting people’s personally identifiable information. You have to disclose exactly how you’re going to use that. 

A while back, I was searching for a solution for my customers through my agency.

Obviously I should preface this entire thing by telling you I am not an attorney and I don’t give legal advice to people on the show, nor do I give legal advice to my customers, but I do want to give them the best advice I can and at least point them to the right people. 

There’s some online privacy policy generators that will help you get a privacy policy set up for your website. They all have some pros and cons, but I actually found one based out of Chicago that I really like and lucky enough they’re very involved in the WordPress community and the agency community and I’ve got to meet the folks in person. They’re really good people and I’ve partnered my agency with them for them to help provide privacy policies and disclaimers and terms and conditions and those kinds of legal documents for my customers.

They actually introduced a program called a Data Privacy Certified Agency Partner. In order to become a data privacy certified agency partner, you have to go through a test that tests your basic knowledge about data privacy online so you can have that conversation with your clients. 

I took the test, it’s 12 questions long you had to answer, you have to get 10 of them right to pass. I got all 12, so a hundred percent good marks, but I thought it would be a good idea to go through these questions and explain the answers to you. So you know as a business owner what you’re liable for. 

I’m going to breeze through this quiz here, read out the questions to you and then give you my answers to these. 

A privacy policy discloses to its users what information a website collects with whom that information is shared and what is done with that information?

And that is true. That’s exactly what the purpose of the privacy policy is. It just lets visitors know what information you’re collecting, who you’re going to share that information with, and then what you do with that information. So in most cases, if it’s just a contact form on your website, your privacy policy basically says I collect your name, email, phone number, whatever you collect, I don’t share it with anybody and I just use it to be able to communicate with you. 

Individual States are proposing privacy laws to protect the personally identifiable information of its citizens.

That’s true. Unfortunately there is not a federal guidance on how all this works. The government’s slow to get around to these things and other countries, European countries, have been ahead of the curve of us on this.

What it’s left the United States doing is letting each state fend for itself. Individual States are proposing privacy laws. Some States already have some into effect, some are in the proposal process right now and going through their own legislature. 

But yes, it’s all done on an individual, state by state basis. 

Examples of personally identifiable information, our name and email, which are often found on contact forms.

 And yes, that is true. We’ve already gone through that. So those are a couple examples of personally identifiable information. But of course if you’re collecting somebody’s driver’s license number, social security number, credit card number, that’s also  personally identifiable information. 

State specific privacy laws only apply to businesses within that state.

And this is actually false. The way the States are writing these policies, these laws for their own state is that it’s to protect the citizens of their State. When they’re writing a law that says you have to have this privacy policy, it’s not saying if your business is based in our state, it’s saying if people from our state can use your website. 

For example if you’re a local business, a restaurant that’s in Texas, chances are you don’t have a lot of customers coming from Illinois. But the truth is they could. And if they do go on your website and fill in that form and you don’t have the privacy policy that’s applicable to their state, you can actually be held liable for that. So what gets really confusing about this is your business based here in Texas, let’s say, has to actually comply with a lot of laws from all different States across the country.

That’s why partnering with Termageddon, which is the company I use, they take care of all that for you so you don’t have to stay on top of those laws. 

Several States are proposing private right of action meaning its citizens will be able to sue businesses regardless of location for having a contact form without a compliant privacy policy. 

This is absolutely true. So again, this goes back to each individual state proposing their own laws. Some States are making it where citizens of that state can actually sue businesses in or outside of the state if they don’t have a privacy policy. And some of these fines are very, very hefty. We’re talking, thousands of dollars per infraction. So if you think about everybody who visits your website, if they all wanted to file a lawsuit against you that could be devastating to somebody’s business.

Which of these websites needs a privacy policy? 

  1. An eCommerce site where its users can make purchases
  2. A website that has a contact form, 
  3. A website that has an email newsletter sign up form
  4. D website that has Google analytics installed.
  5. All of the above. 

It is E all of the above. 

Even having Google analytics installed on your website that installs cookies on people’s browser. So it does technically get some personally identifiable information from them. Now it’s up for debate, exactly how personally identifiable all those things are. But yes, having Google analytics installed does require you to have a privacy policy. 

Businesses with contact forms that receive inquiries across state lines will need to comply with each state specific privacy law to avoid fines and lawsuits.

Again, that is true. We’ve already talked about the fact that you have to follow each individual state’s laws. 

A cookie policy can be disclosed in a privacy policy. 

So cookie policy, we touched on cookies a second ago. Basically that’s a little bit of information a website will put into a visitor’s browser so they can track what they’re doing on their website. Yes, that that is true, they can be disclosed inside the privacy policy. 

Websites that have links to Facebook, Twitter or any other third party website should have a terms of service because it will help protect the website owner in case a user gets a virus from one of those party websites.

That is true. So basically if your website links out to any other website, I think Facebook and Twitter were just put in here and mentioned because so many people have social media links on their websites, but if your website links to any third party website, you really do need to have a terms of service document which will protect you from anything that happens when somebody goes to one of those sites.

Let’s say somebody is on your website, clicks the link, it takes them to another website and their computer gets infected with the virus. The terms of service is going to help keep you from being liable for that happening. 

Terms and conditions, terms of service and terms of use all mean the same thing. 

That is true. It’s semantics. They’re all basically the same thing. Terms of use, terms of service and terms and conditions all mean the same thing. 

Which of these websites needs a disclaimer?

  1. A website that participates in affiliate programs
  2. A website that advertises third party products or services. 
  3. A website that sells or displays health products 
  4. A website that provides health or fitness advice
  5. A website that provides information that could be seen as legal advice
  6. All of the above. 

All of the above is the correct answer. So we didn’t talk a whole lot about disclaimers yet, but disclaimer pretty much just lets people know that things like in this example.. If you’re participating in affiliate programs or you’re advertising third party products. Some of these things like fitness or health, there’s disclaimers about you actually giving medical advice. So you have to make sure that you have those disclaimers in place.

If your client has questions about website policies, you can connect them with the Termageddon team and they will help you answer the questions. 

So this is a little bit of a funny question, but yes, a Termageddon is the company that I use to handle my privacy policy, my terms and conditions and the disclaimer on my website.

I’ve been really happy with their service. I’ve been recommending it to clients for quite a while and my clients have seen really good results from it and at least I know that they’re protected. 

And that’s something that’s really important. You’ve put so much money and time and effort into your business. It would be a shame to have somebody in another state just happened to see that you don’t have a privacy policy and file a lawsuit against you. While that seems farfetched, we know how litigation happy people can be. So it’s very important to make sure you have the right policies in place. 

Of course, if you have any questions about these policies, I am a certified data privacy partner so I can definitely help answer those questions for you. I’ll leave links to Termageddon in here. You can sign up with them directly or you can actually contact me and I can help you get signed up.

Either one of us would be glad to walk you through the onboarding process and get you all set up and get the policy embedded on your website. 

Hopefully you found this interesting and you know a little bit more about the privacy laws and what you’re responsible for. Now, again, if you have any questions, you can email me at [email protected] and if you have any more questions about digital marketing or improving your online presence, you can shoot me an email and I will be glad to include it on a future episode.


Kyle Van Deusen

For the past 15 years I have helped businesses like yours increase their online presence through powerful websites that help you easily, effectively, and affordably grow your business.

2020 hoodie cut out no sides

Like What You're Hearing?

Subscribe today and get the latest episodes delivered to your inbox!

Signing up adds you to my personal email list. You can unsubscribe at any time, and I don't share your info. Here's my Privacy Policy.

Share This Show with Someone You Know:
Share on facebook
Share on twitter
Share on linkedin

iyop icon

Subscribe stay up to date

Signing up adds you to my personal email list. You can unsubscribe at any time. Here's our Privacy Policy (I don't share your info, ever).

kyle van deusen sm
Howdy! Nice to see you.

Leave me a message and your preferred contact method and I'll reply ASAP!

By supplying your email address you are agreeing that I can contact you now and in the future. Opt-out any time.